From aeb623e9f96605da09ce9a608cc0b018f2abf607 Mon Sep 17 00:00:00 2001 From: Rafael Date: Mon, 8 Jul 2024 20:07:32 -0300 Subject: [PATCH 001/149] Fix removed_packages length check (#10) --- socketsecurity/socketcli.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 40f228c..14dce8c 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -274,7 +274,7 @@ def main_code(): if len(diff.new_alerts) == 0 or disable_security_issue: new_security_comment = False log.debug("No new alerts or security issue comment disabled") - if (len(diff.new_packages) == 0 and diff.removed_packages == 0) or disable_overview: + if (len(diff.new_packages) == 0 and len(diff.removed_packages) == 0) or disable_overview: new_overview_comment = False log.debug("No new/removed packages or Dependency Overview comment disabled") log.debug(f"Adding comments for {scm_type}") From a71ec42597bcfc42f4b2fd4ad476a668a8f395ce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jul 2024 11:09:47 -0500 Subject: [PATCH 002/149] Bump certifi from 2024.6.2 to 2024.7.4 (#9) Bumps [certifi](https://github.com/certifi/python-certifi) from 2024.6.2 to 2024.7.4. - [Commits](https://github.com/certifi/python-certifi/compare/2024.06.02...2024.07.04) --- updated-dependencies: - dependency-name: certifi dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Pipfile.lock | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Pipfile.lock b/Pipfile.lock index 7f29426..ee638cf 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -26,11 +26,12 @@ }, "certifi": { "hashes": [ - "sha256:3cd43f1c6fa7dedc5899d69d3ad0398fd018ad1a17fba83ddaf78aa46c747516", - "sha256:ddc6c8ce995e6987e7faf5e3f1b02b302836a0e5d98ece18392cb1a36c72ad56" + "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b", + "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90" ], + "index": "pypi", "markers": "python_version >= '3.6'", - "version": "==2024.6.2" + "version": "==2024.7.4" }, "charset-normalizer": { "hashes": [ From b5a643c78d8fc790e89cc6a0a6e6944e706e92ab Mon Sep 17 00:00:00 2001 From: Douglas Date: Fri, 19 Jul 2024 20:30:16 -0700 Subject: [PATCH 003/149] Adding support to ignore what files have changed in the commit (#11) --- README.md | 3 ++- socketsecurity/__init__.py | 2 +- socketsecurity/socketcli.py | 10 +++++++++- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 6c3148d..8851403 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ The Socket Security CLI was created to enable integrations with other tools like socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr_number PR_NUMBER] [--commit_message COMMIT_MESSAGE] [--default_branch] [--target_path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE] [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--disable-overview] - [--disable-security-issue] [--files FILES] + [--disable-security-issue] [--files FILES] [--ignore-commit-files] ```` If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` @@ -36,3 +36,4 @@ If you don't want to provide the Socket API Token every time then you can use th | --disable-overview | | False | False | If enabled will disable Dependency Overview comments | | --disable-security-issue | | False | False | If enabled will disable Security Issue Comments | | --files | | False | | If provided in the format of `["file1", "file2"]` it will only look for those files and not glob the path | +| --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 85ab45a..d2d9ca1 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '0.0.95' +__version__ = '0.0.98' diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 14dce8c..25347c2 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -135,6 +135,13 @@ default="[]" ) +parser.add_argument( + '--ignore-commit-files', + help='Ignores only looking for changed files form the commit. Will find any supported manifest file type', + action='store_true', + default=False +) + def output_console_comments(diff_report) -> None: console_security_comment = Messages.create_console_security_alert_table(diff_report) @@ -187,6 +194,7 @@ def main_code(): enable_json = arguments.enable_json disable_overview = arguments.disable_overview disable_security_issue = arguments.disable_security_issue + ignore_commit_files = arguments.ignore_commit_files files = arguments.files log.info(f"Starting Socket Security Scan version {__version__}") api_token = os.getenv("SOCKET_SECURITY_API_KEY") or arguments.api_token @@ -211,7 +219,7 @@ def main_code(): committer = git_repo.committer if commit_message is None or commit_message == '': commit_message = git_repo.commit_message - if len(files) == 0: + if len(files) == 0 and not ignore_commit_files: files = git_repo.changed_files except InvalidGitRepositoryError: pass From c5444cb1b8dc1f3909c103f526810e7ed083ec90 Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 29 Jul 2024 12:05:44 -0700 Subject: [PATCH 004/149] Fixed the logic so that the check for new manifest files didn't override finding manifest files (#12) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 237 +++++++++++++++++--------------- socketsecurity/socketcli.py | 31 +++-- 3 files changed, 148 insertions(+), 122 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index d2d9ca1..7de442c 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '0.0.98' +__version__ = '0.0.99' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 0ffd18b..a7a5557 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,4 +1,6 @@ import logging +from pathlib import PurePath + import requests from urllib.parse import urlencode import base64 @@ -46,6 +48,74 @@ log = logging.getLogger("socketdev") log.addHandler(logging.NullHandler()) +socket_globs = { + "npm": { + "package.json": { + "pattern": "package.json" + }, + "package-lock.json": { + "pattern": "package-lock.json" + }, + "npm-shrinkwrap.json": { + "pattern": "npm-shrinkwrap.json" + }, + "yarn.lock": { + "pattern": "yarn.lock" + }, + "pnpm-lock.yaml": { + "pattern": "pnpm-lock.yaml" + }, + "pnpm-lock.yml": { + "pattern": "pnpm-lock.yml" + }, + "pnpm-workspace.yaml": { + "pattern": "pnpm-workspace.yaml" + }, + "pnpm-workspace.yml": { + "pattern": "pnpm-workspace.yml" + } + }, + "pypi": { + "pipfile": { + "pattern": "pipfile" + }, + "pyproject.toml": { + "pattern": "pyproject.toml" + }, + "requirements.txt": { + "pattern": "*requirements.txt" + }, + "requirements": { + "pattern": "requirements/*.txt" + }, + "requirements-*.txt": { + "pattern": "requirements-*.txt" + }, + "requirements_*.txt": { + "pattern": "requirements_*.txt" + }, + "requirements.frozen": { + "pattern": "requirements.frozen" + }, + "setup.py": { + "pattern": "setup.py" + } + }, + "golang": { + "go.mod": { + "pattern": "go.mod" + }, + "go.sum": { + "pattern": "go.sum" + } + }, + "java": { + "pom.xml": { + "pattern": "pom.xml" + } + } +} + def encode_key(token: str) -> None: """ @@ -287,125 +357,61 @@ def get_manifest_files(package: Package, packages: dict) -> str: return manifest_files @staticmethod - def create_sbom_output(diff: Diff) -> list: - sbom = [] - for package_id in diff.packages: - package: Package - package = diff.packages[package_id] - manifest_files = Core.get_manifest_files(package, diff.packages) - item = { - "id": package.id, - "license": package.license, - "license_text": package.license_text, - "manifestFiles": manifest_files, - "score": package.score, - "size": package.size, - "ecosystem": package.type, - "alerts": package.alerts, - "direct": package.direct, - "name": package.name, - "version": package.version, - "author": package.author, - "url": package.url - } - sbom.append(item) + def create_sbom_output(diff: Diff) -> dict: + base_path = f"orgs/{org_slug}/export/cdx" + path = f"{base_path}/{diff.id}" + result = do_request(path=path) + try: + sbom = result.json() + except Exception as error: + log.error(f"Unable to get CycloneDX Output for {diff.id}") + log.error(error) + sbom = {} return sbom @staticmethod - def find_files(path: str, new_files: list = None) -> list: + def match_supported_files(path: str, files: list) -> list: + matched = [] + for ecosystem in socket_globs: + patterns = socket_globs[ecosystem] + for file_name in patterns: + pattern = patterns[file_name]["pattern"] + # path_pattern = f"**/{pattern}" + for file in files: + if "\\" in file: + file = file.replace("\\", "/") + if PurePath(file).match(pattern): + matched.append(file) + return matched + + @staticmethod + def find_files(path: str, files: list = None) -> list: """ Globs the path for supported manifest files. Note: Might move the source to a JSON file :param path: Str - path to where the manifest files are located - :param new_files: + :param files: override finding the manifest files using the glob matcher :return: """ - socket_globs = { - "npm": { - "package.json": { - "pattern": "package.json" - }, - "package-lock.json": { - "pattern": "package-lock.json" - }, - "npm-shrinkwrap.json": { - "pattern": "npm-shrinkwrap.json" - }, - "yarn.lock": { - "pattern": "yarn.lock" - }, - "pnpm-lock.yaml": { - "pattern": "pnpm-lock.yaml" - }, - "pnpm-lock.yml": { - "pattern": "pnpm-lock.yml" - }, - "pnpm-workspace.yaml": { - "pattern": "pnpm-workspace.yaml" - }, - "pnpm-workspace.yml": { - "pattern": "pnpm-workspace.yml" - } - }, - "pypi": { - "pipfile": { - "pattern": "pipfile" - }, - "pyproject.toml": { - "pattern": "pyproject.toml" - }, - "requirements.txt": { - "pattern": "*requirements.txt" - }, - "requirements": { - "pattern": "requirements/*.txt" - }, - "requirements-*.txt": { - "pattern": "requirements-*.txt" - }, - "requirements_*.txt": { - "pattern": "requirements_*.txt" - }, - "requirements.frozen": { - "pattern": "requirements.frozen" - }, - "setup.py": { - "pattern": "setup.py" - } - }, - "golang": { - "go.mod": { - "pattern": "go.mod" - }, - "go.sum": { - "pattern": "go.sum" - } - }, - "java": { - "pom.xml": { - "pattern": "pom.xml" - } - } - } all_files = [] for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] file_path = f"{path}/**/{pattern}" - files = glob(file_path, recursive=True) + if files is None or len(files) == 0: + files = glob(file_path, recursive=True) + else: + files = Core.match_supported_files(path, files) for file in files: - if "/" in file: - _, base_name = file.rsplit("/", 1) - else: - base_name = file - if new_files is not None and len(new_files) > 0 and base_name not in new_files: - continue if platform.system() == "Windows": file = file.replace("\\", "/") + if path not in file: + file = f"{path}/{file}" found_path, file_name = file.rsplit("/", 1) details = (found_path, file_name) - all_files.append(details) + if details not in all_files: + all_files.append(details) return all_files @staticmethod @@ -480,7 +486,13 @@ def get_full_scan(full_scan_id: str) -> FullScan: return full_scan @staticmethod - def create_new_diff(path: str, params: FullScanParams, workspace: str, new_files: list = None) -> Diff: + def create_new_diff( + path: str, + params: FullScanParams, + workspace: str, + new_files: list = None, + no_change: bool = False + ) -> Diff: """ 1. Get the head full scan. If it isn't present because this repo doesn't exist yet return an Empty full scan. 2. Create a new Full scan for the current run @@ -490,9 +502,14 @@ def create_new_diff(path: str, params: FullScanParams, workspace: str, new_files :param params: FullScanParams - Query params for the Full Scan endpoint :param workspace: str - Path for workspace :param new_files: + :param no_change: :return: """ + if no_change: + return Diff() files = Core.find_files(path, new_files) + if files is None or len(files) == 0: + return Diff() try: head_full_scan_id = Core.get_head_scan_for_repo(params.repo) if head_full_scan_id is None or head_full_scan_id == "": @@ -505,17 +522,15 @@ def create_new_diff(path: str, params: FullScanParams, workspace: str, new_files log.info(f"Total time to get head full-scan {total_head_time: .2f}") except APIResourceNotFound: head_full_scan = [] - if files is not None and len(files) > 0: - new_scan_start = time.time() - new_full_scan = Core.create_full_scan(files, params, workspace) - new_full_scan.packages = Core.create_sbom_dict(new_full_scan.sbom_artifacts) - new_scan_end = time.time() - total_new_time = new_scan_end - new_scan_start - log.info(f"Total time to get new full-scan {total_new_time: .2f}") - diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan) - diff_report.packages = new_full_scan.packages - else: - diff_report = Diff() + new_scan_start = time.time() + new_full_scan = Core.create_full_scan(files, params, workspace) + new_full_scan.packages = Core.create_sbom_dict(new_full_scan.sbom_artifacts) + new_scan_end = time.time() + total_new_time = new_scan_end - new_scan_start + log.info(f"Total time to get new full-scan {total_new_time: .2f}") + diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan) + diff_report.packages = new_full_scan.packages + diff_report.id = new_full_scan.id return diff_report @staticmethod diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 25347c2..bf6bae6 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -143,8 +143,9 @@ ) -def output_console_comments(diff_report) -> None: +def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: console_security_comment = Messages.create_console_security_alert_table(diff_report) + save_sbom_file(diff_report, sbom_file_name) if len(diff_report.new_alerts) > 0: log.info("Security issues detected by Socket Security") log.info(console_security_comment) @@ -153,13 +154,18 @@ def output_console_comments(diff_report) -> None: log.info("No New Security issues detected by Socket Security") -def output_console_json(diff_report) -> None: +def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: console_security_comment = Messages.create_security_comment_json(diff_report) + save_sbom_file(diff_report, sbom_file_name) print(json.dumps(console_security_comment)) if len(diff_report.new_alerts) > 0: sys.exit(1) +def save_sbom_file(diff_report: Diff, sbom_file_name: str = None): + if diff_report is not None and sbom_file_name is not None: + Core.save_file(sbom_file_name, json.dumps(Core.create_sbom_output(diff_report))) + def cli(): try: main_code() @@ -200,6 +206,7 @@ def main_code(): api_token = os.getenv("SOCKET_SECURITY_API_KEY") or arguments.api_token try: files = json.loads(files) + is_repo = True except Exception as error: log.error(f"Unable to parse {files}") log.error(error) @@ -221,7 +228,9 @@ def main_code(): commit_message = git_repo.commit_message if len(files) == 0 and not ignore_commit_files: files = git_repo.changed_files + is_repo = True except InvalidGitRepositoryError: + is_repo = False pass # git_repo = None if repo is None: @@ -241,6 +250,10 @@ def main_code(): if scm is not None: default_branch = scm.is_default_branch + if is_repo and files is not None and len(files) == 0 and not ignore_commit_files: + no_change = True + else: + no_change = False base_api_url = os.getenv("BASE_API_URL") or None core = Core(token=api_token, request_timeout=6000, base_api_url=base_api_url) set_as_pending_head = False @@ -266,7 +279,7 @@ def main_code(): elif scm is not None and scm.check_event_type() != "comment": log.info("Push initiated flow") diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files) + diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files, no_change=no_change) if scm.check_event_type() == "diff": log.info("Starting comment logic for PR/MR event") log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") @@ -297,17 +310,17 @@ def main_code(): log.info("Not a PR/MR event no comment needed") if enable_json: log.debug("Outputting JSON Results") - output_console_json(diff) + output_console_json(diff, sbom_file) else: - output_console_comments(diff) + output_console_comments(diff, sbom_file) else: log.info("API Mode") diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files) + diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files, no_change=no_change) if enable_json: - output_console_json(diff) + output_console_json(diff, sbom_file) else: - output_console_comments(diff) + output_console_comments(diff, sbom_file) if diff is not None and license_mode: all_packages = {} for package_id in diff.packages: @@ -325,8 +338,6 @@ def main_code(): } all_packages[package_id] = output core.save_file(license_file, json.dumps(all_packages)) - if diff is not None and sbom_file is not None: - core.save_file(sbom_file, json.dumps(core.create_sbom_output(diff))) if __name__ == '__main__': From 0a048b3d2d67583151cad6521196211a87a14811 Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 29 Jul 2024 13:14:28 -0700 Subject: [PATCH 005/149] Added support for Warn & Monitor policy modes (#13) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 21 +++++--------------- socketsecurity/core/classes.py | 13 ++++++++++++- socketsecurity/core/messages.py | 34 +++++++++++++++++++++++++-------- socketsecurity/socketcli.py | 21 ++++++++++++++++---- 5 files changed, 61 insertions(+), 30 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 7de442c..1cf39e2 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '0.0.99' +__version__ = '1.0.0' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index a7a5557..742fa06 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -637,30 +637,16 @@ def compare_issue_alerts(new_scan_alerts: dict, head_scan_alerts: dict, alerts: if alert_key not in head_scan_alerts: new_alerts = new_scan_alerts[alert_key] for alert in new_alerts: - if Core.is_error(alert): + if alert.error or alert.warn: alerts.append(alert) else: new_alerts = new_scan_alerts[alert_key] head_alerts = head_scan_alerts[alert_key] for alert in new_alerts: - if alert not in head_alerts and Core.is_error(alert): + if alert not in head_alerts and (alert.error or alert.warn): alerts.append(alert) return alerts - @staticmethod - def is_error(alert: Alert): - """ - Compare the current alert against the Security Policy to determine if it should be included. Can be overridden - with all_new_alerts Global setting if desired to return all alerts and not just the error category from the - security policy. - :param alert: - :return: - """ - if all_new_alerts or (alert.type in security_policy and security_policy[alert.type]['action'] == "error"): - return True - else: - return False - @staticmethod def create_issue_alerts(package: Package, alerts: dict, packages: dict) -> dict: """ @@ -704,6 +690,9 @@ def create_issue_alerts(package: Package, alerts: dict, packages: dict) -> dict: purl=package.purl, url=package.url ) + if alert.type in security_policy: + action = security_policy[alert.type]['action'] + setattr(issue_alert, action, True) if issue_alert.key not in alerts: alerts[issue_alert.key] = [issue_alert] else: diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index 0bfffaf..a4f862f 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -140,7 +140,10 @@ class Issue: pkg_id: str props: dict key: str - is_error: bool + error: bool + warn: bool + ignore: bool + monitor: bool description: str title: str emoji: str @@ -162,6 +165,14 @@ def __init__(self, **kwargs): self.introduced_by = [] if not hasattr(self, "manifests"): self.manifests = "" + if not hasattr(self, "error"): + self.error = False + if not hasattr(self, "warn"): + self.warn = False + if not hasattr(self, "monitor"): + self.monitor = False + if not hasattr(self, "ignore"): + self.ignore = False def __str__(self): return json.dumps(self.__dict__) diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index e6cc98e..21a06a9 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -9,10 +9,13 @@ class Messages: @staticmethod def create_security_comment_json(diff: Diff) -> dict: + scan_failed = False if len(diff.new_alerts) == 0: - scan_failed = False - else: - scan_failed = True + for alert in diff.new_alerts: + alert: Issue + if alert.error: + scan_failed = True + break output = { "scan_failed": scan_failed, "new_alerts": [] @@ -22,7 +25,6 @@ def create_security_comment_json(diff: Diff) -> dict: output["new_alerts"].append(json.loads(str(alert))) return output - @staticmethod def security_comment_template(diff: Diff) -> str: """ @@ -130,7 +132,8 @@ def create_security_alert_table(diff: Diff, md: MdUtils) -> (MdUtils, list, dict "Alert", "Package", "Introduced by", - "Manifest File" + "Manifest File", + "CI" ] num_of_alert_columns = len(alert_table) next_steps = {} @@ -147,11 +150,16 @@ def create_security_alert_table(diff: Diff, md: MdUtils) -> (MdUtils, list, dict ignore_commands.append(ignore) manifest_str, sources = Messages.create_sources(alert, "console") purl_url = f"[{alert.purl}]({alert.url})" + if alert.error: + emoji = ':no_entry_sign:' + else: + emoji = ':warning:' row = [ alert.title, purl_url, ", ".join(sources), - manifest_str + manifest_str, + emoji ] if row not in alert_table: alert_table.extend(row) @@ -262,17 +270,27 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: "Alert", "Package", "Introduced by", - "Manifest File" + "Manifest File", + "CI Status" ] ) for alert in diff.new_alerts: alert: Issue manifest_str, sources = Messages.create_sources(alert, "console") + if alert.error: + state = "block" + elif alert.warn: + state = "warn" + elif alert.monitor: + state = "monitor" + else: + state = "ignore" row = [ alert.title, alert.url, ", ".join(sources), - manifest_str + manifest_str, + state ] alert_table.add_row(row) return alert_table diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index bf6bae6..a9e6dbf 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -1,7 +1,7 @@ import argparse import json from socketsecurity.core import Core, __version__ -from socketsecurity.core.classes import FullScanParams, Diff, Package +from socketsecurity.core.classes import FullScanParams, Diff, Package, Alert from socketsecurity.core.messages import Messages from socketsecurity.core.scm_comments import Comments from socketsecurity.core.git_interface import Git @@ -146,9 +146,10 @@ def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: console_security_comment = Messages.create_console_security_alert_table(diff_report) save_sbom_file(diff_report, sbom_file_name) - if len(diff_report.new_alerts) > 0: + if not report_pass(diff_report): log.info("Security issues detected by Socket Security") - log.info(console_security_comment) + msg = f"\n{console_security_comment}" + log.info(msg) sys.exit(1) else: log.info("No New Security issues detected by Socket Security") @@ -158,14 +159,26 @@ def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: console_security_comment = Messages.create_security_comment_json(diff_report) save_sbom_file(diff_report, sbom_file_name) print(json.dumps(console_security_comment)) - if len(diff_report.new_alerts) > 0: + if not report_pass(diff_report): sys.exit(1) +def report_pass(diff_report: Diff) -> bool: + report_passed = True + if len(diff_report.new_alerts) > 0: + for alert in diff_report.new_alerts: + alert: Alert + if report_passed and alert.error: + report_passed = False + break + return report_passed + + def save_sbom_file(diff_report: Diff, sbom_file_name: str = None): if diff_report is not None and sbom_file_name is not None: Core.save_file(sbom_file_name, json.dumps(Core.create_sbom_output(diff_report))) + def cli(): try: main_code() From fa4797bf963ba6f62c5d3550dafee7b160d10d9a Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 31 Jul 2024 14:52:00 -0700 Subject: [PATCH 006/149] Adding support pull request events (#14) --- .gitignore | 3 ++- socketsecurity/__init__.py | 2 +- socketsecurity/core/github.py | 14 ++++++++++++-- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 23f720f..a4d6257 100644 --- a/.gitignore +++ b/.gitignore @@ -17,4 +17,5 @@ markdown_overview_temp.md markdown_security_temp.md .DS_Store *.pyc -test.py \ No newline at end of file +test.py +*.cpython-312.pyc \ No newline at end of file diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 1cf39e2..4620aec 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.0' +__version__ = '1.0.1' diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py index 7460631..aab7f2e 100644 --- a/socketsecurity/core/github.py +++ b/socketsecurity/core/github.py @@ -24,6 +24,7 @@ global committer global gh_api_token global github_repository_owner +global event_action github_variables = [ "GITHUB_SHA", @@ -40,7 +41,8 @@ "GITHUB_ACTOR", "GITHUB_ENV", "GH_API_TOKEN", - "GITHUB_REPOSITORY_OWNER" + "GITHUB_REPOSITORY_OWNER", + "EVENT_ACTION" ] for env in github_variables: @@ -80,6 +82,7 @@ class Github: github_env: str api_token: str project_id: int + event_action: str def __init__(self): self.commit_sha = github_sha @@ -100,6 +103,7 @@ def __init__(self): self.github_env = github_env self.api_token = gh_api_token self.project_id = 0 + self.event_action = event_action if self.api_token is None: print("Unable to get Github API Token from GH_API_TOKEN") sys.exit(2) @@ -111,12 +115,18 @@ def check_event_type() -> str: event_type = "main" else: event_type = "diff" + elif github_event_name.lower() == "pull_request": + if event_action is not None and event_action != "" and event_action.lower() == "opened": + event_type = "diff" + else: + log.info(f"Pull Request Action {event_action} is not a supported type") + sys.exit(0) elif github_event_name.lower() == "issue_comment": event_type = "comment" else: event_type = None log.error(f"Unknown event type {github_event_name}") - sys.exit(1) + sys.exit(0) return event_type @staticmethod From 94a6520547bcb5cd9a42b0b527c7a636519c87fb Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 1 Aug 2024 20:40:55 -0700 Subject: [PATCH 007/149] Doug/fix pr comment issues (#15) * Fixed logic for ignoring alerts, diff logic, and consolidation of alerts * New version build * Additional fix for commenting logic --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 21 +++++++++++---- socketsecurity/core/github.py | 36 +++++++++++++++++++++++++ socketsecurity/core/messages.py | 30 ++++++++++++++------- socketsecurity/core/scm_comments.py | 41 +++++++++++++++++------------ socketsecurity/socketcli.py | 18 +++++++++---- 6 files changed, 111 insertions(+), 37 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 4620aec..d8f9300 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.1' +__version__ = '1.0.3' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 742fa06..5148d9b 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -548,11 +548,13 @@ def compare_sboms(new_scan: list, head_scan: list) -> Diff: head_packages = Core.create_sbom_dict(head_scan) new_scan_alerts = {} head_scan_alerts = {} - + consolidated = [] for package_id in new_packages: purl, package = Core.create_purl(package_id, new_packages) - if package_id not in head_packages and package.direct: + base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" + if package_id not in head_packages and package.direct and base_purl not in consolidated: diff.new_packages.append(purl) + consolidated.append(base_purl) new_scan_alerts = Core.create_issue_alerts(package, new_scan_alerts, new_packages) for package_id in head_packages: purl, package = Core.create_purl(package_id, head_packages) @@ -633,18 +635,27 @@ def compare_issue_alerts(new_scan_alerts: dict, head_scan_alerts: dict, alerts: :param alerts: List of new alerts that are only in the new Full Scan :return: """ + consolidated_alerts = [] for alert_key in new_scan_alerts: if alert_key not in head_scan_alerts: new_alerts = new_scan_alerts[alert_key] for alert in new_alerts: + alert: Issue + alert_str = f"{alert.purl},{alert.manifests},{alert.type}" if alert.error or alert.warn: - alerts.append(alert) + if alert_str not in consolidated_alerts: + alerts.append(alert) + consolidated_alerts.append(alert_str) else: new_alerts = new_scan_alerts[alert_key] head_alerts = head_scan_alerts[alert_key] for alert in new_alerts: - if alert not in head_alerts and (alert.error or alert.warn): - alerts.append(alert) + alert: Issue + alert_str = f"{alert.purl},{alert.manifests},{alert.type}" + if alert not in head_alerts and alert_str not in consolidated_alerts: + if alert.error or alert.warn: + alerts.append(alert) + consolidated_alerts.append(alert_str) return alerts @staticmethod diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py index aab7f2e..dd86f63 100644 --- a/socketsecurity/core/github.py +++ b/socketsecurity/core/github.py @@ -207,4 +207,40 @@ def remove_comment_alerts(comments: dict): if security_alert is not None: security_alert: Comment new_body = Comments.process_security_comment(security_alert, comments) + Github.handle_ignore_reactions(comments) Github.update_comment(new_body, str(security_alert.id)) + + @staticmethod + def handle_ignore_reactions(comments: dict) -> None: + for comment in comments["ignore"]: + comment: Comment + if "SocketSecurity ignore" in comment.body: + if not Github.comment_reaction_exists(comment.id): + Github.post_reaction(comment.id) + + @staticmethod + def post_reaction(comment_id: int) -> None: + repo = github_repository.rsplit("/", 1)[1] + path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}/reactions" + payload = { + "content": "+1" + } + payload = json.dumps(payload) + do_request(path, payload=payload, method="POST", headers=headers, base_url=github_api_url) + + @staticmethod + def comment_reaction_exists(comment_id: int) -> bool: + repo = github_repository.rsplit("/", 1)[1] + path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}/reactions" + response = do_request(path, headers=headers, base_url=github_api_url) + exists = False + try: + data = response.json() + for reaction in data: + content = reaction.get("content") + if content is not None and content == ":thumbsup:": + exists = True + except Exception as error: + log.error(f"Unable to get reaction for {comment_id} for PR {pr_number}") + log.error(error) + return exists diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 21a06a9..e5c26d8 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -148,7 +148,7 @@ def create_security_alert_table(diff: Diff, md: MdUtils) -> (MdUtils, list, dict ignore = f"`SocketSecurity ignore {alert.purl}`" if ignore not in ignore_commands: ignore_commands.append(ignore) - manifest_str, sources = Messages.create_sources(alert, "console") + manifest_str, source_str = Messages.create_sources(alert) purl_url = f"[{alert.purl}]({alert.url})" if alert.error: emoji = ':no_entry_sign:' @@ -157,7 +157,7 @@ def create_security_alert_table(diff: Diff, md: MdUtils) -> (MdUtils, list, dict row = [ alert.title, purl_url, - ", ".join(sources), + source_str, manifest_str, emoji ] @@ -269,6 +269,7 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: [ "Alert", "Package", + "url", "Introduced by", "Manifest File", "CI Status" @@ -276,7 +277,7 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: ) for alert in diff.new_alerts: alert: Issue - manifest_str, sources = Messages.create_sources(alert, "console") + manifest_str, source_str = Messages.create_sources(alert, "console") if alert.error: state = "block" elif alert.warn: @@ -287,8 +288,9 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: state = "ignore" row = [ alert.title, + alert.purl, alert.url, - ", ".join(sources), + source_str, manifest_str, state ] @@ -296,18 +298,28 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: return alert_table @staticmethod - def create_sources(alert: Issue, style="md") -> [str, list]: + def create_sources(alert: Issue, style="md") -> [str, str]: sources = [] manifests = [] for source, manifest in alert.introduced_by: - sources.append(source) if style == "md": - manifests.append(f"
  • {manifest}
    • ") + add_str = f"
  • {manifest}
    • " + source_str = f"
  • {source}
    • " else: - manifests.append(manifest) + add_str = f"{manifest};" + source_str = f"{source};" + if source_str not in sources: + sources.append(source_str) + if add_str not in manifests: + manifests.append(add_str) manifest_list = "".join(manifests) + source_list = "".join(sources) + source_list = source_list.rstrip(";") + manifest_list = manifest_list.rstrip(";") if style == "md": manifest_str = f"
      {manifest_list}
    " + sources_str = f"
      {source_list}
    " else: manifest_str = manifest_list - return manifest_str, sources + sources_str = source_list + return manifest_str, sources_str diff --git a/socketsecurity/core/scm_comments.py b/socketsecurity/core/scm_comments.py index 0038388..2bf6db8 100644 --- a/socketsecurity/core/scm_comments.py +++ b/socketsecurity/core/scm_comments.py @@ -31,12 +31,13 @@ def remove_alerts(comments: dict, new_alerts: list) -> list: if ignore_all: break else: - purl = f"{alert.pkg_name}, {alert.pkg_version}" - purl_star = f"{alert.pkg_name}, *" + full_name = f"{alert.pkg_type}/{alert.pkg_name}" + purl = (full_name, alert.pkg_version) + purl_star = (full_name, "*") if purl in ignore_commands or purl_star in ignore_commands: - print(f"Alerts for {alert.pkg_name}@{alert.pkg_version} ignored") + log.info(f"Alerts for {alert.pkg_name}@{alert.pkg_version} ignored") else: - print(f"Adding alert {alert.type} for {alert.pkg_name}@{alert.pkg_version}") + log.info(f"Adding alert {alert.type} for {alert.pkg_name}@{alert.pkg_version}") alerts.append(alert) return alerts @@ -49,16 +50,20 @@ def get_ignore_options(comments: dict) -> [bool, list]: comment: Comment first_line = comment.body_list[0] if not ignore_all and "SocketSecurity ignore" in first_line: - first_line = first_line.lstrip("@") - _, command = first_line.split("SocketSecurity ") - command = command.strip() - if command == "ignore-all": - ignore_all = True - else: - command = command.lstrip("ignore").strip() - name, version = command.split("@") - data = f"{name}, {version}" - ignore_commands.append(data) + try: + first_line = first_line.lstrip("@") + _, command = first_line.split("SocketSecurity ") + command = command.strip() + if command == "ignore-all": + ignore_all = True + else: + command = command.lstrip("ignore").strip() + name, version = command.split("@") + data = (name, version) + ignore_commands.append(data) + except Exception as error: + log.error(f"Unable to process ignore command for {comment}") + log.error(error) return ignore_all, ignore_commands @staticmethod @@ -71,7 +76,7 @@ def is_ignore(pkg_name: str, pkg_version: str, name: str, version: str) -> bool: @staticmethod def is_heading_line(line) -> bool: is_heading_line = True - if line != "|Alert|Package|Introduced by|Manifest File|" and ":---" not in line: + if line != "|Alert|Package|Introduced by|Manifest File|CI|" and ":---" not in line: is_heading_line = False return is_heading_line @@ -86,10 +91,12 @@ def process_security_comment(comment: Comment, comments) -> str: start = True lines.append(line) elif start and "end-socket-alerts-table" not in line and not Comments.is_heading_line(line) and line != '': - title, package, introduced_by, manifest = line.lstrip("|").rstrip("|").split("|") + title, package, introduced_by, manifest, ci = line.lstrip("|").rstrip("|").split("|") details, _ = package.split("](") ecosystem, details = details.split("/", 1) + ecosystem = ecosystem.lstrip("[") pkg_name, pkg_version = details.split("@") + pkg_name = f"{ecosystem}/{pkg_name}" ignore = False for name, version in ignore_commands: if ignore_all or Comments.is_ignore(pkg_name, pkg_version, name, version): @@ -114,7 +121,7 @@ def check_for_socket_comments(comments: dict): socket_comments["security"] = comment elif "socket-overview-comment-actions" in comment.body: socket_comments["overview"] = comment - elif "SocketSecurity ignore" in comment.body: + elif "SocketSecurity ignore".lower() in comment.body_list[0].lower(): if "ignore" not in socket_comments: socket_comments["ignore"] = [] socket_comments["ignore"].append(comment) diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index a9e6dbf..966ec78 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -5,7 +5,7 @@ from socketsecurity.core.messages import Messages from socketsecurity.core.scm_comments import Comments from socketsecurity.core.git_interface import Git -from git import InvalidGitRepositoryError +from git import InvalidGitRepositoryError, NoSuchPathError import os import sys import logging @@ -245,6 +245,8 @@ def main_code(): except InvalidGitRepositoryError: is_repo = False pass + except NoSuchPathError: + raise Exception(f"Unable to find path {target_path}") # git_repo = None if repo is None: log.info("Repo name needs to be set") @@ -306,11 +308,17 @@ def main_code(): new_security_comment = True new_overview_comment = True if len(diff.new_alerts) == 0 or disable_security_issue: - new_security_comment = False - log.debug("No new alerts or security issue comment disabled") + if security_comment is None or security_comment == "": + new_security_comment = False + log.debug("No new alerts or security issue comment disabled") + else: + log.debug("Updated security comment with no new alerts") if (len(diff.new_packages) == 0 and len(diff.removed_packages) == 0) or disable_overview: - new_overview_comment = False - log.debug("No new/removed packages or Dependency Overview comment disabled") + if overview_comment is None or overview_comment == "": + new_overview_comment = False + log.debug("No new/removed packages or Dependency Overview comment disabled") + else: + log.debug("Updated overview comment with no dependencies") log.debug(f"Adding comments for {scm_type}") scm.add_socket_comments( security_comment, From c926a55ed5473517adeffb2dd6037971ff8cf817 Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 5 Aug 2024 17:03:59 -0700 Subject: [PATCH 008/149] Doug/add non blocking mode (#16) * Add support to disable blocking with --disable-blocking * Fixed issue with support for no_change causing the scan to not run * Added full scan ID to results --- README.md | 1 + socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 8 ++++- socketsecurity/core/github.py | 2 +- socketsecurity/core/messages.py | 3 +- socketsecurity/socketcli.py | 62 ++++++++++++++++++++++++++------- 6 files changed, 61 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 8851403..3e3a7e1 100644 --- a/README.md +++ b/README.md @@ -37,3 +37,4 @@ If you don't want to provide the Socket API Token every time then you can use th | --disable-security-issue | | False | False | If enabled will disable Security Issue Comments | | --files | | False | | If provided in the format of `["file1", "file2"]` it will only look for those files and not glob the path | | --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | +| --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 | diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index d8f9300..29709fd 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.3' +__version__ = '1.0.7' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 5148d9b..8a0e29a 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -82,6 +82,9 @@ "pyproject.toml": { "pattern": "pyproject.toml" }, + "poetry.lock": { + "pattern": "poetry.lock" + }, "requirements.txt": { "pattern": "*requirements.txt" }, @@ -394,12 +397,15 @@ def find_files(path: str, files: list = None) -> list: :return: """ all_files = [] + files_provided = False + if files is not None and len(files) > 0: + files_provided = True for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] file_path = f"{path}/**/{pattern}" - if files is None or len(files) == 0: + if not files_provided: files = glob(file_path, recursive=True) else: files = Core.match_supported_files(path, files) diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py index dd86f63..bb0c136 100644 --- a/socketsecurity/core/github.py +++ b/socketsecurity/core/github.py @@ -111,7 +111,7 @@ def __init__(self): @staticmethod def check_event_type() -> str: if github_event_name.lower() == "push": - if pr_number is None or pr_number == "": + if pr_number is None or pr_number == "" or pr_number == "0": event_type = "main" else: event_type = "diff" diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index e5c26d8..617ac33 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -18,7 +18,8 @@ def create_security_comment_json(diff: Diff) -> dict: break output = { "scan_failed": scan_failed, - "new_alerts": [] + "new_alerts": [], + "full_scan_id": diff.id } for alert in diff.new_alerts: alert: Issue diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 966ec78..722c587 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -1,7 +1,7 @@ import argparse import json from socketsecurity.core import Core, __version__ -from socketsecurity.core.classes import FullScanParams, Diff, Package, Alert +from socketsecurity.core.classes import FullScanParams, Diff, Package, Issue from socketsecurity.core.messages import Messages from socketsecurity.core.scm_comments import Comments from socketsecurity.core.git_interface import Git @@ -12,6 +12,7 @@ logging.basicConfig(level=logging.INFO) log = logging.getLogger("socketcli") +blocking_disabled = False parser = argparse.ArgumentParser( prog="socketcli", @@ -142,15 +143,24 @@ default=False ) +parser.add_argument( + '--disable-blocking', + help='Disables failing checks and will only exit with an exit code of 0', + action='store_true', + default=False +) + def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: console_security_comment = Messages.create_console_security_alert_table(diff_report) save_sbom_file(diff_report, sbom_file_name) + log.info(f"Socket Full Scan ID: {diff_report.id}") if not report_pass(diff_report): log.info("Security issues detected by Socket Security") msg = f"\n{console_security_comment}" log.info(msg) - sys.exit(1) + if not blocking_disabled: + sys.exit(1) else: log.info("No New Security issues detected by Socket Security") @@ -159,7 +169,7 @@ def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: console_security_comment = Messages.create_security_comment_json(diff_report) save_sbom_file(diff_report, sbom_file_name) print(json.dumps(console_security_comment)) - if not report_pass(diff_report): + if not report_pass(diff_report) and not blocking_disabled: sys.exit(1) @@ -167,7 +177,7 @@ def report_pass(diff_report: Diff) -> bool: report_passed = True if len(diff_report.new_alerts) > 0: for alert in diff_report.new_alerts: - alert: Alert + alert: Issue if report_passed and alert.error: report_passed = False break @@ -184,11 +194,17 @@ def cli(): main_code() except KeyboardInterrupt: log.info("Keyboard Interrupt detected, exiting") - sys.exit(2) + if not blocking_disabled: + sys.exit(2) + else: + sys.exit(0) except Exception as error: log.error("Unexpected error when running the cli") log.error(error) - sys.exit(3) + if not blocking_disabled: + sys.exit(3) + else: + sys.exit(0) def main_code(): @@ -214,6 +230,10 @@ def main_code(): disable_overview = arguments.disable_overview disable_security_issue = arguments.disable_security_issue ignore_commit_files = arguments.ignore_commit_files + disable_blocking = arguments.disable_blocking + if disable_blocking: + global blocking_disabled + blocking_disabled = True files = arguments.files log.info(f"Starting Socket Security Scan version {__version__}") api_token = os.getenv("SOCKET_SECURITY_API_KEY") or arguments.api_token @@ -244,6 +264,7 @@ def main_code(): is_repo = True except InvalidGitRepositoryError: is_repo = False + ignore_commit_files = True pass except NoSuchPathError: raise Exception(f"Unable to find path {target_path}") @@ -265,12 +286,15 @@ def main_code(): if scm is not None: default_branch = scm.is_default_branch - if is_repo and files is not None and len(files) == 0 and not ignore_commit_files: - no_change = True - else: - no_change = False base_api_url = os.getenv("BASE_API_URL") or None core = Core(token=api_token, request_timeout=6000, base_api_url=base_api_url) + no_change = True + if ignore_commit_files: + no_change = False + elif is_repo and files is not None and len(files) > 0: + if len(core.match_supported_files(target_path, files)) > 0: + no_change = False + set_as_pending_head = False if default_branch: set_as_pending_head = True @@ -295,7 +319,9 @@ def main_code(): log.info("Push initiated flow") diff: Diff diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files, no_change=no_change) - if scm.check_event_type() == "diff": + if no_change: + log.info("No dependency changes") + elif scm.check_event_type() == "diff": log.info("Starting comment logic for PR/MR event") log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") comments = scm.get_comments_for_pr(repo, str(pr_number)) @@ -307,14 +333,24 @@ def main_code(): security_comment = Messages.security_comment_template(diff) new_security_comment = True new_overview_comment = True + update_old_security_comment = ( + security_comment is None or + security_comment == "" or + (len(comments) != 0 and comments.get("security") is not None) + ) + update_old_overview_comment = ( + overview_comment is None or + overview_comment == "" or + (len(comments) != 0 and comments.get("overview") is not None) + ) if len(diff.new_alerts) == 0 or disable_security_issue: - if security_comment is None or security_comment == "": + if not update_old_security_comment: new_security_comment = False log.debug("No new alerts or security issue comment disabled") else: log.debug("Updated security comment with no new alerts") if (len(diff.new_packages) == 0 and len(diff.removed_packages) == 0) or disable_overview: - if overview_comment is None or overview_comment == "": + if not update_old_overview_comment: new_overview_comment = False log.debug("No new/removed packages or Dependency Overview comment disabled") else: From 6d4e171c2ad18bdbdc951d60a6533ec843c859f1 Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 12 Aug 2024 10:43:28 -0700 Subject: [PATCH 009/149] Doug/add debug find files (#17) * Added debug logic to find files * Added more debug logging for find files * Changes to the find_files function to reduce memory usage --- .gitignore | 3 ++- pyproject.toml | 3 ++- requirements.txt | 3 ++- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 46 +++++++++++++++++++++++---------- socketsecurity/socketcli.py | 10 ++++--- 6 files changed, 47 insertions(+), 20 deletions(-) diff --git a/.gitignore b/.gitignore index a4d6257..5738fef 100644 --- a/.gitignore +++ b/.gitignore @@ -18,4 +18,5 @@ markdown_security_temp.md .DS_Store *.pyc test.py -*.cpython-312.pyc \ No newline at end of file +*.cpython-312.pyc` +file_generator.py \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index 7568ed7..2c8ddf8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -11,7 +11,8 @@ dependencies = [ 'mdutils', 'prettytable', 'argparse', - 'GitPython' + 'GitPython', + 'packaging' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/requirements.txt b/requirements.txt index dfd906d..896774a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,4 +2,5 @@ requests>=2.32.0 mdutils~=1.6.0 prettytable argparse -gitpython>=3.1.43 \ No newline at end of file +gitpython>=3.1.43 +packaging>=24.1 \ No newline at end of file diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 29709fd..e239fae 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.7' +__version__ = '1.0.15' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 8a0e29a..f24480f 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -46,6 +46,8 @@ all_new_alerts = False security_policy = {} log = logging.getLogger("socketdev") +# log_format = "%(asctime)s %(funcName)20s() %(message)s" +# logging.basicConfig(format=log_format) log.addHandler(logging.NullHandler()) socket_globs = { @@ -396,29 +398,35 @@ def find_files(path: str, files: list = None) -> list: :param files: override finding the manifest files using the glob matcher :return: """ - all_files = [] files_provided = False + log.debug("Starting Find Files") + start_time = time.time() if files is not None and len(files) > 0: files_provided = True for ecosystem in socket_globs: + if files is None: + files = [] patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] file_path = f"{path}/**/{pattern}" + if not files_provided: - files = glob(file_path, recursive=True) + log.debug(f"Globbing {file_path}") + glob_start = time.time() + test = glob(file_path, recursive=True) + files = files + test + glob_end = time.time() + glob_total_time = glob_end - glob_start + log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") else: + log.debug("Files found from commit") files = Core.match_supported_files(path, files) - for file in files: - if platform.system() == "Windows": - file = file.replace("\\", "/") - if path not in file: - file = f"{path}/{file}" - found_path, file_name = file.rsplit("/", 1) - details = (found_path, file_name) - if details not in all_files: - all_files.append(details) - return all_files + log.debug("Finished Find Files") + end_time = time.time() + total_time = end_time - start_time + log.info(f"Found {len(files)} in {total_time:.2f} seconds") + return files @staticmethod def create_full_scan(files: list, params: FullScanParams, workspace: str) -> FullScan: @@ -430,7 +438,16 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful :return: """ send_files = [] - for path, name in files: + create_full_start = time.time() + log.debug("Creating new full scan") + for file in files: + if platform.system() == "Windows": + file = file.replace("\\", "/") + if "/" in file: + path, name = file.rsplit("/", 1) + else: + path = "." + name = file full_path = f"{path}/{name}" if full_path.startswith(workspace): key = full_path[len(workspace):] @@ -452,6 +469,9 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful results = response.json() full_scan = FullScan(**results) full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) + create_full_end = time.time() + total_time = create_full_end - create_full_start + log.debug(f"New Full Scan created in {total_time:.2f} seconds") return full_scan @staticmethod diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 722c587..8a3db52 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -1,5 +1,7 @@ import argparse import json + +import socketsecurity.core from socketsecurity.core import Core, __version__ from socketsecurity.core.classes import FullScanParams, Diff, Package, Issue from socketsecurity.core.messages import Messages @@ -10,7 +12,9 @@ import sys import logging -logging.basicConfig(level=logging.INFO) +log_format = "%(asctime)s: %(message)s" +logging.basicConfig(level=logging.INFO, format=log_format) +socketsecurity.core.log.setLevel(level=logging.INFO) log = logging.getLogger("socketcli") blocking_disabled = False @@ -211,7 +215,7 @@ def main_code(): arguments = parser.parse_args() debug = arguments.enable_debug if debug: - logging.basicConfig(level=logging.DEBUG) + logging.basicConfig(level=logging.DEBUG, format=log_format) log.setLevel(logging.DEBUG) Core.enable_debug_log(logging.DEBUG) log.debug("Debug logging enabled") @@ -287,7 +291,7 @@ def main_code(): default_branch = scm.is_default_branch base_api_url = os.getenv("BASE_API_URL") or None - core = Core(token=api_token, request_timeout=6000, base_api_url=base_api_url) + core = Core(token=api_token, request_timeout=1200, base_api_url=base_api_url) no_change = True if ignore_commit_files: no_change = False From e6a3107710c8fc9bc624ac706ce2dd3012ec5a90 Mon Sep 17 00:00:00 2001 From: Douglas Date: Fri, 23 Aug 2024 14:25:52 -0700 Subject: [PATCH 010/149] Add support for web event for gitlab (#18) --- scripts/build_container.sh | 18 +++++++++++++++--- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 8 ++++++-- socketsecurity/core/gitlab.py | 4 ++-- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/scripts/build_container.sh b/scripts/build_container.sh index bb6768c..84175a6 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -1,9 +1,16 @@ #!/bin/sh VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'") -BYPASS_PYPI_BUILD=$1 +ENABLE_PYPI_BUILD=$1 +STABLE_VERSION=$2 echo $VERSION +if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then + echo "$0 pypi-build=enable stable=true" + echo "\tpypi-build: Build and publish a new version of the package to pypi" + echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog" + exit +fi -if [ -z $BYPASS_PYPI_BUILD ] || [ $BYPASS_PYPI_BUILD -eq 0 ]; then +if [ $ENABLE_PYPI_BUILD = "pypi-build=enable" ]; then python -m build --wheel --sdist twine upload dist/*$VERSION* sleep 240 @@ -12,4 +19,9 @@ fi docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ && docker push socketdev/cli:$VERSION \ -&& docker push socketdev/cli:latest \ No newline at end of file +&& docker push socketdev/cli:latest + +if [ $STABLE_VERSION = "stable=true" ]; then + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:stable . \ + && docker push socketdev/cli:stable +fi diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index e239fae..1c66b7b 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.15' +__version__ = '1.0.17' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index f24480f..fa8aed3 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -532,10 +532,14 @@ def create_new_diff( :return: """ if no_change: - return Diff() + diff = Diff() + diff.id = "no_diff_id" + return diff files = Core.find_files(path, new_files) if files is None or len(files) == 0: - return Diff() + diff = Diff() + diff.id = "no_diff_id" + return diff try: head_full_scan_id = Core.get_head_scan_for_repo(params.repo) if head_full_scan_id is None or head_full_scan_id == "": diff --git a/socketsecurity/core/gitlab.py b/socketsecurity/core/gitlab.py index 23acf24..1d85887 100644 --- a/socketsecurity/core/gitlab.py +++ b/socketsecurity/core/gitlab.py @@ -97,7 +97,7 @@ def __init__(self): @staticmethod def check_event_type() -> str: - if ci_pipeline_source.lower() == "push" or ci_pipeline_source.lower() == 'merge_request_event': + if ci_pipeline_source.lower() in ["web", 'merge_request_event', "push"]: if ci_merge_request_iid is None or ci_merge_request_iid == "" or str(ci_merge_request_iid) == "0": event_type = "main" else: @@ -106,7 +106,7 @@ def check_event_type() -> str: event_type = "comment" else: log.error(f"Unknown event type {ci_pipeline_source}") - sys.exit(1) + sys.exit(0) return event_type @staticmethod From b96d25c1fd8aaaaa5c800e0daa13d96d135bc533 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 27 Aug 2024 07:13:49 -0700 Subject: [PATCH 011/149] Added fix for files find via commit (#19) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/git_interface.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 1c66b7b..59a6661 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.17' +__version__ = '1.0.18' diff --git a/socketsecurity/core/git_interface.py b/socketsecurity/core/git_interface.py index d86bcbd..239386a 100644 --- a/socketsecurity/core/git_interface.py +++ b/socketsecurity/core/git_interface.py @@ -26,4 +26,5 @@ def __init__(self, path: str): self.changed_files = [] for item in self.show_files: if item != "": - self.changed_files.append(item) + full_path = f"{self.path}/{item}" + self.changed_files.append(full_path) From 0980358ba9f0d2d3d7cf42af8516fff678931d77 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 3 Sep 2024 16:04:40 -0700 Subject: [PATCH 012/149] Doug/fix git commit files (#20) * Added fix for files find via commit * Fix for slow scan times for large mono repos and fix for too long dependency overview --- README.md | 48 +++++++++++++++--------------- scripts/build_container.sh | 27 +++++++++++------ socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 52 ++++++++++++++++++--------------- socketsecurity/core/classes.py | 2 ++ socketsecurity/core/messages.py | 13 +++++++++ socketsecurity/socketcli.py | 7 ++--- 7 files changed, 89 insertions(+), 62 deletions(-) diff --git a/README.md b/README.md index 3e3a7e1..6e89d7a 100644 --- a/README.md +++ b/README.md @@ -14,27 +14,27 @@ socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--commit If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` -| Parameter | Alternate Name | Required | Default | Description | -|:-------------------------|:---------------|:---------|:--------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------| -| -h | --help | False | | Show the CLI help message | -| --api_token | | False | | Provides the Socket API Token | -| --repo | | True | | The string name in a git approved name for repositories. | -| --branch | | False | | The string name in a git approved name for branches. | -| --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer | -| --pr_number | | False | 0 | The integer for the PR or MR number | -| --commit_message | | False | | The string for a commit message if there is one | -| --default_branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies | -| --target_path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files | -| --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` | -| --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory | -| --version | -v | False | | Prints the version and exits | -| --enable-debug | | False | False | Enables debug messaging for the CLI | -| --sbom-file | | False | False | Creates a JSON file with all dependencies and alerts | -| --commit-sha | | False | | The commit hash for the commit | -| --generate-license | | False | False | If enabled with `--sbom-file` will include license details | -| --enable-json | | False | False | If enabled will change the console output format to JSON | -| --disable-overview | | False | False | If enabled will disable Dependency Overview comments | -| --disable-security-issue | | False | False | If enabled will disable Security Issue Comments | -| --files | | False | | If provided in the format of `["file1", "file2"]` it will only look for those files and not glob the path | -| --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | -| --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 | +| Parameter | Alternate Name | Required | Default | Description | +|:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| -h | --help | False | | Show the CLI help message | +| --api_token | | False | | Provides the Socket API Token | +| --repo | | True | | The string name in a git approved name for repositories. | +| --branch | | False | | The string name in a git approved name for branches. | +| --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer | +| --pr_number | | False | 0 | The integer for the PR or MR number | +| --commit_message | | False | | The string for a commit message if there is one | +| --default_branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies | +| --target_path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files | +| --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` | +| --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory | +| --version | -v | False | | Prints the version and exits | +| --enable-debug | | False | False | Enables debug messaging for the CLI | +| --sbom-file | | False | False | Creates a JSON file with all dependencies and alerts | +| --commit-sha | | False | | The commit hash for the commit | +| --generate-license | | False | False | If enabled with `--sbom-file` will include license details | +| --enable-json | | False | False | If enabled will change the console output format to JSON | +| --disable-overview | | False | False | If enabled will disable Dependency Overview comments | +| --disable-security-issue | | False | False | If enabled will disable Security Issue Comments | +| --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. | +| --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | +| --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 | diff --git a/scripts/build_container.sh b/scripts/build_container.sh index 84175a6..a57ebcf 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -11,17 +11,26 @@ if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then fi if [ $ENABLE_PYPI_BUILD = "pypi-build=enable" ]; then + echo "Doing production build" python -m build --wheel --sdist twine upload dist/*$VERSION* sleep 240 + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ + && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ + && docker push socketdev/cli:$VERSION \ + && docker push socketdev/cli:latest + if [ $STABLE_VERSION = "stable=true" ]; then + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:stable . \ + && docker push socketdev/cli:stable + fi +else + echo "Doing test build" + python -m build --wheel --sdist + twine upload --repository testpypi dist/*$VERSION* +# sleep 240 +# docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ +# && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ +# && docker push socketdev/cli:$VERSION-test \ +# && docker push socketdev/cli:test fi -docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ -&& docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ -&& docker push socketdev/cli:$VERSION \ -&& docker push socketdev/cli:latest - -if [ $STABLE_VERSION = "stable=true" ]; then - docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:stable . \ - && docker push socketdev/cli:stable -fi diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 59a6661..afe143b 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.18' +__version__ = '1.0.22' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index fa8aed3..b406112 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -375,8 +375,9 @@ def create_sbom_output(diff: Diff) -> dict: return sbom @staticmethod - def match_supported_files(path: str, files: list) -> list: - matched = [] + def match_supported_files(files: list) -> bool: + matched_files = [] + not_matched = False for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: @@ -386,11 +387,13 @@ def match_supported_files(path: str, files: list) -> list: if "\\" in file: file = file.replace("\\", "/") if PurePath(file).match(pattern): - matched.append(file) - return matched + matched_files.append(file) + if len(matched_files) == 0: + not_matched = True + return not_matched @staticmethod - def find_files(path: str, files: list = None) -> list: + def find_files(path: str) -> list: """ Globs the path for supported manifest files. Note: Might move the source to a JSON file @@ -398,30 +401,25 @@ def find_files(path: str, files: list = None) -> list: :param files: override finding the manifest files using the glob matcher :return: """ - files_provided = False log.debug("Starting Find Files") start_time = time.time() - if files is not None and len(files) > 0: - files_provided = True + files = [] for ecosystem in socket_globs: - if files is None: - files = [] patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] file_path = f"{path}/**/{pattern}" - if not files_provided: - log.debug(f"Globbing {file_path}") - glob_start = time.time() - test = glob(file_path, recursive=True) - files = files + test - glob_end = time.time() - glob_total_time = glob_end - glob_start - log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") - else: - log.debug("Files found from commit") - files = Core.match_supported_files(path, files) + log.debug(f"Globbing {file_path}") + glob_start = time.time() + glob_files = glob(file_path, recursive=True) + for glob_file in glob_files: + if glob_file not in files: + files.append(glob_file) + glob_end = time.time() + glob_total_time = glob_end - glob_start + log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") + log.debug("Finished Find Files") end_time = time.time() total_time = end_time - start_time @@ -516,7 +514,6 @@ def create_new_diff( path: str, params: FullScanParams, workspace: str, - new_files: list = None, no_change: bool = False ) -> Diff: """ @@ -527,7 +524,6 @@ def create_new_diff( :param path: Str - path of where to look for manifest files for the new Full Scan :param params: FullScanParams - Query params for the Full Scan endpoint :param workspace: str - Path for workspace - :param new_files: :param no_change: :return: """ @@ -535,7 +531,7 @@ def create_new_diff( diff = Diff() diff.id = "no_diff_id" return diff - files = Core.find_files(path, new_files) + files = Core.find_files(path) if files is None or len(files) == 0: diff = Diff() diff.id = "no_diff_id" @@ -551,6 +547,7 @@ def create_new_diff( total_head_time = head_end - head_start log.info(f"Total time to get head full-scan {total_head_time: .2f}") except APIResourceNotFound: + head_full_scan_id = None head_full_scan = [] new_scan_start = time.time() new_full_scan = Core.create_full_scan(files, params, workspace) @@ -560,7 +557,14 @@ def create_new_diff( log.info(f"Total time to get new full-scan {total_new_time: .2f}") diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan) diff_report.packages = new_full_scan.packages + # Set the diff ID and URLs + base_socket = "https://socket.dev/dashboard/org" diff_report.id = new_full_scan.id + diff_report.report_url = f"{base_socket}/{org_slug}/sbom/{diff_report.id}" + if head_full_scan_id is not None: + diff_report.diff_url = f"{base_socket}/{org_slug}/diff/{diff_report.id}/{head_full_scan_id}" + else: + diff_report.diff_url = diff_report.report_url return diff_report @staticmethod diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index a4f862f..ad0ae85 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -312,6 +312,8 @@ class Diff: id: str sbom: str packages: dict + report_url: str + diff_url: str def __init__(self, **kwargs): if kwargs: diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 617ac33..eaabf14 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -189,8 +189,21 @@ def dependency_overview_template(diff: Diff) -> str: if len(diff.removed_packages) > 0: md = Messages.create_remove_line(diff, md) md.create_md_file() + if len(md.file_data_text.lstrip()) >= 65500: + md = Messages.short_dependency_overview_comment(diff) return md.file_data_text.lstrip() + @staticmethod + def short_dependency_overview_comment(diff: Diff) -> MdUtils: + md = MdUtils(file_name="markdown_overview_temp.md") + md.new_line("") + md.new_header(level=1, title="Socket Security: Dependency Overview") + md.new_line("New and removed dependencies detected. Learn more about [socket.dev](https://socket.dev)") + md.new_line() + md.new_line("The amount of dependency changes were to long for this comment. Please check out the full report") + md.new_line(f"To view more information about this report checkout the [Full Report]({diff.diff_url})") + return md + @staticmethod def create_remove_line(diff: Diff, md: MdUtils) -> MdUtils: """ diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 8a3db52..4e6d428 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -296,8 +296,7 @@ def main_code(): if ignore_commit_files: no_change = False elif is_repo and files is not None and len(files) > 0: - if len(core.match_supported_files(target_path, files)) > 0: - no_change = False + no_change = core.match_supported_files(files) set_as_pending_head = False if default_branch: @@ -322,7 +321,7 @@ def main_code(): elif scm is not None and scm.check_event_type() != "comment": log.info("Push initiated flow") diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files, no_change=no_change) + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if no_change: log.info("No dependency changes") elif scm.check_event_type() == "diff": @@ -377,7 +376,7 @@ def main_code(): else: log.info("API Mode") diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, new_files=files, no_change=no_change) + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if enable_json: output_console_json(diff, sbom_file) else: From 1fca2e8422a7ffb5466d6def179fc325b2b545ef Mon Sep 17 00:00:00 2001 From: Mikola Lysenko Date: Mon, 23 Sep 2024 12:21:11 -0400 Subject: [PATCH 013/149] fix quadratic time lookup --- socketsecurity/core/__init__.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index b406112..06494a5 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -403,7 +403,7 @@ def find_files(path: str) -> list: """ log.debug("Starting Find Files") start_time = time.time() - files = [] + files = set() for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: @@ -415,7 +415,7 @@ def find_files(path: str) -> list: glob_files = glob(file_path, recursive=True) for glob_file in glob_files: if glob_file not in files: - files.append(glob_file) + files.add(glob_file) glob_end = time.time() glob_total_time = glob_end - glob_start log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") @@ -424,7 +424,7 @@ def find_files(path: str) -> list: end_time = time.time() total_time = end_time - start_time log.info(f"Found {len(files)} in {total_time:.2f} seconds") - return files + return list(files) @staticmethod def create_full_scan(files: list, params: FullScanParams, workspace: str) -> FullScan: @@ -582,13 +582,13 @@ def compare_sboms(new_scan: list, head_scan: list) -> Diff: head_packages = Core.create_sbom_dict(head_scan) new_scan_alerts = {} head_scan_alerts = {} - consolidated = [] + consolidated = set() for package_id in new_packages: purl, package = Core.create_purl(package_id, new_packages) base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" if package_id not in head_packages and package.direct and base_purl not in consolidated: diff.new_packages.append(purl) - consolidated.append(base_purl) + consolidated.add(base_purl) new_scan_alerts = Core.create_issue_alerts(package, new_scan_alerts, new_packages) for package_id in head_packages: purl, package = Core.create_purl(package_id, head_packages) From 0255e26451c3b25a84264394b4eaf4be196386e8 Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 23 Sep 2024 09:40:22 -0700 Subject: [PATCH 014/149] Minor fixes for working with custom base domain (#23) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 20 ++++++++++++++++---- socketsecurity/core/git_interface.py | 2 ++ socketsecurity/socketcli.py | 8 ++++++++ 4 files changed, 27 insertions(+), 5 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index afe143b..469804b 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.22' +__version__ = '1.0.24' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index b406112..ca6b17a 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -45,9 +45,8 @@ org_slug = None all_new_alerts = False security_policy = {} +allow_unverified_ssl = False log = logging.getLogger("socketdev") -# log_format = "%(asctime)s %(funcName)20s() %(message)s" -# logging.basicConfig(format=log_format) log.addHandler(logging.NullHandler()) socket_globs = { @@ -164,13 +163,17 @@ def do_request( 'User-Agent': f'SocketPythonCLI/{__version__}', "accept": "application/json" } + verify = False + if allow_unverified_ssl: + verify = True response = requests.request( method.upper(), url, headers=headers, data=payload, files=files, - timeout=timeout + timeout=timeout, + verify=verify ) output_headers = headers.copy() output_headers['Authorization'] = "API_KEY_REDACTED" @@ -215,7 +218,16 @@ class Core: request_timeout: int reports: list - def __init__(self, token: str, base_api_url=None, request_timeout=None, enable_all_alerts=False): + def __init__( + self, + token: str, + base_api_url: str = None, + request_timeout: int = None, + enable_all_alerts: bool = False, + allow_unverified: bool = False + ): + global allow_unverified_ssl + allow_unverified_ssl = allow_unverified self.token = token + ":" encode_key(self.token) self.socket_date_format = "%Y-%m-%dT%H:%M:%S.%fZ" diff --git a/socketsecurity/core/git_interface.py b/socketsecurity/core/git_interface.py index 239386a..37ee877 100644 --- a/socketsecurity/core/git_interface.py +++ b/socketsecurity/core/git_interface.py @@ -1,5 +1,6 @@ from git import Repo from socketsecurity.core import log +import urllib.parse class Git: @@ -15,6 +16,7 @@ def __init__(self, path: str): self.repo_name = self.repo.remotes.origin.url.split('.git')[0].split('/')[-1] try: self.branch = self.head.reference + urllib.parse.unquote(str(self.branch)) except Exception as error: self.branch = None log.debug(error) diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 4e6d428..2423aad 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -113,6 +113,13 @@ default=False ) +parser.add_argument( + '--allow-unverified', + help='Allow unverified SSL Connections', + action='store_true', + default=False +) + parser.add_argument( '--enable-json', help='Enable json output of results instead of table formatted', @@ -235,6 +242,7 @@ def main_code(): disable_security_issue = arguments.disable_security_issue ignore_commit_files = arguments.ignore_commit_files disable_blocking = arguments.disable_blocking + allow_unverified = arguments.allow_unverified if disable_blocking: global blocking_disabled blocking_disabled = True From dcb9b120bd3a645d3bfd309cb3e3a35dbd7a3a83 Mon Sep 17 00:00:00 2001 From: Michael Roberts Date: Tue, 24 Sep 2024 16:50:41 -0700 Subject: [PATCH 015/149] Fixed verify bool being backward (#25) TLS was always desabled because verify was defaulting to false. --- socketsecurity/core/__init__.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 1019f15..538841e 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -163,9 +163,9 @@ def do_request( 'User-Agent': f'SocketPythonCLI/{__version__}', "accept": "application/json" } - verify = False + verify = True if allow_unverified_ssl: - verify = True + verify = False response = requests.request( method.upper(), url, From 8e02fc5bc9bc335c2906f2f4de4d16d5ef31483e Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 3 Oct 2024 12:21:00 -0700 Subject: [PATCH 016/149] Doug/fix run issue (#26) * Fixed issue where diff scan was running when there were no changed manifest files * Fixes for run time detection of changed files --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 10 +++---- socketsecurity/core/classes.py | 9 ++++-- socketsecurity/core/github.py | 3 +- socketsecurity/socketcli.py | 52 ++++++++++++++++++++------------- 5 files changed, 47 insertions(+), 29 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 469804b..f65493a 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.24' +__version__ = '1.0.30' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 538841e..c192a1b 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -410,7 +410,6 @@ def find_files(path: str) -> list: Globs the path for supported manifest files. Note: Might move the source to a JSON file :param path: Str - path to where the manifest files are located - :param files: override finding the manifest files using the glob matcher :return: """ log.debug("Starting Find Files") @@ -750,10 +749,11 @@ def create_issue_alerts(package: Package, alerts: dict, packages: dict) -> dict: if alert.type in security_policy: action = security_policy[alert.type]['action'] setattr(issue_alert, action, True) - if issue_alert.key not in alerts: - alerts[issue_alert.key] = [issue_alert] - else: - alerts[issue_alert.key].append(issue_alert) + if issue_alert.type != 'licenseSpdxDisj': + if issue_alert.key not in alerts: + alerts[issue_alert.key] = [issue_alert] + else: + alerts[issue_alert.key].append(issue_alert) return alerts @staticmethod diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index ad0ae85..8b93826 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -161,10 +161,15 @@ def __init__(self, **kwargs): if hasattr(self, "created_at"): self.created_at = self.created_at.strip(" (Coordinated Universal Time)") - if not hasattr(self, "introduced_by"): - self.introduced_by = [] if not hasattr(self, "manifests"): self.manifests = "" + if not hasattr(self, "introduced_by"): + self.introduced_by = [] + else: + for item in self.introduced_by: + pkg, manifest = item + self.manifests += f"{manifest};" + self.manifests = self.manifests.rstrip(";") if not hasattr(self, "error"): self.error = False if not hasattr(self, "warn"): diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py index bb0c136..bd24339 100644 --- a/socketsecurity/core/github.py +++ b/socketsecurity/core/github.py @@ -116,7 +116,8 @@ def check_event_type() -> str: else: event_type = "diff" elif github_event_name.lower() == "pull_request": - if event_action is not None and event_action != "" and event_action.lower() == "opened": + if event_action is not None and event_action != "" and ( + event_action.lower() == "opened" or event_action.lower() == 'synchronize'): event_type = "diff" else: log.info(f"Pull Request Action {event_action} is not a supported type") diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 2423aad..d89d9f1 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -163,25 +163,34 @@ def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: - console_security_comment = Messages.create_console_security_alert_table(diff_report) - save_sbom_file(diff_report, sbom_file_name) - log.info(f"Socket Full Scan ID: {diff_report.id}") - if not report_pass(diff_report): - log.info("Security issues detected by Socket Security") - msg = f"\n{console_security_comment}" - log.info(msg) - if not blocking_disabled: - sys.exit(1) - else: - log.info("No New Security issues detected by Socket Security") + if diff_report.id != "NO_DIFF_RAN": + console_security_comment = Messages.create_console_security_alert_table(diff_report) + save_sbom_file(diff_report, sbom_file_name) + log.info(f"Socket Full Scan ID: {diff_report.id}") + if len(diff_report.new_alerts) > 0: + log.info("Security issues detected by Socket Security") + msg = f"\n{console_security_comment}" + log.info(msg) + if not report_pass(diff_report) and not blocking_disabled: + sys.exit(1) + else: + # Means only warning alerts with no blocked + if not blocking_disabled: + sys.exit(5) + else: + log.info("No New Security issues detected by Socket Security") def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: - console_security_comment = Messages.create_security_comment_json(diff_report) - save_sbom_file(diff_report, sbom_file_name) - print(json.dumps(console_security_comment)) - if not report_pass(diff_report) and not blocking_disabled: - sys.exit(1) + if diff_report.id != "NO_DIFF_RAN": + console_security_comment = Messages.create_security_comment_json(diff_report) + save_sbom_file(diff_report, sbom_file_name) + print(json.dumps(console_security_comment)) + if not report_pass(diff_report) and not blocking_disabled: + sys.exit(1) + elif len(diff_report.new_alerts) > 0 and not blocking_disabled: + # Means only warning alerts with no blocked + sys.exit(5) def report_pass(diff_report: Diff) -> bool: @@ -299,11 +308,12 @@ def main_code(): default_branch = scm.is_default_branch base_api_url = os.getenv("BASE_API_URL") or None - core = Core(token=api_token, request_timeout=1200, base_api_url=base_api_url) + core = Core(token=api_token, request_timeout=1200, base_api_url=base_api_url, allow_unverified=allow_unverified) no_change = True if ignore_commit_files: no_change = False elif is_repo and files is not None and len(files) > 0: + log.info(files) no_change = core.match_supported_files(files) set_as_pending_head = False @@ -319,7 +329,8 @@ def main_code(): make_default_branch=default_branch, set_as_pending_head=set_as_pending_head ) - diff = None + diff = Diff() + diff.id = "NO_DIFF_RAN" if scm is not None and scm.check_event_type() == "comment": log.info("Comment initiated flow") log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") @@ -329,10 +340,11 @@ def main_code(): elif scm is not None and scm.check_event_type() != "comment": log.info("Push initiated flow") diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if no_change: - log.info("No dependency changes") + log.info("No manifest files changes, skipping scan") + # log.info("No dependency changes") elif scm.check_event_type() == "diff": + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) log.info("Starting comment logic for PR/MR event") log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") comments = scm.get_comments_for_pr(repo, str(pr_number)) From 32ebbb6e1ec445effedfa52c7a8f885a87ec799c Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 8 Oct 2024 08:01:57 -0700 Subject: [PATCH 017/149] Doug/fix run issue (#27) * Fixed issue where diff scan was running when there were no changed manifest files * Fixes for run time detection of changed files * Fixed logic that would keep the CLI running on the default branch * Fix for CLI not running on main branch for github --- socketsecurity/__init__.py | 2 +- socketsecurity/socketcli.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index f65493a..9914dc4 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.30' +__version__ = '1.0.31' diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index d89d9f1..381ebbd 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -387,7 +387,8 @@ def main_code(): new_overview_comment ) else: - log.info("Not a PR/MR event no comment needed") + log.info("Starting non-PR/MR flow") + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if enable_json: log.debug("Outputting JSON Results") output_console_json(diff, sbom_file) From 2a0331657a4f74efb84fb16fd168080aa9aacbdc Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 30 Oct 2024 08:07:25 -0700 Subject: [PATCH 018/149] Added support for CycloneDX and SPDX manifest files to the CLI. Also improved build script (#28) --- scripts/build_container.sh | 33 ++++++++++++++++++++------------- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 13 +++++++++++++ 3 files changed, 34 insertions(+), 14 deletions(-) diff --git a/scripts/build_container.sh b/scripts/build_container.sh index a57ebcf..a0c2a1b 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -5,32 +5,39 @@ STABLE_VERSION=$2 echo $VERSION if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then echo "$0 pypi-build=enable stable=true" - echo "\tpypi-build: Build and publish a new version of the package to pypi" + echo "\tpypi-build: Build and publish a new version of the package to pypi. Options are prod or test" echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog" exit fi -if [ $ENABLE_PYPI_BUILD = "pypi-build=enable" ]; then +if [ $ENABLE_PYPI_BUILD = "pypi-build=prod" ]; then echo "Doing production build" python -m build --wheel --sdist twine upload dist/*$VERSION* - sleep 240 + sleep 120 docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ && docker push socketdev/cli:$VERSION \ && docker push socketdev/cli:latest - if [ $STABLE_VERSION = "stable=true" ]; then - docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:stable . \ - && docker push socketdev/cli:stable - fi -else +fi + +if [ $ENABLE_PYPI_BUILD = "pypi-build=test" ]; then echo "Doing test build" python -m build --wheel --sdist twine upload --repository testpypi dist/*$VERSION* -# sleep 240 -# docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ -# && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ -# && docker push socketdev/cli:$VERSION-test \ -# && docker push socketdev/cli:test + sleep 120 + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ + && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ + && docker push socketdev/cli:$VERSION-test \ + && docker push socketdev/cli:test fi + +if [ $STABLE_VERSION = "stable=true" ]; then + if [ $ENABLE_PYPI_BUILD = "pypi-build=enable" ]; then + sleep 120 + fi + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:stable . \ + && docker push socketdev/cli:stable + fi + diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 9914dc4..554e76e 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.31' +__version__ = '1.0.32' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index c192a1b..8dea47a 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -50,6 +50,19 @@ log.addHandler(logging.NullHandler()) socket_globs = { + "spdx": { + "spdx.json": { + "pattern": "*[-.]spdx.json" + } + }, + "cdx": { + "cyclonedx.json": { + "pattern": "{bom,*[-.]c{yclone,}dx}.json" + }, + "xml": { + "pattern": "{bom,*[-.]c{yclone,}dx}.xml" + } + }, "npm": { "package.json": { "pattern": "package.json" From 978ea4772bb854e268d87d13b0e8473e8c6c82dd Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Tue, 5 Nov 2024 12:02:20 -0800 Subject: [PATCH 019/149] migrate from direct API usage to SDK (#29) * migrated to use python SDK --- .gitignore | 3 +- pyproject.toml | 90 +++++++++++- requirements.txt | 3 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 234 ++++++++++++++++---------------- socketsecurity/core/github.py | 53 ++++---- socketsecurity/socketcli.py | 25 +++- 7 files changed, 251 insertions(+), 159 deletions(-) diff --git a/.gitignore b/.gitignore index 5738fef..405a91f 100644 --- a/.gitignore +++ b/.gitignore @@ -19,4 +19,5 @@ markdown_security_temp.md *.pyc test.py *.cpython-312.pyc` -file_generator.py \ No newline at end of file +file_generator.py +.env.local \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index 2c8ddf8..8d6d6e4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -7,13 +7,21 @@ name = "socketsecurity" dynamic = ["version"] requires-python = ">= 3.9" dependencies = [ - 'requests', - 'mdutils', + 'requests >= 2.32.0', + 'mdutils ~= 1.6.0', 'prettytable', 'argparse', - 'GitPython', - 'packaging' + 'GitPython >= 3.1.43', + 'packaging >= 24.1', + 'python-dotenv >= 1.0.1', ] + +# modern, faster linter and language server. install with `pip install -e ".[dev]"` +[project.optional-dependencies] +dev = [ + "ruff>=0.3.0", +] + readme = "README.md" description = "Socket Security CLI for CI/CD" keywords = ["socketsecurity", "socket.dev", "sca", "oss", "security"] @@ -45,4 +53,76 @@ include = [ ] [tool.setuptools.dynamic] -version = {attr = "socketsecurity.__version__"} \ No newline at end of file +version = {attr = "socketsecurity.__version__"} + +[tool.ruff] +# Exclude a variety of commonly ignored directories. +exclude = [ + ".bzr", + ".direnv", + ".eggs", + ".git", + ".git-rewrite", + ".hg", + ".ipynb_checkpoints", + ".mypy_cache", + ".nox", + ".pants.d", + ".pyenv", + ".pytest_cache", + ".pytype", + ".ruff_cache", + ".svn", + ".tox", + ".venv", + ".vscode", + "__pypackages__", + "_build", + "buck-out", + "build", + "dist", + "node_modules", + "site-packages", + "venv", +] + +[tool.ruff.lint] +# Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`) codes by default. +# Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or +# McCabe complexity (`C901`) by default. +select = ["E4", "E7", "E9", "F"] +ignore = [] + +# Allow fix for all enabled rules (when `--fix`) is provided. +fixable = ["ALL"] +unfixable = [] + +# Allow unused variables when underscore-prefixed. +dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$" + +[tool.ruff.format] +# Like Black, use double quotes for strings. +quote-style = "double" + +# Like Black, indent with spaces, rather than tabs. +indent-style = "space" + +# Like Black, respect magic trailing commas. +skip-magic-trailing-comma = false + +# Like Black, automatically detect the appropriate line ending. +line-ending = "auto" + +# Enable auto-formatting of code examples in docstrings. Markdown, +# reStructuredText code/literal blocks and doctests are all supported. +# +# This is currently disabled by default, but it is planned for this +# to be opt-out in the future. +docstring-code-format = false + +# Set the line length limit used when formatting code snippets in +# docstrings. +# +# This only has an effect when the `docstring-code-format` setting is +# enabled. +docstring-code-line-length = "dynamic" \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index 896774a..b603f16 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,4 +3,5 @@ mdutils~=1.6.0 prettytable argparse gitpython>=3.1.43 -packaging>=24.1 \ No newline at end of file +packaging>=24.1 +python-dotenv>=1.0.1 diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 554e76e..5c40c13 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.32' +__version__ = '1.0.33' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 8dea47a..adabae4 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -2,9 +2,9 @@ from pathlib import PurePath import requests -from urllib.parse import urlencode import base64 import json +from socketdev import socketdev from socketsecurity.core.exceptions import ( APIFailure, APIKeyMissing, APIAccessDenied, APIInsufficientQuota, APIResourceNotFound, APICloudflareError ) @@ -12,7 +12,6 @@ from socketsecurity.core.licenses import Licenses from socketsecurity.core.issues import AllIssues from socketsecurity.core.classes import ( - Report, Issue, Package, Alert, @@ -226,34 +225,53 @@ def do_request( class Core: - token: str - base_api_url: str - request_timeout: int - reports: list + _sdk = None + _initialized = False - def __init__( - self, + def __init__(self): + raise NotImplementedError("Use Core.initialize() instead of instantiation") + + @classmethod + def initialize( + cls, token: str, base_api_url: str = None, request_timeout: int = None, enable_all_alerts: bool = False, allow_unverified: bool = False - ): - global allow_unverified_ssl + ) -> None: + """Initialize the Core class and set up global configuration""" + if cls._initialized: + return + + global allow_unverified_ssl, all_new_alerts + allow_unverified_ssl = allow_unverified - self.token = token + ":" - encode_key(self.token) - self.socket_date_format = "%Y-%m-%dT%H:%M:%S.%fZ" - self.base_api_url = base_api_url - if self.base_api_url is not None: - Core.set_api_url(self.base_api_url) - self.request_timeout = request_timeout - if self.request_timeout is not None: - Core.set_timeout(self.request_timeout) + cls._initialize_sdk(token) + encode_key(token + ":") + + if base_api_url is not None: + cls.set_api_url(base_api_url) + + if request_timeout is not None: + cls.set_timeout(request_timeout) + if enable_all_alerts: - global all_new_alerts all_new_alerts = True - Core.set_org_vars() + + cls._initialized = True + cls.set_org_vars() + + @classmethod + def _initialize_sdk(cls, token: str) -> None: + if cls._sdk is None: + cls._sdk = socketdev(token=token) + + @classmethod + def get_sdk(cls) -> socketdev: + if not cls._initialized: + raise RuntimeError("Core not initialized - call Core.initialize() first") + return cls._sdk @staticmethod def enable_debug_log(level: int): @@ -297,39 +315,50 @@ def set_timeout(request_timeout: int): def get_org_id_slug() -> (str, str): """ Gets the Org ID and Org Slug for the API Token - :return: + :return: Tuple of Org ID and Org Slug """ - path = "organizations" - response = do_request(path) - data = response.json() - organizations = data.get("organizations") new_org_id = None new_org_slug = None + + sdk = Core.get_sdk() + data = sdk.org.get() + organizations = data.get("organizations") + if len(organizations) == 1: for key in organizations: new_org_id = key new_org_slug = organizations[key].get('slug') + return new_org_id, new_org_slug @staticmethod - def get_sbom_data(full_scan_id: str) -> list: - path = f"orgs/{org_slug}/full-scans/{full_scan_id}" - response = do_request(path) - results = [] - try: - data = response.json() - results = data.get("sbom_artifacts") or [] - except Exception as error: - log.debug("Failed with old style full-scan API using new format") - log.debug(error) - data = response.text + def get_sbom_data(full_scan_id: str) -> dict: + sdk = Core.get_sdk() + response_dict = sdk.fullscans.stream(org_slug, full_scan_id) + + if not response_dict.get("success"): + results = [] + data = response_dict.get("message") data.strip('"') data.strip() + for line in data.split("\n"): if line != '"' and line != "" and line is not None: item = json.loads(line) results.append(item) - return results + + return results + + keys_to_remove = ["success", "status"] + for key in keys_to_remove: + response_dict.pop(key, None) + + for key in response_dict: + value = response_dict.get(key) + response_dict[key] = Package(**value) + + return response_dict + @staticmethod def get_security_policy() -> dict: @@ -337,23 +366,21 @@ def get_security_policy() -> dict: Get the Security policy and determine the effective Org security policy :return: """ - path = "settings" - payload = [ - { - "organization": org_id - } - ] - response = do_request(path, payload=json.dumps(payload), method="POST") - data = response.json() + + sdk = Core.get_sdk() + data = sdk.settings.get(org_id) + defaults = data.get("defaults") default_rules = defaults.get("issueRules") entries = data.get("entries") org_rules = {} + for org_set in entries: settings = org_set.get("settings") if settings is not None: org_details = settings.get("organization") org_rules = org_details.get("issueRules") + for default in default_rules: if default not in org_rules: action = default_rules[default]["action"] @@ -362,10 +389,6 @@ def get_security_policy() -> dict: } return org_rules - # @staticmethod - # def get_supported_file_types() -> dict: - # path = "report/supported" - @staticmethod def get_manifest_files(package: Package, packages: dict) -> str: if package.direct: @@ -388,15 +411,16 @@ def get_manifest_files(package: Package, packages: dict) -> str: @staticmethod def create_sbom_output(diff: Diff) -> dict: - base_path = f"orgs/{org_slug}/export/cdx" - path = f"{base_path}/{diff.id}" - result = do_request(path=path) - try: - sbom = result.json() - except Exception as error: + sdk = Core.get_sdk() + sbom = sdk.export.cdx_bom(org_slug, diff.id) + + if not sbom.get("success"): log.error(f"Unable to get CycloneDX Output for {diff.id}") - log.error(error) - sbom = {} + log.error(sbom.get("message")) + return {} + + sbom.pop("success", None) + return sbom @staticmethod @@ -407,7 +431,7 @@ def match_supported_files(files: list) -> bool: patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] - # path_pattern = f"**/{pattern}" + for file in files: if "\\" in file: file = file.replace("\\", "/") @@ -425,11 +449,12 @@ def find_files(path: str) -> list: :param path: Str - path to where the manifest files are located :return: """ - log.debug("Starting Find Files") + start_time = time.time() files = set() for ecosystem in socket_globs: patterns = socket_globs[ecosystem] + for file_name in patterns: pattern = patterns[file_name]["pattern"] file_path = f"{path}/**/{pattern}" @@ -437,14 +462,15 @@ def find_files(path: str) -> list: log.debug(f"Globbing {file_path}") glob_start = time.time() glob_files = glob(file_path, recursive=True) + for glob_file in glob_files: if glob_file not in files: files.add(glob_file) + glob_end = time.time() glob_total_time = glob_end - glob_start log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") - log.debug("Finished Find Files") end_time = time.time() total_time = end_time - start_time log.info(f"Found {len(files)} in {total_time:.2f} seconds") @@ -461,7 +487,7 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful """ send_files = [] create_full_start = time.time() - log.debug("Creating new full scan") + for file in files: if platform.system() == "Windows": file = file.replace("\\", "/") @@ -485,10 +511,12 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful ) ) send_files.append(payload) - query_params = urlencode(params.__dict__) - full_uri = f"{full_scan_path}?{query_params}" - response = do_request(full_uri, method="POST", files=send_files) - results = response.json() + + sdk = Core.get_sdk() + params_dict = params.__dict__ + params_dict["org_slug"] = org_slug + results = sdk.fullscans.post(files=files, params=params_dict) + full_scan = FullScan(**results) full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) create_full_end = time.time() @@ -513,25 +541,12 @@ def get_head_scan_for_repo(repo_slug: str): :param repo_slug: Str - Repo slug for the repository that is being diffed :return: """ - repo_path = f"{repository_path}/{repo_slug}" - response = do_request(repo_path) - results = response.json() + + sdk = Core.get_sdk() + results = sdk.repos.repo(org_slug, repo_slug) repository = Repository(**results) - return repository.head_full_scan_id - @staticmethod - def get_full_scan(full_scan_id: str) -> FullScan: - """ - Get the specified full scan and return a FullScan object - :param full_scan_id: str - ID of the full scan to pull - :return: - """ - full_scan_url = f"{full_scan_path}/{full_scan_id}" - response = do_request(full_scan_url) - results = response.json() - full_scan = FullScan(**results) - full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) - return full_scan + return repository.head_full_scan_id @staticmethod def create_new_diff( @@ -555,11 +570,13 @@ def create_new_diff( diff = Diff() diff.id = "no_diff_id" return diff + files = Core.find_files(path) if files is None or len(files) == 0: diff = Diff() diff.id = "no_diff_id" return diff + try: head_full_scan_id = Core.get_head_scan_for_repo(params.repo) if head_full_scan_id is None or head_full_scan_id == "": @@ -570,29 +587,35 @@ def create_new_diff( head_end = time.time() total_head_time = head_end - head_start log.info(f"Total time to get head full-scan {total_head_time: .2f}") + except APIResourceNotFound: head_full_scan_id = None head_full_scan = [] + new_scan_start = time.time() new_full_scan = Core.create_full_scan(files, params, workspace) - new_full_scan.packages = Core.create_sbom_dict(new_full_scan.sbom_artifacts) + new_full_scan.packages = new_full_scan.sbom_artifacts new_scan_end = time.time() + total_new_time = new_scan_end - new_scan_start log.info(f"Total time to get new full-scan {total_new_time: .2f}") + diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan) diff_report.packages = new_full_scan.packages - # Set the diff ID and URLs + base_socket = "https://socket.dev/dashboard/org" diff_report.id = new_full_scan.id diff_report.report_url = f"{base_socket}/{org_slug}/sbom/{diff_report.id}" + if head_full_scan_id is not None: diff_report.diff_url = f"{base_socket}/{org_slug}/diff/{diff_report.id}/{head_full_scan_id}" else: diff_report.diff_url = diff_report.report_url + return diff_report @staticmethod - def compare_sboms(new_scan: list, head_scan: list) -> Diff: + def compare_sboms(new_scan: dict, head_scan: dict) -> Diff: """ compare the SBOMs of the new full Scan and the head full scan. Return a Diff report with new packages, removed packages, and new alerts for the new full scan compared to the head. @@ -600,28 +623,33 @@ def compare_sboms(new_scan: list, head_scan: list) -> Diff: :param head_scan: FullScan - Current head FullScan for the repository :return: """ - diff: Diff - diff = Diff() - new_packages = Core.create_sbom_dict(new_scan) - head_packages = Core.create_sbom_dict(head_scan) + diff: Diff = Diff() + new_packages = new_scan + head_packages = head_scan + new_scan_alerts = {} head_scan_alerts = {} consolidated = set() + for package_id in new_packages: purl, package = Core.create_purl(package_id, new_packages) base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" + if package_id not in head_packages and package.direct and base_purl not in consolidated: diff.new_packages.append(purl) consolidated.add(base_purl) new_scan_alerts = Core.create_issue_alerts(package, new_scan_alerts, new_packages) + for package_id in head_packages: purl, package = Core.create_purl(package_id, head_packages) if package_id not in new_packages and package.direct: diff.removed_packages.append(purl) head_scan_alerts = Core.create_issue_alerts(package, head_scan_alerts, head_packages) + diff.new_alerts = Core.compare_issue_alerts(new_scan_alerts, head_scan_alerts, diff.new_alerts) diff.new_capabilities = Core.compare_capabilities(new_packages, head_packages) diff = Core.add_capabilities_to_purl(diff) + return diff @staticmethod @@ -827,32 +855,6 @@ def create_purl(package_id: str, packages: dict) -> (Purl, Package): ) return purl, package - @staticmethod - def create_sbom_dict(sbom: list) -> dict: - """ - Converts the SBOM Artifacts from the FulLScan into a Dictionary for parsing - :param sbom: list - Raw artifacts for the SBOM - :return: - """ - packages = {} - top_level_count = {} - for item in sbom: - package = Package(**item) - if package.id in packages: - print("Duplicate package?") - else: - package = Core.get_license_details(package) - packages[package.id] = package - for top_id in package.topLevelAncestors: - if top_id not in top_level_count: - top_level_count[top_id] = 1 - else: - top_level_count[top_id] += 1 - if len(top_level_count) > 0: - for package_id in top_level_count: - packages[package_id].transitives = top_level_count[package_id] - return packages - @staticmethod def save_file(file_name: str, content: str) -> None: file = open(file_name, "w") diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py index bd24339..cad7001 100644 --- a/socketsecurity/core/github.py +++ b/socketsecurity/core/github.py @@ -1,30 +1,29 @@ import json import os from socketsecurity.core import log, do_request -import requests from socketsecurity.core.classes import Comment from socketsecurity.core.scm_comments import Comments import sys -global github_sha -global github_api_url -global github_ref_type -global github_event_name -global github_workspace -global github_repository -global github_ref_name -global github_actor -global default_branch -global github_env -global pr_number -global pr_name -global is_default_branch -global commit_message -global committer -global gh_api_token -global github_repository_owner -global event_action +github_sha = None +github_api_url = None +github_ref_type = None +github_event_name = None +github_workspace = None +github_repository = None +github_ref_name = None +github_actor = None +default_branch = None +github_env = None +pr_number = None +pr_name = None +is_default_branch = False +commit_message = None +committer = None +gh_api_token = None +github_repository_owner = None +event_action = None github_variables = [ "GITHUB_SHA", @@ -47,16 +46,14 @@ for env in github_variables: var_name = env.lower() - globals()[var_name] = os.getenv(env) or None + value = os.getenv(env) + globals()[var_name] = value + if var_name == "default_branch": - global is_default_branch - if default_branch is None or default_branch.lower() == "false": - is_default_branch = False - else: - is_default_branch = True - if var_name != "gh_api_token": - value = globals()[var_name] = os.getenv(env) or None - log.debug(f"{env}={value}") + is_default_branch = bool(value and value.lower() != "false") + + if var_name != "gh_api_token": + log.debug(f"{env}={value}") headers = { 'Authorization': f"Bearer {gh_api_token}", diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 381ebbd..0c93a65 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -167,12 +167,15 @@ def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> No console_security_comment = Messages.create_console_security_alert_table(diff_report) save_sbom_file(diff_report, sbom_file_name) log.info(f"Socket Full Scan ID: {diff_report.id}") + if len(diff_report.new_alerts) > 0: log.info("Security issues detected by Socket Security") msg = f"\n{console_security_comment}" log.info(msg) + if not report_pass(diff_report) and not blocking_disabled: sys.exit(1) + else: # Means only warning alerts with no blocked if not blocking_disabled: @@ -188,7 +191,7 @@ def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: print(json.dumps(console_security_comment)) if not report_pass(diff_report) and not blocking_disabled: sys.exit(1) - elif len(diff_report.new_alerts) > 0 and not blocking_disabled: + if len(diff_report.new_alerts) > 0 and not blocking_disabled: # Means only warning alerts with no blocked sys.exit(5) @@ -252,6 +255,7 @@ def main_code(): ignore_commit_files = arguments.ignore_commit_files disable_blocking = arguments.disable_blocking allow_unverified = arguments.allow_unverified + if disable_blocking: global blocking_disabled blocking_disabled = True @@ -308,13 +312,20 @@ def main_code(): default_branch = scm.is_default_branch base_api_url = os.getenv("BASE_API_URL") or None - core = Core(token=api_token, request_timeout=1200, base_api_url=base_api_url, allow_unverified=allow_unverified) + + Core.initialize( + token=api_token, + request_timeout=1200, + base_api_url=base_api_url, + allow_unverified=allow_unverified + ) + no_change = True if ignore_commit_files: no_change = False elif is_repo and files is not None and len(files) > 0: log.info(files) - no_change = core.match_supported_files(files) + no_change = Core.match_supported_files(files) set_as_pending_head = False if default_branch: @@ -344,7 +355,7 @@ def main_code(): log.info("No manifest files changes, skipping scan") # log.info("No dependency changes") elif scm.check_event_type() == "diff": - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) + diff = Core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) log.info("Starting comment logic for PR/MR event") log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") comments = scm.get_comments_for_pr(repo, str(pr_number)) @@ -388,7 +399,7 @@ def main_code(): ) else: log.info("Starting non-PR/MR flow") - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) + diff = Core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if enable_json: log.debug("Outputting JSON Results") output_console_json(diff, sbom_file) @@ -397,7 +408,7 @@ def main_code(): else: log.info("API Mode") diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) + diff = Core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if enable_json: output_console_json(diff, sbom_file) else: @@ -418,7 +429,7 @@ def main_code(): "license_text": package.license_text } all_packages[package_id] = output - core.save_file(license_file, json.dumps(all_packages)) + Core.save_file(license_file, json.dumps(all_packages)) if __name__ == '__main__': From cf17c925e7c77e662d042c3387f47a7993ddc43c Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Wed, 6 Nov 2024 10:47:22 -0800 Subject: [PATCH 020/149] Revert "migrate from direct API usage to SDK (#29)" (#31) This reverts commit 978ea4772bb854e268d87d13b0e8473e8c6c82dd. --- .gitignore | 3 +- pyproject.toml | 90 +----------- requirements.txt | 3 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 234 ++++++++++++++++---------------- socketsecurity/core/github.py | 53 ++++---- socketsecurity/socketcli.py | 25 +--- 7 files changed, 159 insertions(+), 251 deletions(-) diff --git a/.gitignore b/.gitignore index 405a91f..5738fef 100644 --- a/.gitignore +++ b/.gitignore @@ -19,5 +19,4 @@ markdown_security_temp.md *.pyc test.py *.cpython-312.pyc` -file_generator.py -.env.local \ No newline at end of file +file_generator.py \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index 8d6d6e4..2c8ddf8 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -7,21 +7,13 @@ name = "socketsecurity" dynamic = ["version"] requires-python = ">= 3.9" dependencies = [ - 'requests >= 2.32.0', - 'mdutils ~= 1.6.0', + 'requests', + 'mdutils', 'prettytable', 'argparse', - 'GitPython >= 3.1.43', - 'packaging >= 24.1', - 'python-dotenv >= 1.0.1', + 'GitPython', + 'packaging' ] - -# modern, faster linter and language server. install with `pip install -e ".[dev]"` -[project.optional-dependencies] -dev = [ - "ruff>=0.3.0", -] - readme = "README.md" description = "Socket Security CLI for CI/CD" keywords = ["socketsecurity", "socket.dev", "sca", "oss", "security"] @@ -53,76 +45,4 @@ include = [ ] [tool.setuptools.dynamic] -version = {attr = "socketsecurity.__version__"} - -[tool.ruff] -# Exclude a variety of commonly ignored directories. -exclude = [ - ".bzr", - ".direnv", - ".eggs", - ".git", - ".git-rewrite", - ".hg", - ".ipynb_checkpoints", - ".mypy_cache", - ".nox", - ".pants.d", - ".pyenv", - ".pytest_cache", - ".pytype", - ".ruff_cache", - ".svn", - ".tox", - ".venv", - ".vscode", - "__pypackages__", - "_build", - "buck-out", - "build", - "dist", - "node_modules", - "site-packages", - "venv", -] - -[tool.ruff.lint] -# Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`) codes by default. -# Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or -# McCabe complexity (`C901`) by default. -select = ["E4", "E7", "E9", "F"] -ignore = [] - -# Allow fix for all enabled rules (when `--fix`) is provided. -fixable = ["ALL"] -unfixable = [] - -# Allow unused variables when underscore-prefixed. -dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$" - -[tool.ruff.format] -# Like Black, use double quotes for strings. -quote-style = "double" - -# Like Black, indent with spaces, rather than tabs. -indent-style = "space" - -# Like Black, respect magic trailing commas. -skip-magic-trailing-comma = false - -# Like Black, automatically detect the appropriate line ending. -line-ending = "auto" - -# Enable auto-formatting of code examples in docstrings. Markdown, -# reStructuredText code/literal blocks and doctests are all supported. -# -# This is currently disabled by default, but it is planned for this -# to be opt-out in the future. -docstring-code-format = false - -# Set the line length limit used when formatting code snippets in -# docstrings. -# -# This only has an effect when the `docstring-code-format` setting is -# enabled. -docstring-code-line-length = "dynamic" \ No newline at end of file +version = {attr = "socketsecurity.__version__"} \ No newline at end of file diff --git a/requirements.txt b/requirements.txt index b603f16..896774a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,5 +3,4 @@ mdutils~=1.6.0 prettytable argparse gitpython>=3.1.43 -packaging>=24.1 -python-dotenv>=1.0.1 +packaging>=24.1 \ No newline at end of file diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 5c40c13..554e76e 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.33' +__version__ = '1.0.32' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index adabae4..8dea47a 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -2,9 +2,9 @@ from pathlib import PurePath import requests +from urllib.parse import urlencode import base64 import json -from socketdev import socketdev from socketsecurity.core.exceptions import ( APIFailure, APIKeyMissing, APIAccessDenied, APIInsufficientQuota, APIResourceNotFound, APICloudflareError ) @@ -12,6 +12,7 @@ from socketsecurity.core.licenses import Licenses from socketsecurity.core.issues import AllIssues from socketsecurity.core.classes import ( + Report, Issue, Package, Alert, @@ -225,53 +226,34 @@ def do_request( class Core: - _sdk = None - _initialized = False + token: str + base_api_url: str + request_timeout: int + reports: list - def __init__(self): - raise NotImplementedError("Use Core.initialize() instead of instantiation") - - @classmethod - def initialize( - cls, + def __init__( + self, token: str, base_api_url: str = None, request_timeout: int = None, enable_all_alerts: bool = False, allow_unverified: bool = False - ) -> None: - """Initialize the Core class and set up global configuration""" - if cls._initialized: - return - - global allow_unverified_ssl, all_new_alerts - + ): + global allow_unverified_ssl allow_unverified_ssl = allow_unverified - cls._initialize_sdk(token) - encode_key(token + ":") - - if base_api_url is not None: - cls.set_api_url(base_api_url) - - if request_timeout is not None: - cls.set_timeout(request_timeout) - + self.token = token + ":" + encode_key(self.token) + self.socket_date_format = "%Y-%m-%dT%H:%M:%S.%fZ" + self.base_api_url = base_api_url + if self.base_api_url is not None: + Core.set_api_url(self.base_api_url) + self.request_timeout = request_timeout + if self.request_timeout is not None: + Core.set_timeout(self.request_timeout) if enable_all_alerts: + global all_new_alerts all_new_alerts = True - - cls._initialized = True - cls.set_org_vars() - - @classmethod - def _initialize_sdk(cls, token: str) -> None: - if cls._sdk is None: - cls._sdk = socketdev(token=token) - - @classmethod - def get_sdk(cls) -> socketdev: - if not cls._initialized: - raise RuntimeError("Core not initialized - call Core.initialize() first") - return cls._sdk + Core.set_org_vars() @staticmethod def enable_debug_log(level: int): @@ -315,50 +297,39 @@ def set_timeout(request_timeout: int): def get_org_id_slug() -> (str, str): """ Gets the Org ID and Org Slug for the API Token - :return: Tuple of Org ID and Org Slug + :return: """ + path = "organizations" + response = do_request(path) + data = response.json() + organizations = data.get("organizations") new_org_id = None new_org_slug = None - - sdk = Core.get_sdk() - data = sdk.org.get() - organizations = data.get("organizations") - if len(organizations) == 1: for key in organizations: new_org_id = key new_org_slug = organizations[key].get('slug') - return new_org_id, new_org_slug @staticmethod - def get_sbom_data(full_scan_id: str) -> dict: - sdk = Core.get_sdk() - response_dict = sdk.fullscans.stream(org_slug, full_scan_id) - - if not response_dict.get("success"): - results = [] - data = response_dict.get("message") + def get_sbom_data(full_scan_id: str) -> list: + path = f"orgs/{org_slug}/full-scans/{full_scan_id}" + response = do_request(path) + results = [] + try: + data = response.json() + results = data.get("sbom_artifacts") or [] + except Exception as error: + log.debug("Failed with old style full-scan API using new format") + log.debug(error) + data = response.text data.strip('"') data.strip() - for line in data.split("\n"): if line != '"' and line != "" and line is not None: item = json.loads(line) results.append(item) - - return results - - keys_to_remove = ["success", "status"] - for key in keys_to_remove: - response_dict.pop(key, None) - - for key in response_dict: - value = response_dict.get(key) - response_dict[key] = Package(**value) - - return response_dict - + return results @staticmethod def get_security_policy() -> dict: @@ -366,21 +337,23 @@ def get_security_policy() -> dict: Get the Security policy and determine the effective Org security policy :return: """ - - sdk = Core.get_sdk() - data = sdk.settings.get(org_id) - + path = "settings" + payload = [ + { + "organization": org_id + } + ] + response = do_request(path, payload=json.dumps(payload), method="POST") + data = response.json() defaults = data.get("defaults") default_rules = defaults.get("issueRules") entries = data.get("entries") org_rules = {} - for org_set in entries: settings = org_set.get("settings") if settings is not None: org_details = settings.get("organization") org_rules = org_details.get("issueRules") - for default in default_rules: if default not in org_rules: action = default_rules[default]["action"] @@ -389,6 +362,10 @@ def get_security_policy() -> dict: } return org_rules + # @staticmethod + # def get_supported_file_types() -> dict: + # path = "report/supported" + @staticmethod def get_manifest_files(package: Package, packages: dict) -> str: if package.direct: @@ -411,16 +388,15 @@ def get_manifest_files(package: Package, packages: dict) -> str: @staticmethod def create_sbom_output(diff: Diff) -> dict: - sdk = Core.get_sdk() - sbom = sdk.export.cdx_bom(org_slug, diff.id) - - if not sbom.get("success"): + base_path = f"orgs/{org_slug}/export/cdx" + path = f"{base_path}/{diff.id}" + result = do_request(path=path) + try: + sbom = result.json() + except Exception as error: log.error(f"Unable to get CycloneDX Output for {diff.id}") - log.error(sbom.get("message")) - return {} - - sbom.pop("success", None) - + log.error(error) + sbom = {} return sbom @staticmethod @@ -431,7 +407,7 @@ def match_supported_files(files: list) -> bool: patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] - + # path_pattern = f"**/{pattern}" for file in files: if "\\" in file: file = file.replace("\\", "/") @@ -449,12 +425,11 @@ def find_files(path: str) -> list: :param path: Str - path to where the manifest files are located :return: """ - + log.debug("Starting Find Files") start_time = time.time() files = set() for ecosystem in socket_globs: patterns = socket_globs[ecosystem] - for file_name in patterns: pattern = patterns[file_name]["pattern"] file_path = f"{path}/**/{pattern}" @@ -462,15 +437,14 @@ def find_files(path: str) -> list: log.debug(f"Globbing {file_path}") glob_start = time.time() glob_files = glob(file_path, recursive=True) - for glob_file in glob_files: if glob_file not in files: files.add(glob_file) - glob_end = time.time() glob_total_time = glob_end - glob_start log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") + log.debug("Finished Find Files") end_time = time.time() total_time = end_time - start_time log.info(f"Found {len(files)} in {total_time:.2f} seconds") @@ -487,7 +461,7 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful """ send_files = [] create_full_start = time.time() - + log.debug("Creating new full scan") for file in files: if platform.system() == "Windows": file = file.replace("\\", "/") @@ -511,12 +485,10 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful ) ) send_files.append(payload) - - sdk = Core.get_sdk() - params_dict = params.__dict__ - params_dict["org_slug"] = org_slug - results = sdk.fullscans.post(files=files, params=params_dict) - + query_params = urlencode(params.__dict__) + full_uri = f"{full_scan_path}?{query_params}" + response = do_request(full_uri, method="POST", files=send_files) + results = response.json() full_scan = FullScan(**results) full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) create_full_end = time.time() @@ -541,13 +513,26 @@ def get_head_scan_for_repo(repo_slug: str): :param repo_slug: Str - Repo slug for the repository that is being diffed :return: """ - - sdk = Core.get_sdk() - results = sdk.repos.repo(org_slug, repo_slug) + repo_path = f"{repository_path}/{repo_slug}" + response = do_request(repo_path) + results = response.json() repository = Repository(**results) - return repository.head_full_scan_id + @staticmethod + def get_full_scan(full_scan_id: str) -> FullScan: + """ + Get the specified full scan and return a FullScan object + :param full_scan_id: str - ID of the full scan to pull + :return: + """ + full_scan_url = f"{full_scan_path}/{full_scan_id}" + response = do_request(full_scan_url) + results = response.json() + full_scan = FullScan(**results) + full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) + return full_scan + @staticmethod def create_new_diff( path: str, @@ -570,13 +555,11 @@ def create_new_diff( diff = Diff() diff.id = "no_diff_id" return diff - files = Core.find_files(path) if files is None or len(files) == 0: diff = Diff() diff.id = "no_diff_id" return diff - try: head_full_scan_id = Core.get_head_scan_for_repo(params.repo) if head_full_scan_id is None or head_full_scan_id == "": @@ -587,35 +570,29 @@ def create_new_diff( head_end = time.time() total_head_time = head_end - head_start log.info(f"Total time to get head full-scan {total_head_time: .2f}") - except APIResourceNotFound: head_full_scan_id = None head_full_scan = [] - new_scan_start = time.time() new_full_scan = Core.create_full_scan(files, params, workspace) - new_full_scan.packages = new_full_scan.sbom_artifacts + new_full_scan.packages = Core.create_sbom_dict(new_full_scan.sbom_artifacts) new_scan_end = time.time() - total_new_time = new_scan_end - new_scan_start log.info(f"Total time to get new full-scan {total_new_time: .2f}") - diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan) diff_report.packages = new_full_scan.packages - + # Set the diff ID and URLs base_socket = "https://socket.dev/dashboard/org" diff_report.id = new_full_scan.id diff_report.report_url = f"{base_socket}/{org_slug}/sbom/{diff_report.id}" - if head_full_scan_id is not None: diff_report.diff_url = f"{base_socket}/{org_slug}/diff/{diff_report.id}/{head_full_scan_id}" else: diff_report.diff_url = diff_report.report_url - return diff_report @staticmethod - def compare_sboms(new_scan: dict, head_scan: dict) -> Diff: + def compare_sboms(new_scan: list, head_scan: list) -> Diff: """ compare the SBOMs of the new full Scan and the head full scan. Return a Diff report with new packages, removed packages, and new alerts for the new full scan compared to the head. @@ -623,33 +600,28 @@ def compare_sboms(new_scan: dict, head_scan: dict) -> Diff: :param head_scan: FullScan - Current head FullScan for the repository :return: """ - diff: Diff = Diff() - new_packages = new_scan - head_packages = head_scan - + diff: Diff + diff = Diff() + new_packages = Core.create_sbom_dict(new_scan) + head_packages = Core.create_sbom_dict(head_scan) new_scan_alerts = {} head_scan_alerts = {} consolidated = set() - for package_id in new_packages: purl, package = Core.create_purl(package_id, new_packages) base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" - if package_id not in head_packages and package.direct and base_purl not in consolidated: diff.new_packages.append(purl) consolidated.add(base_purl) new_scan_alerts = Core.create_issue_alerts(package, new_scan_alerts, new_packages) - for package_id in head_packages: purl, package = Core.create_purl(package_id, head_packages) if package_id not in new_packages and package.direct: diff.removed_packages.append(purl) head_scan_alerts = Core.create_issue_alerts(package, head_scan_alerts, head_packages) - diff.new_alerts = Core.compare_issue_alerts(new_scan_alerts, head_scan_alerts, diff.new_alerts) diff.new_capabilities = Core.compare_capabilities(new_packages, head_packages) diff = Core.add_capabilities_to_purl(diff) - return diff @staticmethod @@ -855,6 +827,32 @@ def create_purl(package_id: str, packages: dict) -> (Purl, Package): ) return purl, package + @staticmethod + def create_sbom_dict(sbom: list) -> dict: + """ + Converts the SBOM Artifacts from the FulLScan into a Dictionary for parsing + :param sbom: list - Raw artifacts for the SBOM + :return: + """ + packages = {} + top_level_count = {} + for item in sbom: + package = Package(**item) + if package.id in packages: + print("Duplicate package?") + else: + package = Core.get_license_details(package) + packages[package.id] = package + for top_id in package.topLevelAncestors: + if top_id not in top_level_count: + top_level_count[top_id] = 1 + else: + top_level_count[top_id] += 1 + if len(top_level_count) > 0: + for package_id in top_level_count: + packages[package_id].transitives = top_level_count[package_id] + return packages + @staticmethod def save_file(file_name: str, content: str) -> None: file = open(file_name, "w") diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py index cad7001..bd24339 100644 --- a/socketsecurity/core/github.py +++ b/socketsecurity/core/github.py @@ -1,29 +1,30 @@ import json import os from socketsecurity.core import log, do_request +import requests from socketsecurity.core.classes import Comment from socketsecurity.core.scm_comments import Comments import sys -github_sha = None -github_api_url = None -github_ref_type = None -github_event_name = None -github_workspace = None -github_repository = None -github_ref_name = None -github_actor = None -default_branch = None -github_env = None -pr_number = None -pr_name = None -is_default_branch = False -commit_message = None -committer = None -gh_api_token = None -github_repository_owner = None -event_action = None +global github_sha +global github_api_url +global github_ref_type +global github_event_name +global github_workspace +global github_repository +global github_ref_name +global github_actor +global default_branch +global github_env +global pr_number +global pr_name +global is_default_branch +global commit_message +global committer +global gh_api_token +global github_repository_owner +global event_action github_variables = [ "GITHUB_SHA", @@ -46,14 +47,16 @@ for env in github_variables: var_name = env.lower() - value = os.getenv(env) - globals()[var_name] = value - + globals()[var_name] = os.getenv(env) or None if var_name == "default_branch": - is_default_branch = bool(value and value.lower() != "false") - - if var_name != "gh_api_token": - log.debug(f"{env}={value}") + global is_default_branch + if default_branch is None or default_branch.lower() == "false": + is_default_branch = False + else: + is_default_branch = True + if var_name != "gh_api_token": + value = globals()[var_name] = os.getenv(env) or None + log.debug(f"{env}={value}") headers = { 'Authorization': f"Bearer {gh_api_token}", diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 0c93a65..381ebbd 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -167,15 +167,12 @@ def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> No console_security_comment = Messages.create_console_security_alert_table(diff_report) save_sbom_file(diff_report, sbom_file_name) log.info(f"Socket Full Scan ID: {diff_report.id}") - if len(diff_report.new_alerts) > 0: log.info("Security issues detected by Socket Security") msg = f"\n{console_security_comment}" log.info(msg) - if not report_pass(diff_report) and not blocking_disabled: sys.exit(1) - else: # Means only warning alerts with no blocked if not blocking_disabled: @@ -191,7 +188,7 @@ def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: print(json.dumps(console_security_comment)) if not report_pass(diff_report) and not blocking_disabled: sys.exit(1) - if len(diff_report.new_alerts) > 0 and not blocking_disabled: + elif len(diff_report.new_alerts) > 0 and not blocking_disabled: # Means only warning alerts with no blocked sys.exit(5) @@ -255,7 +252,6 @@ def main_code(): ignore_commit_files = arguments.ignore_commit_files disable_blocking = arguments.disable_blocking allow_unverified = arguments.allow_unverified - if disable_blocking: global blocking_disabled blocking_disabled = True @@ -312,20 +308,13 @@ def main_code(): default_branch = scm.is_default_branch base_api_url = os.getenv("BASE_API_URL") or None - - Core.initialize( - token=api_token, - request_timeout=1200, - base_api_url=base_api_url, - allow_unverified=allow_unverified - ) - + core = Core(token=api_token, request_timeout=1200, base_api_url=base_api_url, allow_unverified=allow_unverified) no_change = True if ignore_commit_files: no_change = False elif is_repo and files is not None and len(files) > 0: log.info(files) - no_change = Core.match_supported_files(files) + no_change = core.match_supported_files(files) set_as_pending_head = False if default_branch: @@ -355,7 +344,7 @@ def main_code(): log.info("No manifest files changes, skipping scan") # log.info("No dependency changes") elif scm.check_event_type() == "diff": - diff = Core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) log.info("Starting comment logic for PR/MR event") log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") comments = scm.get_comments_for_pr(repo, str(pr_number)) @@ -399,7 +388,7 @@ def main_code(): ) else: log.info("Starting non-PR/MR flow") - diff = Core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if enable_json: log.debug("Outputting JSON Results") output_console_json(diff, sbom_file) @@ -408,7 +397,7 @@ def main_code(): else: log.info("API Mode") diff: Diff - diff = Core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) + diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) if enable_json: output_console_json(diff, sbom_file) else: @@ -429,7 +418,7 @@ def main_code(): "license_text": package.license_text } all_packages[package_id] = output - Core.save_file(license_file, json.dumps(all_packages)) + core.save_file(license_file, json.dumps(all_packages)) if __name__ == '__main__': From 09995c3671891e8f3a5c891f061aeac3a0841ca3 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Tue, 19 Nov 2024 10:12:18 -0800 Subject: [PATCH 021/149] Eric/cus 10 add automation for deploying to test pypi and prod (#32) * github actions for test and release automation --- .github/workflows/docker-stable.yml | 37 +++++++ .github/workflows/pr-preview.yml | 154 ++++++++++++++++++++++++++++ .github/workflows/release.yml | 99 ++++++++++++++++++ .github/workflows/version-check.yml | 90 ++++++++++++++++ .gitignore | 3 +- Dockerfile | 6 +- pyproject.toml | 4 +- socketsecurity/__init__.py | 2 +- 8 files changed, 390 insertions(+), 5 deletions(-) create mode 100644 .github/workflows/docker-stable.yml create mode 100644 .github/workflows/pr-preview.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/version-check.yml diff --git a/.github/workflows/docker-stable.yml b/.github/workflows/docker-stable.yml new file mode 100644 index 0000000..0f113b0 --- /dev/null +++ b/.github/workflows/docker-stable.yml @@ -0,0 +1,37 @@ +name: Mark Release as Stable +on: + workflow_dispatch: + inputs: + version: + description: 'Version to mark as stable (e.g., 1.2.3)' + required: true + +jobs: + stable: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - name: Check if version exists in PyPI + id: version_check + run: | + if ! curl -s -f https://pypi.org/pypi/socketsecurity/${{ inputs.version }}/json > /dev/null; then + echo "Error: Version ${{ inputs.version }} not found on PyPI" + exit 1 + fi + echo "Version ${{ inputs.version }} found on PyPI - proceeding with release" + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build & Push Stable Docker + uses: docker/build-push-action@v5 + with: + push: true + platforms: linux/amd64,linux/arm64 + tags: socketdev/cli:stable + build-args: | + CLI_VERSION=${{ inputs.version }} \ No newline at end of file diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml new file mode 100644 index 0000000..8fdd667 --- /dev/null +++ b/.github/workflows/pr-preview.yml @@ -0,0 +1,154 @@ +name: PR Preview +on: + pull_request: + types: [opened, synchronize] + +jobs: + preview: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Set preview version + run: | + BASE_VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'") + PREVIEW_VERSION="${BASE_VERSION}.dev${{ github.event.pull_request.number }}${{ github.event.pull_request.commits }}" + echo "VERSION=${PREVIEW_VERSION}" >> $GITHUB_ENV + + # Update version in __init__.py + echo "__version__ = \"${PREVIEW_VERSION}\"" > socketsecurity/__init__.py.tmp + cat socketsecurity/__init__.py | grep -v "__version__" >> socketsecurity/__init__.py.tmp + mv socketsecurity/__init__.py.tmp socketsecurity/__init__.py + + # Verify the change + echo "Updated version in __init__.py:" + cat socketsecurity/__init__.py | grep "__version__" + + - name: Check if version exists on Test PyPI + id: version_check + env: + VERSION: ${{ env.VERSION }} + run: | + if curl -s -f https://test.pypi.org/pypi/socketsecurity/$VERSION/json > /dev/null; then + echo "Version ${VERSION} already exists on Test PyPI" + echo "exists=true" >> $GITHUB_OUTPUT + else + echo "Version ${VERSION} not found on Test PyPI" + echo "exists=false" >> $GITHUB_OUTPUT + fi + + - name: Build package + if: steps.version_check.outputs.exists != 'true' + run: | + pip install build + python -m build + + - name: Restore original version + if: always() + run: | + BASE_VERSION=$(echo $VERSION | cut -d'.' -f1-3) + echo "__version__ = \"${BASE_VERSION}\"" > socketsecurity/__init__.py.tmp + cat socketsecurity/__init__.py | grep -v "__version__" >> socketsecurity/__init__.py.tmp + mv socketsecurity/__init__.py.tmp socketsecurity/__init__.py + + - name: Publish to Test PyPI + if: steps.version_check.outputs.exists != 'true' + uses: pypa/gh-action-pypi-publish@v1.8.11 + with: + repository-url: https://test.pypi.org/legacy/ + password: ${{ secrets.TEST_PYPI_TOKEN }} + verbose: true + + - name: Comment on PR + if: steps.version_check.outputs.exists != 'true' + uses: actions/github-script@v7 + env: + VERSION: ${{ env.VERSION }} + with: + script: | + const version = process.env.VERSION; + const prNumber = context.payload.pull_request.number; + const owner = context.repo.owner; + const repo = context.repo.repo; + // Find existing bot comments + const comments = await github.rest.issues.listComments({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: prNumber, + }); + + const botComment = comments.data.find(comment => + comment.user.type === 'Bot' && + comment.body.includes('🚀 Preview package published!') + ); + + const comment = ` + 🚀 Preview package published! + + Install with: + \`\`\`bash + pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==${version} + \`\`\` + + Docker image: \`socketdev/cli:pr-${prNumber}\` + `; + + if (botComment) { + // Update existing comment + await github.rest.issues.updateComment({ + owner: owner, + repo: repo, + comment_id: botComment.id, + body: comment + }); + } else { + // Create new comment + await github.rest.issues.createComment({ + owner: owner, + repo: repo, + issue_number: prNumber, + body: comment + }); + } + + - name: Verify package is available + if: steps.version_check.outputs.exists != 'true' + id: verify_package + env: + VERSION: ${{ env.VERSION }} + run: | + for i in {1..30}; do + if pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==${VERSION}; then + echo "Package ${VERSION} is now available and installable on Test PyPI" + pip uninstall -y socketsecurity + echo "success=true" >> $GITHUB_OUTPUT + exit 0 + fi + echo "Attempt $i: Package not yet installable, waiting 20s... (${i}/30)" + sleep 20 + done + echo "success=false" >> $GITHUB_OUTPUT + exit 1 + + - name: Login to Docker Hub + if: steps.verify_package.outputs.success == 'true' + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build & Push Docker Preview + if: steps.verify_package.outputs.success == 'true' + uses: docker/build-push-action@v5 + env: + VERSION: ${{ env.VERSION }} + with: + push: true + tags: socketdev/cli:pr-${{ github.event.pull_request.number }} + build-args: | + CLI_VERSION=${{ env.VERSION }} + PIP_INDEX_URL=https://test.pypi.org/simple + PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..1004ce6 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,99 @@ +name: Release +on: + push: + tags: + - 'v*' + +jobs: + release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Get Version + id: version + run: | + RAW_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)") + echo "VERSION=$RAW_VERSION" >> $GITHUB_ENV + if [ "v$RAW_VERSION" != "${{ github.ref_name }}" ]; then + echo "Error: Git tag (${{ github.ref_name }}) does not match package version (v$RAW_VERSION)" + exit 1 + fi + + - name: Check if version exists on PyPI + id: version_check + env: + VERSION: ${{ env.VERSION }} + run: | + if curl -s -f https://pypi.org/pypi/socketsecurity/$VERSION/json > /dev/null; then + echo "Version ${VERSION} already exists on PyPI" + echo "pypi_exists=true" >> $GITHUB_OUTPUT + else + echo "Version ${VERSION} not found on PyPI - proceeding with PyPI deployment" + echo "pypi_exists=false" >> $GITHUB_OUTPUT + fi + + - name: Check Docker image existence + id: docker_check + env: + VERSION: ${{ env.VERSION }} + run: | + if curl -s -f "https://hub.docker.com/v2/repositories/socketdev/cli/tags/${{ env.VERSION }}" > /dev/null; then + echo "Docker image socketdev/cli:${VERSION} already exists" + echo "docker_exists=true" >> $GITHUB_OUTPUT + else + echo "docker_exists=false" >> $GITHUB_OUTPUT + fi + + - name: Build package + if: steps.version_check.outputs.pypi_exists != 'true' + run: | + pip install build + python -m build + + - name: Publish to PyPI + if: steps.version_check.outputs.pypi_exists != 'true' + uses: pypa/gh-action-pypi-publish@v1.8.11 + with: + password: ${{ secrets.PYPI_TOKEN }} + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Verify package is installable + id: verify_package + env: + VERSION: ${{ env.VERSION }} + run: | + for i in {1..30}; do + if pip install socketsecurity==${VERSION}; then + echo "Package ${VERSION} is now available and installable on PyPI" + pip uninstall -y socketsecurity + echo "success=true" >> $GITHUB_OUTPUT + exit 0 + fi + echo "Attempt $i: Package not yet installable, waiting 20s... (${i}/30)" + sleep 20 + done + echo "success=false" >> $GITHUB_OUTPUT + exit 1 + + - name: Build & Push Docker + if: | + steps.verify_package.outputs.success == 'true' && + steps.docker_check.outputs.docker_exists != 'true' + uses: docker/build-push-action@v5 + env: + VERSION: ${{ env.VERSION }} + with: + push: true + platforms: linux/amd64,linux/arm64 + tags: | + socketdev/cli:latest + socketdev/cli:${{ env.VERSION }} \ No newline at end of file diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml new file mode 100644 index 0000000..96cdc09 --- /dev/null +++ b/.github/workflows/version-check.yml @@ -0,0 +1,90 @@ +name: Version Check +on: + pull_request: + types: [opened, synchronize] + paths: + - 'socketsecurity/**' + - 'setup.py' + - 'pyproject.toml' + +jobs: + check_version: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Fetch all history for all branches + + - name: Check version increment + id: version_check + run: | + # Get version from current PR + PR_VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'") + echo "PR_VERSION=$PR_VERSION" >> $GITHUB_ENV + + # Get version from main branch + git checkout origin/main + MAIN_VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'") + echo "MAIN_VERSION=$MAIN_VERSION" >> $GITHUB_ENV + + # Compare versions using Python + python3 -c " + from packaging import version + pr_ver = version.parse('${PR_VERSION}') + main_ver = version.parse('${MAIN_VERSION}') + if pr_ver <= main_ver: + print(f'❌ Version must be incremented! Main: {main_ver}, PR: {pr_ver}') + exit(1) + print(f'✅ Version properly incremented from {main_ver} to {pr_ver}') + " + + - name: Manage PR Comment + uses: actions/github-script@v7 + if: always() + env: + MAIN_VERSION: ${{ env.MAIN_VERSION }} + PR_VERSION: ${{ env.PR_VERSION }} + CHECK_RESULT: ${{ steps.version_check.outcome }} + with: + script: | + const success = process.env.CHECK_RESULT === 'success'; + const prNumber = context.payload.pull_request.number; + const owner = context.repo.owner; + const repo = context.repo.repo; + const comments = await github.rest.issues.listComments({ + owner: owner, + repo: repo, + issue_number: prNumber, + }); + + const versionComment = comments.data.find(comment => + comment.user.type === 'Bot' && + comment.body.includes('Version Check') + ); + + if (versionComment) { + if (success) { + // Delete the warning comment if check passes + await github.rest.issues.deleteComment({ + owner: owner, + repo: repo, + comment_id: versionComment.id + }); + } else { + // Update existing warning + await github.rest.issues.updateComment({ + owner: owner, + repo: repo, + comment_id: versionComment.id, + body: `❌ **Version Check Failed**\n\nPlease increment...` + }); + } + } else if (!success) { + // Create new warning comment only if check fails + await github.rest.issues.createComment({ + owner: owner, + repo: repo, + issue_number: prNumber, + body: `❌ **Version Check Failed**\n\nPlease increment...` + }); + } \ No newline at end of file diff --git a/.gitignore b/.gitignore index 5738fef..405a91f 100644 --- a/.gitignore +++ b/.gitignore @@ -19,4 +19,5 @@ markdown_security_temp.md *.pyc test.py *.cpython-312.pyc` -file_generator.py \ No newline at end of file +file_generator.py +.env.local \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 569e2fd..949ec58 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,12 @@ FROM python:3-alpine LABEL org.opencontainers.image.authors="socket.dev" ARG CLI_VERSION +ARG PIP_INDEX_URL=https://pypi.org/simple +ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple + RUN apk update \ && apk add --no-cache git nodejs npm yarn -RUN pip install socketsecurity --upgrade \ + +RUN pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION \ && socketcli -v \ && socketcli -v | grep -q $CLI_VERSION \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index 2c8ddf8..7ff90d9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -10,9 +10,8 @@ dependencies = [ 'requests', 'mdutils', 'prettytable', - 'argparse', 'GitPython', - 'packaging' + 'packaging', ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -32,6 +31,7 @@ classifiers = [ "Programming Language :: Python :: 3.12", ] + [project.scripts] socketcli = "socketsecurity.socketcli:cli" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 554e76e..9a1ba0c 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.32' +__version__ = '1.0.36' From f874edb2804c0d4ecfe88118c4bd97e5ed717b18 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Thu, 5 Dec 2024 14:20:45 -0800 Subject: [PATCH 022/149] added pipfile.lock to socket globs (#34) * added pipfile.lock to socket globs --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 9a1ba0c..3b32376 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.36' +__version__ = '1.0.37' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 8dea47a..a27de59 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -116,6 +116,9 @@ }, "setup.py": { "pattern": "setup.py" + }, + "pipfile.lock": { + "pattern": "pipfile.lock" } }, "golang": { From 6d4fc56faee68d3a4764f1f80f84710635bdaf05 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Thu, 19 Dec 2024 10:19:35 -0800 Subject: [PATCH 023/149] manifest file search now case-insensitive (#35) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 38 +++++++++++++++++++++------------ 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 3b32376..2cb21d0 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.37' +__version__ = '1.0.38' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index a27de59..0291a40 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -410,12 +410,15 @@ def match_supported_files(files: list) -> bool: patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] - # path_pattern = f"**/{pattern}" for file in files: if "\\" in file: file = file.replace("\\", "/") - if PurePath(file).match(pattern): - matched_files.append(file) + # Split path and filename + path_parts = PurePath(file).parts + if path_parts: + # Compare only the filename portion case-insensitively + if PurePath(path_parts[-1].lower()).match(pattern.lower()): + matched_files.append(file) if len(matched_files) == 0: not_matched = True return not_matched @@ -435,17 +438,24 @@ def find_files(path: str) -> list: patterns = socket_globs[ecosystem] for file_name in patterns: pattern = patterns[file_name]["pattern"] - file_path = f"{path}/**/{pattern}" - - log.debug(f"Globbing {file_path}") - glob_start = time.time() - glob_files = glob(file_path, recursive=True) - for glob_file in glob_files: - if glob_file not in files: - files.add(glob_file) - glob_end = time.time() - glob_total_time = glob_end - glob_start - log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") + # Keep path as-is but try filename variations + file_paths = [ + f"{path}/**/{pattern}", + f"{path}/**/{pattern.lower()}", + f"{path}/**/{pattern.upper()}", + f"{path}/**/{pattern.capitalize()}" + ] + + for file_path in file_paths: + log.debug(f"Globbing {file_path}") + glob_start = time.time() + glob_files = glob(file_path, recursive=True) + for glob_file in glob_files: + if glob_file not in files: + files.add(glob_file) + glob_end = time.time() + glob_total_time = glob_end - glob_start + log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") log.debug("Finished Find Files") end_time = time.time() From f394b6658d929380ca40a1b0060db3cd61fa70b6 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 21 Jan 2025 11:18:04 -0800 Subject: [PATCH 024/149] Fixed the logic for case insensitive to not do multiple globs but still keep the correct path names (#38) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 40 +++++++++++++++++---------------- 2 files changed, 22 insertions(+), 20 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 2cb21d0..1f6ac0d 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.38' +__version__ = '1.0.40' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 0291a40..104a238 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -437,25 +437,17 @@ def find_files(path: str) -> list: for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: - pattern = patterns[file_name]["pattern"] - # Keep path as-is but try filename variations - file_paths = [ - f"{path}/**/{pattern}", - f"{path}/**/{pattern.lower()}", - f"{path}/**/{pattern.upper()}", - f"{path}/**/{pattern.capitalize()}" - ] - - for file_path in file_paths: - log.debug(f"Globbing {file_path}") - glob_start = time.time() - glob_files = glob(file_path, recursive=True) - for glob_file in glob_files: - if glob_file not in files: - files.add(glob_file) - glob_end = time.time() - glob_total_time = glob_end - glob_start - log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") + pattern = Core.to_case_insensitive_regex(patterns[file_name]["pattern"]) + file_path = f"{path}/**/{pattern}" + log.debug(f"Globbing {file_path}") + glob_start = time.time() + glob_files = glob(file_path, recursive=True) + for glob_file in glob_files: + if glob_file not in files: + files.add(glob_file) + glob_end = time.time() + glob_total_time = glob_end - glob_start + log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") log.debug("Finished Find Files") end_time = time.time() @@ -872,6 +864,16 @@ def save_file(file_name: str, content: str) -> None: file.write(content) file.close() + @staticmethod + def to_case_insensitive_regex(input_string: str) -> str: + """ + Converts a string into a case-insensitive regex format. + Example: "pipfile" -> "[Pp][Ii][Pp][Ff][Ii][Ll][Ee]" + :param input_string: The input string to convert. + :return: A case-insensitive regex string. + """ + return ''.join(f'[{char.lower()}{char.upper()}]' if char.isalpha() else char for char in input_string) + # @staticmethod # def create_license_file(diff: Diff) -> None: # output = [] From d769d0c7f5d413546f90271ff076a264be48d3e7 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Tue, 21 Jan 2025 13:28:19 -0800 Subject: [PATCH 025/149] added buildx setup in workflows, fixed an issue in the build container script (#39) --- .github/workflows/docker-stable.yml | 6 ++++++ .github/workflows/pr-preview.yml | 10 +++++++++- .github/workflows/release.yml | 6 ++++++ scripts/build_container.sh | 4 ++-- 4 files changed, 23 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-stable.yml b/.github/workflows/docker-stable.yml index 0f113b0..4461498 100644 --- a/.github/workflows/docker-stable.yml +++ b/.github/workflows/docker-stable.yml @@ -27,6 +27,12 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build & Push Stable Docker uses: docker/build-push-action@v5 with: diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index 8fdd667..cc97ac2 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -140,6 +140,12 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build & Push Docker Preview if: steps.verify_package.outputs.success == 'true' uses: docker/build-push-action@v5 @@ -147,7 +153,9 @@ jobs: VERSION: ${{ env.VERSION }} with: push: true - tags: socketdev/cli:pr-${{ github.event.pull_request.number }} + platforms: linux/amd64,linux/arm64 + tags: | + socketdev/cli:pr-${{ github.event.pull_request.number }} build-args: | CLI_VERSION=${{ env.VERSION }} PIP_INDEX_URL=https://test.pypi.org/simple diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1004ce6..abf4e0b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -66,6 +66,12 @@ jobs: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Verify package is installable id: verify_package env: diff --git a/scripts/build_container.sh b/scripts/build_container.sh index a0c2a1b..de96fa0 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -26,8 +26,8 @@ if [ $ENABLE_PYPI_BUILD = "pypi-build=test" ]; then python -m build --wheel --sdist twine upload --repository testpypi dist/*$VERSION* sleep 120 - docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ - && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION-test . \ + && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:test . \ && docker push socketdev/cli:$VERSION-test \ && docker push socketdev/cli:test fi From 728b5e1e3260fe345954a739fc370bc5b0ce90d3 Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 22 Jan 2025 18:57:32 -0800 Subject: [PATCH 026/149] Doug/improve timeout and error handling (#40) # Change log * Fixed an issue where if the top level package id in sources didn't exist it could cause the CLI to fail with an unhandled exception * Added a configurable timeout for requests * Added the new flag to the documentation --- README.md | 3 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 64 ++++++++++++++++++++----------- socketsecurity/core/exceptions.py | 4 ++ socketsecurity/socketcli.py | 14 ++++++- 5 files changed, 62 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 6e89d7a..dd76c20 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ The Socket Security CLI was created to enable integrations with other tools like socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr_number PR_NUMBER] [--commit_message COMMIT_MESSAGE] [--default_branch] [--target_path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE] [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--disable-overview] - [--disable-security-issue] [--files FILES] [--ignore-commit-files] + [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout] ```` If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` @@ -38,3 +38,4 @@ If you don't want to provide the Socket API Token every time then you can use th | --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. | | --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | | --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 | +| --timeout | | False | 1200 | The timeout per request for the CLI | diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 1f6ac0d..48e740d 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.40' +__version__ = '1.0.41' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 104a238..4855b51 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,12 +1,18 @@ import logging from pathlib import PurePath - +from requests.exceptions import ReadTimeout import requests from urllib.parse import urlencode import base64 import json from socketsecurity.core.exceptions import ( - APIFailure, APIKeyMissing, APIAccessDenied, APIInsufficientQuota, APIResourceNotFound, APICloudflareError + APIFailure, + APIKeyMissing, + APIAccessDenied, + APIInsufficientQuota, + APIResourceNotFound, + APICloudflareError, + RequestTimeoutExceeded ) from socketsecurity import __version__ from socketsecurity.core.licenses import Licenses @@ -182,15 +188,18 @@ def do_request( verify = True if allow_unverified_ssl: verify = False - response = requests.request( - method.upper(), - url, - headers=headers, - data=payload, - files=files, - timeout=timeout, - verify=verify - ) + try: + response = requests.request( + method.upper(), + url, + headers=headers, + data=payload, + files=files, + timeout=timeout, + verify=verify + ) + except ReadTimeout: + raise RequestTimeoutExceeded(f"Configured timeout {timeout} reached for request for path {url}") output_headers = headers.copy() output_headers['Authorization'] = "API_KEY_REDACTED" output = { @@ -794,15 +803,18 @@ def get_source_data(package: Package, packages: dict) -> list: else: for top_id in package.topLevelAncestors: top_package: Package - top_package = packages[top_id] - manifests = "" - top_purl = f"{top_package.type}/{top_package.name}@{top_package.version}" - for manifest_data in top_package.manifestFiles: - manifest_file = manifest_data.get("file") - manifests += f"{manifest_file};" - manifests = manifests.rstrip(";") - source = (top_purl, manifests) - introduced_by.append(source) + top_package = packages.get(top_id) + if top_package: + manifests = "" + top_purl = f"{top_package.type}/{top_package.name}@{top_package.version}" + for manifest_data in top_package.manifestFiles: + manifest_file = manifest_data.get("file") + manifests += f"{manifest_file};" + manifests = manifests.rstrip(";") + source = (top_purl, manifests) + introduced_by.append(source) + else: + log.debug(f"Unable to get top level package info for {top_id}") return introduced_by @staticmethod @@ -841,21 +853,29 @@ def create_sbom_dict(sbom: list) -> dict: """ packages = {} top_level_count = {} + top_levels = {} for item in sbom: package = Package(**item) if package.id in packages: - print("Duplicate package?") + log.debug("Duplicate package?") else: package = Core.get_license_details(package) packages[package.id] = package for top_id in package.topLevelAncestors: if top_id not in top_level_count: top_level_count[top_id] = 1 + top_levels[top_id] = [package.id] else: top_level_count[top_id] += 1 + if package.id not in top_levels[top_id]: + top_levels[top_id].append(package.id) if len(top_level_count) > 0: for package_id in top_level_count: - packages[package_id].transitives = top_level_count[package_id] + if package_id not in packages: + details = top_levels.get(package_id) + log.debug(f"Orphaned top level package id {package_id} for packages {details}") + else: + packages[package_id].transitives = top_level_count[package_id] return packages @staticmethod diff --git a/socketsecurity/core/exceptions.py b/socketsecurity/core/exceptions.py index e23b107..03e69b8 100644 --- a/socketsecurity/core/exceptions.py +++ b/socketsecurity/core/exceptions.py @@ -36,3 +36,7 @@ class APIInsufficientQuota(Exception): class APIResourceNotFound(Exception): """Raised when access is denied to the API""" pass + +class RequestTimeoutExceeded(Exception): + """Raised when access is denied to the API""" + pass \ No newline at end of file diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 381ebbd..ac9dd48 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -161,6 +161,16 @@ default=False ) +parser.add_argument( + '--timeout', + default=1200, + help='Timeout configuration for each request. Defaults to 1200 and applies to each unique HTTP request', + required=False, + type=float +) + + + def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: if diff_report.id != "NO_DIFF_RAN": @@ -252,6 +262,8 @@ def main_code(): ignore_commit_files = arguments.ignore_commit_files disable_blocking = arguments.disable_blocking allow_unverified = arguments.allow_unverified + timeout = arguments.timeout + if disable_blocking: global blocking_disabled blocking_disabled = True @@ -308,7 +320,7 @@ def main_code(): default_branch = scm.is_default_branch base_api_url = os.getenv("BASE_API_URL") or None - core = Core(token=api_token, request_timeout=1200, base_api_url=base_api_url, allow_unverified=allow_unverified) + core = Core(token=api_token, request_timeout=timeout, base_api_url=base_api_url, allow_unverified=allow_unverified) no_change = True if ignore_commit_files: no_change = False From 4658e41b584e871c861ae76696222820f967a85f Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Thu, 23 Jan 2025 10:02:24 -0800 Subject: [PATCH 027/149] added CLI_VERSION build-arg to build docker step (#41) --- .github/workflows/release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index abf4e0b..d8b823c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -102,4 +102,6 @@ jobs: platforms: linux/amd64,linux/arm64 tags: | socketdev/cli:latest - socketdev/cli:${{ env.VERSION }} \ No newline at end of file + socketdev/cli:${{ env.VERSION }} + build-args: | + CLI_VERSION=${{ env.VERSION }} From 8b04089c2d2c658b636b02e9fb2940398edd3fd4 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Thu, 23 Jan 2025 17:49:00 -0800 Subject: [PATCH 028/149] Eric/cus 48 try to detect truncated results in full scan results and (#42) * detecting truncation, added errors, moved to SDK --- pyproject.toml | 3 +- requirements.txt | 1 + socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 296 ++++++++++++++++---------------- socketsecurity/socketcli.py | 6 +- 5 files changed, 154 insertions(+), 154 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 7ff90d9..00320f6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -12,6 +12,7 @@ dependencies = [ 'prettytable', 'GitPython', 'packaging', + 'socket-sdk-python>=1.0.15,<2.0.0' ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -45,4 +46,4 @@ include = [ ] [tool.setuptools.dynamic] -version = {attr = "socketsecurity.__version__"} \ No newline at end of file +version = {attr = "socketsecurity.__version__"} diff --git a/requirements.txt b/requirements.txt index 896774a..885c5b9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,4 @@ +socket-sdk-python>=1.0.15,<2.0.0 requests>=2.32.0 mdutils~=1.6.0 prettytable diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 48e740d..40a32c8 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.41' +__version__ = '1.0.42' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 4855b51..4b71606 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,36 +1,39 @@ +import base64 +import json import logging +import platform +import time +from glob import glob from pathlib import PurePath -from requests.exceptions import ReadTimeout -import requests from urllib.parse import urlencode -import base64 -import json -from socketsecurity.core.exceptions import ( - APIFailure, - APIKeyMissing, - APIAccessDenied, - APIInsufficientQuota, - APIResourceNotFound, - APICloudflareError, - RequestTimeoutExceeded -) + +import requests +from requests.exceptions import ReadTimeout +from socketdev import socketdev + from socketsecurity import __version__ -from socketsecurity.core.licenses import Licenses -from socketsecurity.core.issues import AllIssues from socketsecurity.core.classes import ( - Report, - Issue, - Package, Alert, + Diff, FullScan, FullScanParams, + Issue, + Package, + Purl, + Report, Repository, - Diff, - Purl ) -import platform -from glob import glob -import time +from socketsecurity.core.exceptions import ( + APIAccessDenied, + APICloudflareError, + APIFailure, + APIInsufficientQuota, + APIKeyMissing, + APIResourceNotFound, + RequestTimeoutExceeded, +) +from socketsecurity.core.issues import AllIssues +from socketsecurity.core.licenses import Licenses __all__ = [ "Core", @@ -55,6 +58,8 @@ log = logging.getLogger("socketdev") log.addHandler(logging.NullHandler()) +socket_sdk = None + socket_globs = { "spdx": { "spdx.json": { @@ -153,6 +158,15 @@ def encode_key(token: str) -> None: encoded_key = base64.b64encode(token.encode()).decode('ascii') +class SCMRequestError(Exception): + """Generic exception for SCM API request failures""" + def __init__(self, status_code: int, message: str, url: str): + self.status_code = status_code + self.message = message + self.url = url + super().__init__(f"SCM API request failed: {status_code} - {message} (URL: {url})") + + def do_request( path: str, headers: dict = None, @@ -160,34 +174,24 @@ def do_request( files: list = None, method: str = "GET", base_url: str = None, -) -> requests.request: +) -> requests.Response: """ - do_requests is the shared function for making HTTP calls - :param base_url: + Shared function for making HTTP calls to SCM providers (GitHub/GitLab) + :param base_url: Base URL for the SCM provider API :param path: Required path for the request - :param headers: Optional dictionary of headers. If not set will use a default set + :param headers: Optional dictionary of headers :param payload: Optional dictionary or string of the payload to pass :param files: Optional list of files to upload :param method: Optional method to use, defaults to GET - :return: + :return: Response object + :raises: SCMRequestError if the request fails """ + if base_url is None: + raise ValueError("base_url is required for SCM API calls") + + url = f"{base_url}/{path}" + verify = not allow_unverified_ssl - if base_url is not None: - url = f"{base_url}/{path}" - else: - if encoded_key is None or encoded_key == "": - raise APIKeyMissing - url = f"{api_url}/{path}" - - if headers is None: - headers = { - 'Authorization': f"Basic {encoded_key}", - 'User-Agent': f'SocketPythonCLI/{__version__}', - "accept": "application/json" - } - verify = True - if allow_unverified_ssl: - verify = False try: response = requests.request( method.upper(), @@ -198,43 +202,49 @@ def do_request( timeout=timeout, verify=verify ) - except ReadTimeout: - raise RequestTimeoutExceeded(f"Configured timeout {timeout} reached for request for path {url}") - output_headers = headers.copy() - output_headers['Authorization'] = "API_KEY_REDACTED" - output = { - "url": url, - "headers": output_headers, - "status_code": response.status_code, - "body": response.text, - "payload": payload, - "files": files, - "timeout": timeout - } - log.debug(output) - if response.status_code <= 399: - return response - elif response.status_code == 400: - raise APIFailure(output) - elif response.status_code == 401: - raise APIAccessDenied("Unauthorized") - elif response.status_code == 403: - raise APIInsufficientQuota("Insufficient max_quota for API method") - elif response.status_code == 404: - raise APIResourceNotFound(f"Path not found {path}") - elif response.status_code == 429: - raise APIInsufficientQuota("Insufficient quota for API route") - elif response.status_code == 524: - raise APICloudflareError(response.text) - else: - msg = { + + # Log request details (with redacted auth) + output_headers = headers.copy() if headers else {} + if 'Authorization' in output_headers: + output_headers['Authorization'] = "TOKEN_REDACTED" + + log.debug({ + "url": url, + "headers": output_headers, "status_code": response.status_code, - "UnexpectedError": "There was an unexpected error using the API", - "error": response.text, + "body": response.text, "payload": payload, - "url": url - } - raise APIFailure(msg) + "files": files, + "timeout": timeout + }) + + if response.status_code < 400: + return response + + # Try to get error message from response + try: + error_msg = response.json().get('message', response.text) + except (json.JSONDecodeError, AttributeError): + error_msg = response.text + + raise SCMRequestError( + status_code=response.status_code, + message=error_msg, + url=url + ) + + except ReadTimeout: + raise SCMRequestError( + status_code=408, + message=f"Request timed out after {timeout} seconds", + url=url + ) + except requests.RequestException as e: + raise SCMRequestError( + status_code=500, + message=str(e), + url=url + ) class Core: @@ -251,9 +261,10 @@ def __init__( enable_all_alerts: bool = False, allow_unverified: bool = False ): - global allow_unverified_ssl + global allow_unverified_ssl, socket_sdk allow_unverified_ssl = allow_unverified self.token = token + ":" + socket_sdk = socketdev(self.token, timeout=request_timeout) encode_key(self.token) self.socket_date_format = "%Y-%m-%dT%H:%M:%S.%fZ" self.base_api_url = base_api_url @@ -311,9 +322,7 @@ def get_org_id_slug() -> (str, str): Gets the Org ID and Org Slug for the API Token :return: """ - path = "organizations" - response = do_request(path) - data = response.json() + data = socket_sdk.org.get() organizations = data.get("organizations") new_org_id = None new_org_slug = None @@ -325,23 +334,30 @@ def get_org_id_slug() -> (str, str): @staticmethod def get_sbom_data(full_scan_id: str) -> list: - path = f"orgs/{org_slug}/full-scans/{full_scan_id}" - response = do_request(path) - results = [] + """ + Gets SBOM data for a full scan using the Socket SDK + :param full_scan_id: str - ID of the full scan to get SBOM data for + :return: list of SBOM artifacts + """ try: - data = response.json() - results = data.get("sbom_artifacts") or [] + result = socket_sdk.fullscans.stream(org_slug, full_scan_id) + if result.get("success", False): + # Remove metadata properties before returning artifacts + result.pop("success", None) + result.pop("status", None) + # The SDK returns a dict with the SBOM artifacts as values, so we need to convert it to a list + return list(result.values()) + else: + # TODO: In future ticket, throw appropriate error here instead of returning empty list + log.error(f"Failed to get SBOM data for scan {full_scan_id}") + log.error(f"Status: {result.get('status')}") + log.error(f"Message: {result.get('message')}") + return [] except Exception as error: - log.debug("Failed with old style full-scan API using new format") - log.debug(error) - data = response.text - data.strip('"') - data.strip() - for line in data.split("\n"): - if line != '"' and line != "" and line is not None: - item = json.loads(line) - results.append(item) - return results + # TODO: In future ticket, throw appropriate error here instead of returning empty list + log.error(f"Unexpected error getting SBOM data for scan {full_scan_id}") + log.error(error) + return [] @staticmethod def get_security_policy() -> dict: @@ -349,14 +365,7 @@ def get_security_policy() -> dict: Get the Security policy and determine the effective Org security policy :return: """ - path = "settings" - payload = [ - { - "organization": org_id - } - ] - response = do_request(path, payload=json.dumps(payload), method="POST") - data = response.json() + data = socket_sdk.settings.get(org_id) defaults = data.get("defaults") default_rules = defaults.get("issueRules") entries = data.get("entries") @@ -400,16 +409,15 @@ def get_manifest_files(package: Package, packages: dict) -> str: @staticmethod def create_sbom_output(diff: Diff) -> dict: - base_path = f"orgs/{org_slug}/export/cdx" - path = f"{base_path}/{diff.id}" - result = do_request(path=path) - try: - sbom = result.json() - except Exception as error: + result = socket_sdk.export.cdx_bom(org_slug, diff.id) + + if not result.get("success", False): log.error(f"Unable to get CycloneDX Output for {diff.id}") - log.error(error) - sbom = {} - return sbom + log.error(result.get("message", "No error message provided")) + return {} + + result.pop("success", None) + return result @staticmethod def match_supported_files(files: list) -> bool: @@ -462,6 +470,7 @@ def find_files(path: str) -> list: end_time = time.time() total_time = end_time - start_time log.info(f"Found {len(files)} in {total_time:.2f} seconds") + log.debug(f"Files found: {list(files)}") return list(files) @staticmethod @@ -473,38 +482,18 @@ def create_full_scan(files: list, params: FullScanParams, workspace: str) -> Ful :param workspace: str - Path of workspace :return: """ - send_files = [] create_full_start = time.time() log.debug("Creating new full scan") - for file in files: - if platform.system() == "Windows": - file = file.replace("\\", "/") - if "/" in file: - path, name = file.rsplit("/", 1) - else: - path = "." - name = file - full_path = f"{path}/{name}" - if full_path.startswith(workspace): - key = full_path[len(workspace):] - else: - key = full_path - key = key.lstrip("/") - key = key.lstrip("./") - payload = ( - key, - ( - name, - open(full_path, 'rb') - ) - ) - send_files.append(payload) - query_params = urlencode(params.__dict__) - full_uri = f"{full_scan_path}?{query_params}" - response = do_request(full_uri, method="POST", files=send_files) - results = response.json() + + # Convert params to dict and add org_slug + params_dict = params.__dict__.copy() + params_dict['org_slug'] = org_slug + + results = socket_sdk.fullscans.post(files=files, params=params_dict, workspace=workspace) + full_scan = FullScan(**results) full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) + create_full_end = time.time() total_time = create_full_end - create_full_start log.debug(f"New Full Scan created in {total_time:.2f} seconds") @@ -527,9 +516,8 @@ def get_head_scan_for_repo(repo_slug: str): :param repo_slug: Str - Repo slug for the repository that is being diffed :return: """ - repo_path = f"{repository_path}/{repo_slug}" - response = do_request(repo_path) - results = response.json() + results = socket_sdk.repos.repo(org_slug, repo_name=repo_slug) + repository = Repository(**results) return repository.head_full_scan_id @@ -540,9 +528,7 @@ def get_full_scan(full_scan_id: str) -> FullScan: :param full_scan_id: str - ID of the full scan to pull :return: """ - full_scan_url = f"{full_scan_path}/{full_scan_id}" - response = do_request(full_scan_url) - results = response.json() + results = socket_sdk.fullscans.metadata(org_slug, full_scan_id) full_scan = FullScan(**results) full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) return full_scan @@ -876,6 +862,18 @@ def create_sbom_dict(sbom: list) -> dict: log.debug(f"Orphaned top level package id {package_id} for packages {details}") else: packages[package_id].transitives = top_level_count[package_id] + + # Check for potential API truncation + top_levels_len = len(top_levels) + packages_len = len(packages) + difference = top_levels_len - packages_len + + if difference > 10 and difference > (packages_len * 0.5): + raise APIFailure( + f"Potential API truncation detected: Found {top_levels_len} top-level ancestors but only {packages_len} packages. " + f"This suggests the SBOM data may be incomplete." + ) + return packages @staticmethod diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index ac9dd48..a0da7d8 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -1,5 +1,6 @@ import argparse import json +import traceback import socketsecurity.core from socketsecurity.core import Core, __version__ @@ -169,9 +170,6 @@ type=float ) - - - def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: if diff_report.id != "NO_DIFF_RAN": console_security_comment = Messages.create_console_security_alert_table(diff_report) @@ -231,6 +229,8 @@ def cli(): except Exception as error: log.error("Unexpected error when running the cli") log.error(error) + log.error("Traceback:") + log.error(traceback.format_exc()) if not blocking_disabled: sys.exit(3) else: From 7bdbef65515fe03ef0017ddb66e8b0358d435cfd Mon Sep 17 00:00:00 2001 From: Orlando Barrera II <1621370+obarrera@users.noreply.github.com> Date: Mon, 27 Jan 2025 08:12:52 -0600 Subject: [PATCH 029/149] Added SARIF support to the CLI (#43) Co-authored-by: Orlando Barrera II --- socketsecurity/core/messages.py | 123 ++++++++++++++++++++++++++++++++ socketsecurity/socketcli.py | 39 +++++++++- 2 files changed, 160 insertions(+), 2 deletions(-) diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index eaabf14..28295e5 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -1,4 +1,5 @@ import json +import os from mdutils import MdUtils from socketsecurity.core.classes import Diff, Purl, Issue @@ -7,6 +8,128 @@ class Messages: + @staticmethod + def map_severity_to_sarif(severity: str) -> str: + """ + Map Socket severity levels to SARIF levels (GitHub code scanning). + """ + severity_mapping = { + "low": "note", + "medium": "warning", + "middle": "warning", # older data might say "middle" + "high": "error", + "critical": "error", + } + return severity_mapping.get(severity.lower(), "note") + + + @staticmethod + def find_line_in_file(pkg_name: str, manifest_file: str) -> tuple[int, str]: + """ + Search 'manifest_file' for 'pkg_name'. + Return (line_number, line_content) if found, else (1, fallback). + """ + if not manifest_file or not os.path.isfile(manifest_file): + return 1, f"[No {manifest_file or 'manifest'} found in repo]" + try: + with open(manifest_file, "r", encoding="utf-8") as f: + lines = f.readlines() + for i, line in enumerate(lines, start=1): + if pkg_name.lower() in line.lower(): + return i, line.rstrip("\n") + except Exception as e: + return 1, f"[Error reading {manifest_file}: {e}]" + return 1, f"[Package '{pkg_name}' not found in {manifest_file}]" + + @staticmethod + def create_security_comment_sarif(diff: Diff) -> dict: + """ + Create SARIF-compliant output from the diff report. + """ + scan_failed = False + if len(diff.new_alerts) == 0: + for alert in diff.new_alerts: + alert: Issue + if alert.error: + scan_failed = True + break + + # Basic SARIF structure + sarif_data = { + "$schema": "https://json.schemastore.org/sarif-2.1.0.json", + "version": "2.1.0", + "runs": [ + { + "tool": { + "driver": { + "name": "Socket Security", + "informationUri": "https://socket.dev", + "rules": [] + } + }, + "results": [] + } + ] + } + + rules_map = {} + results_list = [] + + for alert in diff.new_alerts: + alert: Issue + pkg_name = alert.pkg_name + pkg_version = alert.pkg_version + rule_id = f"{pkg_name}=={pkg_version}" + severity = alert.severity + + # Title and descriptions + title = f"Alert generated for {pkg_name}=={pkg_version} by Socket Security" + full_desc = f"{alert.title} - {alert.description}" + short_desc = f"{alert.props.get('note', '')}\r\n\r\nSuggested Action:\r\n{alert.suggestion}" + + # Find the manifest file and line details + introduced_list = alert.introduced_by + if introduced_list and isinstance(introduced_list[0], list) and len(introduced_list[0]) > 1: + manifest_file = introduced_list[0][1] + else: + manifest_file = alert.manifests or "requirements.txt" + + line_number, line_content = Messages.find_line_in_file(pkg_name, manifest_file) + + # Define the rule if not already defined + if rule_id not in rules_map: + rules_map[rule_id] = { + "id": rule_id, + "name": f"{pkg_name}=={pkg_version}", + "shortDescription": {"text": title}, + "fullDescription": {"text": full_desc}, + "helpUri": alert.url, + "defaultConfiguration": {"level": Messages.map_severity_to_sarif(severity)}, + } + + # Add the result + result_obj = { + "ruleId": rule_id, + "message": {"text": short_desc}, + "locations": [ + { + "physicalLocation": { + "artifactLocation": {"uri": manifest_file}, + "region": { + "startLine": line_number, + "snippet": {"text": line_content}, + }, + } + } + ], + } + results_list.append(result_obj) + + sarif_data["runs"][0]["tool"]["driver"]["rules"] = list(rules_map.values()) + sarif_data["runs"][0]["results"] = results_list + + return sarif_data + @staticmethod def create_security_comment_json(diff: Diff) -> dict: scan_failed = False diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index a0da7d8..f2bc0cb 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -170,6 +170,14 @@ type=float ) +parser.add_argument( + '--enable-sarif', + help='Enable SARIF output of results instead of table or JSON format', + action='store_true', + default=False +) + + def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: if diff_report.id != "NO_DIFF_RAN": console_security_comment = Messages.create_console_security_alert_table(diff_report) @@ -188,6 +196,25 @@ def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> No else: log.info("No New Security issues detected by Socket Security") +def output_console_sarif(diff_report: Diff, sbom_file_name: str = None) -> None: + """ + Generate SARIF output from the diff report and save it to a file. + """ + if diff_report.id != "NO_DIFF_RAN": + # Generate the SARIF structure using Messages + console_security_comment = Messages.create_security_comment_sarif(diff_report) + + # Save the SARIF output to the specified SBOM file name or fallback to a default + save_sbom_file(diff_report, sbom_file_name) + # Print the SARIF output to the console in JSON format + print(json.dumps(console_security_comment, indent=2)) + + # Handle exit codes based on alert severity + if not report_pass(diff_report) and not blocking_disabled: + sys.exit(1) + elif len(diff_report.new_alerts) > 0 and not blocking_disabled: + # Warning alerts without blocking + sys.exit(5) def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: if diff_report.id != "NO_DIFF_RAN": @@ -257,6 +284,7 @@ def main_code(): sbom_file = arguments.sbom_file license_mode = arguments.generate_license enable_json = arguments.enable_json + enable_sarif = arguments.enable_sarif disable_overview = arguments.disable_overview disable_security_issue = arguments.disable_security_issue ignore_commit_files = arguments.ignore_commit_files @@ -401,7 +429,10 @@ def main_code(): else: log.info("Starting non-PR/MR flow") diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) - if enable_json: + if enable_sarif: + log.debug("Outputting SARIF Results") + output_console_sarif(diff, sbom_file) + elif enable_json: log.debug("Outputting JSON Results") output_console_json(diff, sbom_file) else: @@ -410,7 +441,11 @@ def main_code(): log.info("API Mode") diff: Diff diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) - if enable_json: + if enable_sarif: + log.debug("Outputting SARIF Results") + output_console_sarif(diff, sbom_file) + elif enable_json: + log.debug("Outputting JSON Results") output_console_json(diff, sbom_file) else: output_console_comments(diff, sbom_file) From 2584267f40660be0ea8aea782f1505810834c0ae Mon Sep 17 00:00:00 2001 From: Orlando Barrera II <1621370+obarrera@users.noreply.github.com> Date: Mon, 27 Jan 2025 13:13:11 -0600 Subject: [PATCH 030/149] Update README.md (#44) --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index dd76c20..e05657b 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ The Socket Security CLI was created to enable integrations with other tools like ```` shell socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr_number PR_NUMBER] [--commit_message COMMIT_MESSAGE] [--default_branch] [--target_path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE] - [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--disable-overview] + [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout] ```` @@ -33,6 +33,7 @@ If you don't want to provide the Socket API Token every time then you can use th | --commit-sha | | False | | The commit hash for the commit | | --generate-license | | False | False | If enabled with `--sbom-file` will include license details | | --enable-json | | False | False | If enabled will change the console output format to JSON | +| --enable-sarif | | False | False | If enabled will change the console output format to SARIF | | --disable-overview | | False | False | If enabled will disable Dependency Overview comments | | --disable-security-issue | | False | False | If enabled will disable Security Issue Comments | | --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. | From 0b8b2fe17dc31be14a9f7c2eb9ff2aa78c9dcfa9 Mon Sep 17 00:00:00 2001 From: Orlando Barrera II <1621370+obarrera@users.noreply.github.com> Date: Wed, 29 Jan 2025 11:47:03 -0600 Subject: [PATCH 031/149] Update __init__.py (#45) Co-authored-by: Douglas --- socketsecurity/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 40a32c8..023baaa 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.42' +__version__ = '1.0.43' From 7ddb4537518fa762da7ebebff2044ce71e720f3c Mon Sep 17 00:00:00 2001 From: Orlando Barrera II <1621370+obarrera@users.noreply.github.com> Date: Fri, 31 Jan 2025 13:44:18 -0600 Subject: [PATCH 032/149] Improved file line number glob. (#46) * Improved file line number glob. Added link to socket.dev for package alert. * Updated version --------- Co-authored-by: Orlando Barrera II --- socketsecurity/__init__.py | 2 +- socketsecurity/core/messages.py | 181 +++++++++++++++++++++++++++----- 2 files changed, 153 insertions(+), 30 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 023baaa..6e9694e 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.43' +__version__ = '1.0.44' diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 28295e5..f914bb9 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -1,6 +1,9 @@ import json import os +import re +import json +from pathlib import Path from mdutils import MdUtils from socketsecurity.core.classes import Diff, Purl, Issue from prettytable import PrettyTable @@ -12,6 +15,10 @@ class Messages: def map_severity_to_sarif(severity: str) -> str: """ Map Socket severity levels to SARIF levels (GitHub code scanning). + + 'low' -> 'note' + 'medium' or 'middle' -> 'warning' + 'high' or 'critical' -> 'error' """ severity_mapping = { "low": "note", @@ -22,39 +29,147 @@ def map_severity_to_sarif(severity: str) -> str: } return severity_mapping.get(severity.lower(), "note") - @staticmethod - def find_line_in_file(pkg_name: str, manifest_file: str) -> tuple[int, str]: + def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) -> tuple: """ - Search 'manifest_file' for 'pkg_name'. - Return (line_number, line_content) if found, else (1, fallback). + Finds the line number and snippet of code for the given package/version in a manifest file. + Returns a 2-tuple: (line_number, snippet_or_message). + + Supports: + 1) JSON-based manifest files (package-lock.json, Pipfile.lock, composer.lock) + - Locates a dictionary entry with the matching package & version + - Does a rough line-based search to find the actual line in the raw text + 2) Text-based (requirements.txt, package.json, yarn.lock, etc.) + - Uses compiled regex patterns to detect a match line by line """ - if not manifest_file or not os.path.isfile(manifest_file): - return 1, f"[No {manifest_file or 'manifest'} found in repo]" + # Extract just the file name to detect manifest type + file_type = Path(manifest_file).name + + # ---------------------------------------------------- + # 1) JSON-based manifest files + # ---------------------------------------------------- + if file_type in ["package-lock.json", "Pipfile.lock", "composer.lock"]: + try: + # Read entire file so we can parse JSON and also do raw line checks + with open(manifest_file, "r", encoding="utf-8") as f: + raw_text = f.read() + + # Attempt JSON parse + data = json.loads(raw_text) + + # In practice, you may need to check data["dependencies"], data["default"], etc. + # This is an example approach. + packages_dict = ( + data.get("packages") + or data.get("default") + or data.get("dependencies") + or {} + ) + + found_key = None + found_info = None + # Locate a dictionary entry whose 'version' matches + for key, value in packages_dict.items(): + # For NPM package-lock, keys might look like "node_modules/axios" + if key.endswith(packagename) and "version" in value: + if value["version"] == packageversion: + found_key = key + found_info = value + break + + if found_key and found_info: + # Search lines to approximate the correct line number + needle_key = f'"{found_key}":' # e.g. "node_modules/axios": + needle_version = f'"version": "{packageversion}"' + lines = raw_text.splitlines() + best_line = -1 + snippet = None + + for i, line in enumerate(lines, start=1): + if (needle_key in line) or (needle_version in line): + best_line = i + snippet = line.strip() + break # On first match, stop + + # If we found an approximate line, return it; else fallback to line 1 + if best_line > 0 and snippet: + return best_line, snippet + else: + return 1, f'"{found_key}": {found_info}' + else: + return -1, f"{packagename} {packageversion} (not found in {manifest_file})" + + except (FileNotFoundError, json.JSONDecodeError): + return -1, f"Error reading {manifest_file}" + + # ---------------------------------------------------- + # 2) Text-based / line-based manifests + # ---------------------------------------------------- + # Define a dictionary of patterns for common manifest types + search_patterns = { + "package.json": rf'"{packagename}":\s*"{packageversion}"', + "yarn.lock": rf'{packagename}@{packageversion}', + "pnpm-lock.yaml": rf'"{re.escape(packagename)}"\s*:\s*\{{[^}}]*"version":\s*"{re.escape(packageversion)}"', + "requirements.txt": rf'^{re.escape(packagename)}\s*(?:==|===|!=|>=|<=|~=|\s+)?\s*{re.escape(packageversion)}(?:\s*;.*)?$', + "pyproject.toml": rf'{packagename}\s*=\s*"{packageversion}"', + "Pipfile": rf'"{packagename}"\s*=\s*"{packageversion}"', + "go.mod": rf'require\s+{re.escape(packagename)}\s+{re.escape(packageversion)}', + "go.sum": rf'{re.escape(packagename)}\s+{re.escape(packageversion)}', + "pom.xml": rf'{re.escape(packagename)}\s*{re.escape(packageversion)}', + "build.gradle": rf'implementation\s+"{re.escape(packagename)}:{re.escape(packageversion)}"', + "Gemfile": rf'gem\s+"{re.escape(packagename)}",\s*"{re.escape(packageversion)}"', + "Gemfile.lock": rf'\s+{re.escape(packagename)}\s+\({re.escape(packageversion)}\)', + ".csproj": rf'', + ".fsproj": rf'', + "paket.dependencies": rf'nuget\s+{re.escape(packagename)}\s+{re.escape(packageversion)}', + "Cargo.toml": rf'{re.escape(packagename)}\s*=\s*"{re.escape(packageversion)}"', + "build.sbt": rf'"{re.escape(packagename)}"\s*%\s*"{re.escape(packageversion)}"', + "Podfile": rf'pod\s+"{re.escape(packagename)}",\s*"{re.escape(packageversion)}"', + "Package.swift": rf'\.package\(name:\s*"{re.escape(packagename)}",\s*url:\s*".*?",\s*version:\s*"{re.escape(packageversion)}"\)', + "mix.exs": rf'\{{:{re.escape(packagename)},\s*"{re.escape(packageversion)}"\}}', + "composer.json": rf'"{re.escape(packagename)}":\s*"{re.escape(packageversion)}"', + "conanfile.txt": rf'{re.escape(packagename)}/{re.escape(packageversion)}', + "vcpkg.json": rf'"{re.escape(packagename)}":\s*"{re.escape(packageversion)}"', + } + + # If no specific pattern is found for this file name, fallback to a naive approach + searchstring = search_patterns.get(file_type, rf'{re.escape(packagename)}.*{re.escape(packageversion)}') + try: - with open(manifest_file, "r", encoding="utf-8") as f: - lines = f.readlines() - for i, line in enumerate(lines, start=1): - if pkg_name.lower() in line.lower(): - return i, line.rstrip("\n") + # Read file lines and search for a match + with open(manifest_file, 'r', encoding="utf-8") as file: + lines = [line.rstrip("\n") for line in file] + for line_number, line_content in enumerate(lines, start=1): + # For Python conditional dependencies, ignore everything after first ';' + line_main = line_content.split(";", 1)[0].strip() + + # Use a case-insensitive regex search + if re.search(searchstring, line_main, re.IGNORECASE): + return line_number, line_content.strip() + + except FileNotFoundError: + return -1, f"{manifest_file} not found" except Exception as e: - return 1, f"[Error reading {manifest_file}: {e}]" - return 1, f"[Package '{pkg_name}' not found in {manifest_file}]" - + return -1, f"Error reading {manifest_file}: {e}" + + return -1, f"{packagename} {packageversion} (not found)" + @staticmethod def create_security_comment_sarif(diff: Diff) -> dict: """ - Create SARIF-compliant output from the diff report. + Create SARIF-compliant output from the diff report, including line references + and a link to the Socket docs in the fullDescription. Also converts any \r\n + into
    so they render properly in GitHub's SARIF display. """ + # Check if there's a blocking error in new alerts scan_failed = False if len(diff.new_alerts) == 0: for alert in diff.new_alerts: - alert: Issue if alert.error: scan_failed = True break - # Basic SARIF structure + # Basic SARIF skeleton sarif_data = { "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "version": "2.1.0", @@ -76,38 +191,45 @@ def create_security_comment_sarif(diff: Diff) -> dict: results_list = [] for alert in diff.new_alerts: - alert: Issue pkg_name = alert.pkg_name pkg_version = alert.pkg_version rule_id = f"{pkg_name}=={pkg_version}" severity = alert.severity - # Title and descriptions - title = f"Alert generated for {pkg_name}=={pkg_version} by Socket Security" - full_desc = f"{alert.title} - {alert.description}" - short_desc = f"{alert.props.get('note', '')}\r\n\r\nSuggested Action:\r\n{alert.suggestion}" + # Convert any \r\n in short desc to
    so they display properly + short_desc_raw = f"{alert.props.get('note', '')}\r\n\r\nSuggested Action:\r\n{alert.suggestion}" + short_desc = short_desc_raw.replace("\r\n", "
    ") - # Find the manifest file and line details + # Build link to Socket docs, e.g. "https://socket.dev/npm/package/foo/alerts/1.2.3" + socket_url = f"https://socket.dev/npm/package/{pkg_name}/alerts/{pkg_version}" + + # Also convert \r\n in the main description to
    , then append the Socket docs link + base_desc = alert.description.replace("\r\n", "
    ") + full_desc_raw = f"{alert.title} - {base_desc}
    {socket_url}" + + # Identify the manifest file and line introduced_list = alert.introduced_by if introduced_list and isinstance(introduced_list[0], list) and len(introduced_list[0]) > 1: manifest_file = introduced_list[0][1] else: manifest_file = alert.manifests or "requirements.txt" - line_number, line_content = Messages.find_line_in_file(pkg_name, manifest_file) + line_number, line_content = Messages.find_line_in_file(pkg_name, pkg_version, manifest_file) - # Define the rule if not already defined + # If not already defined, create a rule for this package if rule_id not in rules_map: rules_map[rule_id] = { "id": rule_id, "name": f"{pkg_name}=={pkg_version}", - "shortDescription": {"text": title}, - "fullDescription": {"text": full_desc}, + "shortDescription": {"text": f"Alert generated for {rule_id} by Socket Security"}, + "fullDescription": {"text": full_desc_raw}, "helpUri": alert.url, - "defaultConfiguration": {"level": Messages.map_severity_to_sarif(severity)}, + "defaultConfiguration": { + "level": Messages.map_severity_to_sarif(severity) + }, } - # Add the result + # Create a SARIF "result" referencing the line where we found the match result_obj = { "ruleId": rule_id, "message": {"text": short_desc}, @@ -125,6 +247,7 @@ def create_security_comment_sarif(diff: Diff) -> dict: } results_list.append(result_obj) + # Attach our rules and results to the SARIF data sarif_data["runs"][0]["tool"]["driver"]["rules"] = list(rules_map.values()) sarif_data["runs"][0]["results"] = results_list From c2a8b519c3c4e75575530ba6bd964fc23f2628b5 Mon Sep 17 00:00:00 2001 From: Orlando Barrera II <1621370+obarrera@users.noreply.github.com> Date: Fri, 31 Jan 2025 15:04:33 -0600 Subject: [PATCH 033/149] Orlando/sarif package link (#49) * Improved file line number glob. Added link to socket.dev for package alert. * Updated version * Removed -1 ftom sarif * Added the Socket Package link to the alert info * Fixed the package info link * Fixed the package url link * Update messages.py * Update messages.py --------- Co-authored-by: Orlando Barrera II --- socketsecurity/__init__.py | 2 +- socketsecurity/core/messages.py | 93 +++++++++++++++++++-------------- 2 files changed, 55 insertions(+), 40 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 6e9694e..fd0caea 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.44' +__version__ = '1.0.47' diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index f914bb9..8b739c1 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -82,7 +82,7 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) needle_key = f'"{found_key}":' # e.g. "node_modules/axios": needle_version = f'"version": "{packageversion}"' lines = raw_text.splitlines() - best_line = -1 + best_line = 1 snippet = None for i, line in enumerate(lines, start=1): @@ -97,10 +97,10 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) else: return 1, f'"{found_key}": {found_info}' else: - return -1, f"{packagename} {packageversion} (not found in {manifest_file})" + return 1, f"{packagename} {packageversion} (not found in {manifest_file})" except (FileNotFoundError, json.JSONDecodeError): - return -1, f"Error reading {manifest_file}" + return 1, f"Error reading {manifest_file}" # ---------------------------------------------------- # 2) Text-based / line-based manifests @@ -148,28 +148,49 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) return line_number, line_content.strip() except FileNotFoundError: - return -1, f"{manifest_file} not found" + return 1, f"{manifest_file} not found" except Exception as e: - return -1, f"Error reading {manifest_file}: {e}" + return 1, f"Error reading {manifest_file}: {e}" - return -1, f"{packagename} {packageversion} (not found)" + return 1, f"{packagename} {packageversion} (not found)" @staticmethod - def create_security_comment_sarif(diff: Diff) -> dict: + def get_manifest_type_url(manifest_file: str, pkg_name: str, pkg_version: str) -> str: """ - Create SARIF-compliant output from the diff report, including line references - and a link to the Socket docs in the fullDescription. Also converts any \r\n - into
    so they render properly in GitHub's SARIF display. + Determine the correct URL path based on the manifest file type. """ - # Check if there's a blocking error in new alerts - scan_failed = False - if len(diff.new_alerts) == 0: - for alert in diff.new_alerts: - if alert.error: - scan_failed = True - break + manifest_to_url_prefix = { + "package.json": "npm", + "package-lock.json": "npm", + "yarn.lock": "npm", + "pnpm-lock.yaml": "npm", + "requirements.txt": "pypi", + "pyproject.toml": "pypi", + "Pipfile": "pypi", + "go.mod": "go", + "go.sum": "go", + "pom.xml": "maven", + "build.gradle": "maven", + ".csproj": "nuget", + ".fsproj": "nuget", + "paket.dependencies": "nuget", + "Cargo.toml": "cargo", + "Gemfile": "rubygems", + "Gemfile.lock": "rubygems", + "composer.json": "composer", + "vcpkg.json": "vcpkg", + } + + file_type = Path(manifest_file).name + url_prefix = manifest_to_url_prefix.get(file_type, "unknown") + return f"https://socket.dev/{url_prefix}/package/{pkg_name}/alerts/{pkg_version}" - # Basic SARIF skeleton + @staticmethod + def create_security_comment_sarif(diff) -> dict: + """ + Create SARIF-compliant output from the diff report, including dynamic URL generation + based on manifest type and improved
    formatting for GitHub SARIF display. + """ sarif_data = { "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "version": "2.1.0", @@ -196,40 +217,34 @@ def create_security_comment_sarif(diff: Diff) -> dict: rule_id = f"{pkg_name}=={pkg_version}" severity = alert.severity - # Convert any \r\n in short desc to
    so they display properly - short_desc_raw = f"{alert.props.get('note', '')}\r\n\r\nSuggested Action:\r\n{alert.suggestion}" - short_desc = short_desc_raw.replace("\r\n", "
    ") - - # Build link to Socket docs, e.g. "https://socket.dev/npm/package/foo/alerts/1.2.3" - socket_url = f"https://socket.dev/npm/package/{pkg_name}/alerts/{pkg_version}" - - # Also convert \r\n in the main description to
    , then append the Socket docs link - base_desc = alert.description.replace("\r\n", "
    ") - full_desc_raw = f"{alert.title} - {base_desc}
    {socket_url}" - - # Identify the manifest file and line + # Generate the correct URL for the alert based on manifest type introduced_list = alert.introduced_by - if introduced_list and isinstance(introduced_list[0], list) and len(introduced_list[0]) > 1: - manifest_file = introduced_list[0][1] - else: - manifest_file = alert.manifests or "requirements.txt" + manifest_file = introduced_list[0][1] if introduced_list and isinstance(introduced_list[0], list) else alert.manifests or "requirements.txt" + socket_url = Messages.get_manifest_type_url(manifest_file, pkg_name, pkg_version) + + # Prepare descriptions with
    replacements + short_desc = f"{alert.props.get('note', '')}

    Suggested Action:
    {alert.suggestion}
    {socket_url}" + full_desc = f"{alert.title} - {alert.description.replace('\r\n', '
    ')}" + # Identify the line and snippet in the manifest file line_number, line_content = Messages.find_line_in_file(pkg_name, pkg_version, manifest_file) + if line_number < 1: + line_number = 1 # Ensure SARIF compliance - # If not already defined, create a rule for this package + # Create the rule if not already defined if rule_id not in rules_map: rules_map[rule_id] = { "id": rule_id, "name": f"{pkg_name}=={pkg_version}", "shortDescription": {"text": f"Alert generated for {rule_id} by Socket Security"}, - "fullDescription": {"text": full_desc_raw}, - "helpUri": alert.url, + "fullDescription": {"text": full_desc}, + "helpUri": socket_url, "defaultConfiguration": { "level": Messages.map_severity_to_sarif(severity) }, } - # Create a SARIF "result" referencing the line where we found the match + # Add the SARIF result result_obj = { "ruleId": rule_id, "message": {"text": short_desc}, @@ -247,7 +262,7 @@ def create_security_comment_sarif(diff: Diff) -> dict: } results_list.append(result_obj) - # Attach our rules and results to the SARIF data + # Attach rules and results sarif_data["runs"][0]["tool"]["driver"]["rules"] = list(rules_map.values()) sarif_data["runs"][0]["results"] = results_list From 49156d4322e86289c0b46891aba09f5d34659eea Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Wed, 12 Feb 2025 15:35:44 -0800 Subject: [PATCH 034/149] Eric/cus 9 - Socket CLI v2 (#50) * update CLI to v2 --- .github/PULL_REQUEST_TEMPLATE.md | 5 + .github/PULL_REQUEST_TEMPLATE/bug-fix.md | 19 + .github/PULL_REQUEST_TEMPLATE/feature.md | 16 + .github/PULL_REQUEST_TEMPLATE/improvement.md | 10 + .github/workflows/pr-preview.yml | 12 +- .github/workflows/release.yml | 8 +- .github/workflows/version-check.yml | 2 +- .gitignore | 6 +- .python-version | 1 + Dockerfile | 16 +- Makefile | 69 + Pipfile | 16 - Pipfile.lock | 207 - README.md | 80 +- pyproject.toml | 128 +- pytest.ini | 7 + requirements-dev.lock | 72 + requirements.lock | 72 + requirements.txt | 7 - scripts/build_container.sh | 104 +- scripts/deploy-test-docker.sh | 67 + scripts/deploy-test-pypi.sh | 60 + scripts/run.sh | 0 socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 336 + socketsecurity/core/__init__.py | 1346 +- socketsecurity/core/classes.py | 427 +- socketsecurity/core/cli_client.py | 56 + socketsecurity/core/git_interface.py | 23 +- socketsecurity/core/github.py | 247 - socketsecurity/core/gitlab.py | 179 - socketsecurity/core/logging.py | 32 + socketsecurity/core/messages.py | 5 +- socketsecurity/core/scm/__init__.py | 0 socketsecurity/core/scm/base.py | 37 + socketsecurity/core/scm/client.py | 41 + socketsecurity/core/scm/github.py | 215 + socketsecurity/core/scm/gitlab.py | 159 + socketsecurity/core/scm_comments.py | 8 +- socketsecurity/core/socket_config.py | 62 + socketsecurity/core/utils.py | 85 + socketsecurity/output.py | 93 + socketsecurity/socketcli.py | 526 +- tests/__init__.py | 0 tests/core/conftest.py | 179 + tests/core/create_diff_input.json | 442 + tests/core/test_diff_generation.py | 283 + tests/core/test_package_and_alerts.py | 230 + tests/core/test_sdk_methods.py | 122 + tests/core/test_supporting_methods.py | 300 + tests/data/fullscans/create_response.json | 13 + tests/data/fullscans/diff/stream_diff.json | 556 + .../data/fullscans/diff/stream_diff_full.json | 52389 ++++++ tests/data/fullscans/head_scan/metadata.json | 21 + .../data/fullscans/head_scan/stream_scan.json | 201 + .../fullscans/head_scan/stream_scan_full.json | 139329 +++++++++++++++ tests/data/fullscans/new_scan/metadata.json | 21 + .../data/fullscans/new_scan/stream_scan.json | 348 + tests/data/repos/repo_info_error.json | 5 + tests/data/repos/repo_info_no_head.json | 16 + tests/data/repos/repo_info_success.json | 16 + tests/data/settings/security-policy.json | 297 + tests/unit/__init__.py | 0 tests/unit/test_cli_config.py | 31 + tests/unit/test_client.py | 125 + tests/unit/test_config.py | 80 + tests/unit/test_output.py | 54 + 67 files changed, 197943 insertions(+), 1978 deletions(-) create mode 100644 .github/PULL_REQUEST_TEMPLATE.md create mode 100644 .github/PULL_REQUEST_TEMPLATE/bug-fix.md create mode 100644 .github/PULL_REQUEST_TEMPLATE/feature.md create mode 100644 .github/PULL_REQUEST_TEMPLATE/improvement.md create mode 100644 .python-version create mode 100644 Makefile delete mode 100644 Pipfile delete mode 100644 Pipfile.lock create mode 100644 pytest.ini create mode 100644 requirements-dev.lock create mode 100644 requirements.lock delete mode 100644 requirements.txt create mode 100755 scripts/deploy-test-docker.sh create mode 100755 scripts/deploy-test-pypi.sh mode change 100644 => 100755 scripts/run.sh create mode 100644 socketsecurity/config.py create mode 100644 socketsecurity/core/cli_client.py delete mode 100644 socketsecurity/core/github.py delete mode 100644 socketsecurity/core/gitlab.py create mode 100644 socketsecurity/core/logging.py create mode 100644 socketsecurity/core/scm/__init__.py create mode 100644 socketsecurity/core/scm/base.py create mode 100644 socketsecurity/core/scm/client.py create mode 100644 socketsecurity/core/scm/github.py create mode 100644 socketsecurity/core/scm/gitlab.py create mode 100644 socketsecurity/core/socket_config.py create mode 100644 socketsecurity/core/utils.py create mode 100644 socketsecurity/output.py create mode 100644 tests/__init__.py create mode 100644 tests/core/conftest.py create mode 100644 tests/core/create_diff_input.json create mode 100644 tests/core/test_diff_generation.py create mode 100644 tests/core/test_package_and_alerts.py create mode 100644 tests/core/test_sdk_methods.py create mode 100644 tests/core/test_supporting_methods.py create mode 100644 tests/data/fullscans/create_response.json create mode 100644 tests/data/fullscans/diff/stream_diff.json create mode 100644 tests/data/fullscans/diff/stream_diff_full.json create mode 100644 tests/data/fullscans/head_scan/metadata.json create mode 100644 tests/data/fullscans/head_scan/stream_scan.json create mode 100644 tests/data/fullscans/head_scan/stream_scan_full.json create mode 100644 tests/data/fullscans/new_scan/metadata.json create mode 100644 tests/data/fullscans/new_scan/stream_scan.json create mode 100644 tests/data/repos/repo_info_error.json create mode 100644 tests/data/repos/repo_info_no_head.json create mode 100644 tests/data/repos/repo_info_success.json create mode 100644 tests/data/settings/security-policy.json create mode 100644 tests/unit/__init__.py create mode 100644 tests/unit/test_cli_config.py create mode 100644 tests/unit/test_client.py create mode 100644 tests/unit/test_config.py create mode 100644 tests/unit/test_output.py diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 0000000..db131ed --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,5 @@ +Click on the "Preview" tab and select appropriate PR template: + +[New Feature](?expand=1&template=feature.md) +[Bug Fix](?expand=1&template=bug-fix.md) +[Improvement](?expand=1&template=improvement.md) diff --git a/.github/PULL_REQUEST_TEMPLATE/bug-fix.md b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md new file mode 100644 index 0000000..239d369 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/bug-fix.md @@ -0,0 +1,19 @@ + + +## Root Cause + + + + +## Fix + + +## Public Changelog + + + +N/A + + + + diff --git a/.github/PULL_REQUEST_TEMPLATE/feature.md b/.github/PULL_REQUEST_TEMPLATE/feature.md new file mode 100644 index 0000000..51ab143 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/feature.md @@ -0,0 +1,16 @@ + + + +## Why? + + + + +## Public Changelog + + + +N/A + + + diff --git a/.github/PULL_REQUEST_TEMPLATE/improvement.md b/.github/PULL_REQUEST_TEMPLATE/improvement.md new file mode 100644 index 0000000..98f4fd5 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE/improvement.md @@ -0,0 +1,10 @@ + + +## Public Changelog + + + +N/A + + + diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index cc97ac2..8f455fb 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -1,7 +1,7 @@ name: PR Preview on: pull_request: - types: [opened, synchronize] + types: [opened, synchronize, ready_for_review] jobs: preview: @@ -12,9 +12,15 @@ jobs: with: python-version: '3.x' + # Install all dependencies from pyproject.toml + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -e . + - name: Set preview version run: | - BASE_VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'") + BASE_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)") PREVIEW_VERSION="${BASE_VERSION}.dev${{ github.event.pull_request.number }}${{ github.event.pull_request.commits }}" echo "VERSION=${PREVIEW_VERSION}" >> $GITHUB_ENV @@ -25,7 +31,7 @@ jobs: # Verify the change echo "Updated version in __init__.py:" - cat socketsecurity/__init__.py | grep "__version__" + python -c "from socketsecurity import __version__; print(__version__)" - name: Check if version exists on Test PyPI id: version_check diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d8b823c..beb6cc9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,6 +13,12 @@ jobs: with: python-version: '3.x' + # Install all dependencies from pyproject.toml + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install -e . + - name: Get Version id: version run: | @@ -104,4 +110,4 @@ jobs: socketdev/cli:latest socketdev/cli:${{ env.VERSION }} build-args: | - CLI_VERSION=${{ env.VERSION }} + CLI_VERSION=${{ env.VERSION }} \ No newline at end of file diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml index 96cdc09..fa20938 100644 --- a/.github/workflows/version-check.yml +++ b/.github/workflows/version-check.yml @@ -1,7 +1,7 @@ name: Version Check on: pull_request: - types: [opened, synchronize] + types: [opened, synchronize, ready_for_review] paths: - 'socketsecurity/**' - 'setup.py' diff --git a/.gitignore b/.gitignore index 405a91f..fab80bb 100644 --- a/.gitignore +++ b/.gitignore @@ -6,13 +6,13 @@ dist *.build *.dist *.egg-info -test *.env run_container.sh *.zip bin scripts/*.py *.json +!tests/**/*.json markdown_overview_temp.md markdown_security_temp.md .DS_Store @@ -20,4 +20,6 @@ markdown_security_temp.md test.py *.cpython-312.pyc` file_generator.py -.env.local \ No newline at end of file +.coverage +.env.local +Pipfile \ No newline at end of file diff --git a/.python-version b/.python-version new file mode 100644 index 0000000..e4fba21 --- /dev/null +++ b/.python-version @@ -0,0 +1 @@ +3.12 diff --git a/Dockerfile b/Dockerfile index 949ec58..76d3721 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,22 @@ FROM python:3-alpine LABEL org.opencontainers.image.authors="socket.dev" ARG CLI_VERSION +ARG SDK_VERSION ARG PIP_INDEX_URL=https://pypi.org/simple ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple RUN apk update \ && apk add --no-cache git nodejs npm yarn -RUN pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION \ - && socketcli -v \ - && socketcli -v | grep -q $CLI_VERSION \ No newline at end of file +# Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total) +RUN for i in $(seq 1 10); do \ + echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \ + if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \ + break; \ + fi; \ + echo "Install failed, waiting 30s before retry..."; \ + sleep 30; \ + done && \ + if [ ! -z "$SDK_VERSION" ]; then \ + pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socket-sdk-python==${SDK_VERSION}; \ + fi \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..e1bc1ad --- /dev/null +++ b/Makefile @@ -0,0 +1,69 @@ +.PHONY: setup compile-deps sync-deps clean test lint init-tools local-dev first-time-setup update-deps dev-setup sync-all first-time-local-setup + +# Environment variable for local SDK path (optional) +SOCKET_SDK_PATH ?= ../socket-sdk-python + +# Environment variable to control local development mode +USE_LOCAL_SDK ?= false + +# === High-level workflow targets === + +# First-time repo setup after cloning (using PyPI packages) +first-time-setup: clean setup + +# First-time setup for local development (using local SDK) +first-time-local-setup: + $(MAKE) clean + $(MAKE) USE_LOCAL_SDK=true dev-setup + +# Update dependencies after changing pyproject.toml +update-deps: compile-deps sync-deps + +# Setup for local development +dev-setup: clean local-dev setup + +# Sync all dependencies after pulling changes +sync-all: sync-deps + +# === Implementation targets === + +# Creates virtual environment and installs pip-tools +init-tools: + python -m venv .venv + . .venv/bin/activate && pip install pip-tools + +# Installs dependencies needed for local development +# Currently: socket-sdk-python from test PyPI or local path +local-dev: init-tools +ifeq ($(USE_LOCAL_SDK),true) + . .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH) +endif + +# Creates/updates requirements.txt files with locked versions based on pyproject.toml +compile-deps: local-dev + . .venv/bin/activate && pip-compile --output-file=requirements.txt pyproject.toml + . .venv/bin/activate && pip-compile --extra=dev --output-file=requirements-dev.txt pyproject.toml + . .venv/bin/activate && pip-compile --extra=test --output-file=requirements-test.txt pyproject.toml + +# Creates virtual environment and installs dependencies from pyproject.toml +setup: compile-deps + . .venv/bin/activate && pip install -e ".[dev,test]" + +# Installs exact versions from requirements.txt into your virtual environment +sync-deps: + . .venv/bin/activate && pip-sync requirements.txt requirements-dev.txt requirements-test.txt +ifeq ($(USE_LOCAL_SDK),true) + . .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH) +endif + +# Removes virtual environment and cache files +clean: + rm -rf .venv + find . -type d -name "__pycache__" -exec rm -rf {} + + +test: + pytest + +lint: + ruff check . + ruff format --check . \ No newline at end of file diff --git a/Pipfile b/Pipfile deleted file mode 100644 index 839da36..0000000 --- a/Pipfile +++ /dev/null @@ -1,16 +0,0 @@ -[[source]] -url = "https://pypi.org/simple" -verify_ssl = true -name = "pypi" - -[packages] -requests = ">=2.32.0" -mdutils = "~=1.6.0" -prettytable = "*" -argparse = "*" -gitpython = "*" - -[dev-packages] - -[requires] -python_version = "3.12" diff --git a/Pipfile.lock b/Pipfile.lock deleted file mode 100644 index ee638cf..0000000 --- a/Pipfile.lock +++ /dev/null @@ -1,207 +0,0 @@ -{ - "_meta": { - "hash": { - "sha256": "9a1e9bcbc5675fd9d1bf3d2ca44406464dfc12b058225c5ecc88442ef0449e88" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "3.12" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "argparse": { - "hashes": [ - "sha256:62b089a55be1d8949cd2bc7e0df0bddb9e028faefc8c32038cc84862aefdd6e4", - "sha256:c31647edb69fd3d465a847ea3157d37bed1f95f19760b11a47aa91c04b666314" - ], - "index": "pypi", - "version": "==1.4.0" - }, - "certifi": { - "hashes": [ - "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b", - "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90" - ], - "index": "pypi", - "markers": "python_version >= '3.6'", - "version": "==2024.7.4" - }, - "charset-normalizer": { - "hashes": [ - "sha256:06435b539f889b1f6f4ac1758871aae42dc3a8c0e24ac9e60c2384973ad73027", - "sha256:06a81e93cd441c56a9b65d8e1d043daeb97a3d0856d177d5c90ba85acb3db087", - "sha256:0a55554a2fa0d408816b3b5cedf0045f4b8e1a6065aec45849de2d6f3f8e9786", - "sha256:0b2b64d2bb6d3fb9112bafa732def486049e63de9618b5843bcdd081d8144cd8", - "sha256:10955842570876604d404661fbccbc9c7e684caf432c09c715ec38fbae45ae09", - "sha256:122c7fa62b130ed55f8f285bfd56d5f4b4a5b503609d181f9ad85e55c89f4185", - "sha256:1ceae2f17a9c33cb48e3263960dc5fc8005351ee19db217e9b1bb15d28c02574", - "sha256:1d3193f4a680c64b4b6a9115943538edb896edc190f0b222e73761716519268e", - "sha256:1f79682fbe303db92bc2b1136016a38a42e835d932bab5b3b1bfcfbf0640e519", - "sha256:2127566c664442652f024c837091890cb1942c30937add288223dc895793f898", - "sha256:22afcb9f253dac0696b5a4be4a1c0f8762f8239e21b99680099abd9b2b1b2269", - "sha256:25baf083bf6f6b341f4121c2f3c548875ee6f5339300e08be3f2b2ba1721cdd3", - "sha256:2e81c7b9c8979ce92ed306c249d46894776a909505d8f5a4ba55b14206e3222f", - "sha256:3287761bc4ee9e33561a7e058c72ac0938c4f57fe49a09eae428fd88aafe7bb6", - "sha256:34d1c8da1e78d2e001f363791c98a272bb734000fcef47a491c1e3b0505657a8", - "sha256:37e55c8e51c236f95b033f6fb391d7d7970ba5fe7ff453dad675e88cf303377a", - "sha256:3d47fa203a7bd9c5b6cee4736ee84ca03b8ef23193c0d1ca99b5089f72645c73", - "sha256:3e4d1f6587322d2788836a99c69062fbb091331ec940e02d12d179c1d53e25fc", - "sha256:42cb296636fcc8b0644486d15c12376cb9fa75443e00fb25de0b8602e64c1714", - "sha256:45485e01ff4d3630ec0d9617310448a8702f70e9c01906b0d0118bdf9d124cf2", - "sha256:4a78b2b446bd7c934f5dcedc588903fb2f5eec172f3d29e52a9096a43722adfc", - "sha256:4ab2fe47fae9e0f9dee8c04187ce5d09f48eabe611be8259444906793ab7cbce", - "sha256:4d0d1650369165a14e14e1e47b372cfcb31d6ab44e6e33cb2d4e57265290044d", - "sha256:549a3a73da901d5bc3ce8d24e0600d1fa85524c10287f6004fbab87672bf3e1e", - "sha256:55086ee1064215781fff39a1af09518bc9255b50d6333f2e4c74ca09fac6a8f6", - "sha256:572c3763a264ba47b3cf708a44ce965d98555f618ca42c926a9c1616d8f34269", - "sha256:573f6eac48f4769d667c4442081b1794f52919e7edada77495aaed9236d13a96", - "sha256:5b4c145409bef602a690e7cfad0a15a55c13320ff7a3ad7ca59c13bb8ba4d45d", - "sha256:6463effa3186ea09411d50efc7d85360b38d5f09b870c48e4600f63af490e56a", - "sha256:65f6f63034100ead094b8744b3b97965785388f308a64cf8d7c34f2f2e5be0c4", - "sha256:663946639d296df6a2bb2aa51b60a2454ca1cb29835324c640dafb5ff2131a77", - "sha256:6897af51655e3691ff853668779c7bad41579facacf5fd7253b0133308cf000d", - "sha256:68d1f8a9e9e37c1223b656399be5d6b448dea850bed7d0f87a8311f1ff3dabb0", - "sha256:6ac7ffc7ad6d040517be39eb591cac5ff87416c2537df6ba3cba3bae290c0fed", - "sha256:6b3251890fff30ee142c44144871185dbe13b11bab478a88887a639655be1068", - "sha256:6c4caeef8fa63d06bd437cd4bdcf3ffefe6738fb1b25951440d80dc7df8c03ac", - "sha256:6ef1d82a3af9d3eecdba2321dc1b3c238245d890843e040e41e470ffa64c3e25", - "sha256:753f10e867343b4511128c6ed8c82f7bec3bd026875576dfd88483c5c73b2fd8", - "sha256:7cd13a2e3ddeed6913a65e66e94b51d80a041145a026c27e6bb76c31a853c6ab", - "sha256:7ed9e526742851e8d5cc9e6cf41427dfc6068d4f5a3bb03659444b4cabf6bc26", - "sha256:7f04c839ed0b6b98b1a7501a002144b76c18fb1c1850c8b98d458ac269e26ed2", - "sha256:802fe99cca7457642125a8a88a084cef28ff0cf9407060f7b93dca5aa25480db", - "sha256:80402cd6ee291dcb72644d6eac93785fe2c8b9cb30893c1af5b8fdd753b9d40f", - "sha256:8465322196c8b4d7ab6d1e049e4c5cb460d0394da4a27d23cc242fbf0034b6b5", - "sha256:86216b5cee4b06df986d214f664305142d9c76df9b6512be2738aa72a2048f99", - "sha256:87d1351268731db79e0f8e745d92493ee2841c974128ef629dc518b937d9194c", - "sha256:8bdb58ff7ba23002a4c5808d608e4e6c687175724f54a5dade5fa8c67b604e4d", - "sha256:8c622a5fe39a48f78944a87d4fb8a53ee07344641b0562c540d840748571b811", - "sha256:8d756e44e94489e49571086ef83b2bb8ce311e730092d2c34ca8f7d925cb20aa", - "sha256:8f4a014bc36d3c57402e2977dada34f9c12300af536839dc38c0beab8878f38a", - "sha256:9063e24fdb1e498ab71cb7419e24622516c4a04476b17a2dab57e8baa30d6e03", - "sha256:90d558489962fd4918143277a773316e56c72da56ec7aa3dc3dbbe20fdfed15b", - "sha256:923c0c831b7cfcb071580d3f46c4baf50f174be571576556269530f4bbd79d04", - "sha256:95f2a5796329323b8f0512e09dbb7a1860c46a39da62ecb2324f116fa8fdc85c", - "sha256:96b02a3dc4381e5494fad39be677abcb5e6634bf7b4fa83a6dd3112607547001", - "sha256:9f96df6923e21816da7e0ad3fd47dd8f94b2a5ce594e00677c0013018b813458", - "sha256:a10af20b82360ab00827f916a6058451b723b4e65030c5a18577c8b2de5b3389", - "sha256:a50aebfa173e157099939b17f18600f72f84eed3049e743b68ad15bd69b6bf99", - "sha256:a981a536974bbc7a512cf44ed14938cf01030a99e9b3a06dd59578882f06f985", - "sha256:a9a8e9031d613fd2009c182b69c7b2c1ef8239a0efb1df3f7c8da66d5dd3d537", - "sha256:ae5f4161f18c61806f411a13b0310bea87f987c7d2ecdbdaad0e94eb2e404238", - "sha256:aed38f6e4fb3f5d6bf81bfa990a07806be9d83cf7bacef998ab1a9bd660a581f", - "sha256:b01b88d45a6fcb69667cd6d2f7a9aeb4bf53760d7fc536bf679ec94fe9f3ff3d", - "sha256:b261ccdec7821281dade748d088bb6e9b69e6d15b30652b74cbbac25e280b796", - "sha256:b2b0a0c0517616b6869869f8c581d4eb2dd83a4d79e0ebcb7d373ef9956aeb0a", - "sha256:b4a23f61ce87adf89be746c8a8974fe1c823c891d8f86eb218bb957c924bb143", - "sha256:bd8f7df7d12c2db9fab40bdd87a7c09b1530128315d047a086fa3ae3435cb3a8", - "sha256:beb58fe5cdb101e3a055192ac291b7a21e3b7ef4f67fa1d74e331a7f2124341c", - "sha256:c002b4ffc0be611f0d9da932eb0f704fe2602a9a949d1f738e4c34c75b0863d5", - "sha256:c083af607d2515612056a31f0a8d9e0fcb5876b7bfc0abad3ecd275bc4ebc2d5", - "sha256:c180f51afb394e165eafe4ac2936a14bee3eb10debc9d9e4db8958fe36afe711", - "sha256:c235ebd9baae02f1b77bcea61bce332cb4331dc3617d254df3323aa01ab47bd4", - "sha256:cd70574b12bb8a4d2aaa0094515df2463cb429d8536cfb6c7ce983246983e5a6", - "sha256:d0eccceffcb53201b5bfebb52600a5fb483a20b61da9dbc885f8b103cbe7598c", - "sha256:d965bba47ddeec8cd560687584e88cf699fd28f192ceb452d1d7ee807c5597b7", - "sha256:db364eca23f876da6f9e16c9da0df51aa4f104a972735574842618b8c6d999d4", - "sha256:ddbb2551d7e0102e7252db79ba445cdab71b26640817ab1e3e3648dad515003b", - "sha256:deb6be0ac38ece9ba87dea880e438f25ca3eddfac8b002a2ec3d9183a454e8ae", - "sha256:e06ed3eb3218bc64786f7db41917d4e686cc4856944f53d5bdf83a6884432e12", - "sha256:e27ad930a842b4c5eb8ac0016b0a54f5aebbe679340c26101df33424142c143c", - "sha256:e537484df0d8f426ce2afb2d0f8e1c3d0b114b83f8850e5f2fbea0e797bd82ae", - "sha256:eb00ed941194665c332bf8e078baf037d6c35d7c4f3102ea2d4f16ca94a26dc8", - "sha256:eb6904c354526e758fda7167b33005998fb68c46fbc10e013ca97f21ca5c8887", - "sha256:eb8821e09e916165e160797a6c17edda0679379a4be5c716c260e836e122f54b", - "sha256:efcb3f6676480691518c177e3b465bcddf57cea040302f9f4e6e191af91174d4", - "sha256:f27273b60488abe721a075bcca6d7f3964f9f6f067c8c4c605743023d7d3944f", - "sha256:f30c3cb33b24454a82faecaf01b19c18562b1e89558fb6c56de4d9118a032fd5", - "sha256:fb69256e180cb6c8a894fee62b3afebae785babc1ee98b81cdf68bbca1987f33", - "sha256:fd1abc0d89e30cc4e02e4064dc67fcc51bd941eb395c502aac3ec19fab46b519", - "sha256:ff8fa367d09b717b2a17a052544193ad76cd49979c805768879cb63d9ca50561" - ], - "markers": "python_full_version >= '3.7.0'", - "version": "==3.3.2" - }, - "gitdb": { - "hashes": [ - "sha256:81a3407ddd2ee8df444cbacea00e2d038e40150acfa3001696fe0dcf1d3adfa4", - "sha256:bf5421126136d6d0af55bc1e7c1af1c397a34f5b7bd79e776cd3e89785c2b04b" - ], - "markers": "python_version >= '3.7'", - "version": "==4.0.11" - }, - "gitpython": { - "hashes": [ - "sha256:35f314a9f878467f5453cc1fee295c3e18e52f1b99f10f6cf5b1682e968a9e7c", - "sha256:eec7ec56b92aad751f9912a73404bc02ba212a23adb2c7098ee668417051a1ff" - ], - "index": "pypi", - "markers": "python_version >= '3.7'", - "version": "==3.1.43" - }, - "idna": { - "hashes": [ - "sha256:028ff3aadf0609c1fd278d8ea3089299412a7a8b9bd005dd08b9f8285bcb5cfc", - "sha256:82fee1fc78add43492d3a1898bfa6d8a904cc97d8427f683ed8e798d07761aa0" - ], - "markers": "python_version >= '3.5'", - "version": "==3.7" - }, - "mdutils": { - "hashes": [ - "sha256:647f3cf00df39fee6c57fa6738dc1160fce1788276b5530c87d43a70cdefdaf1" - ], - "index": "pypi", - "version": "==1.6.0" - }, - "prettytable": { - "hashes": [ - "sha256:6536efaf0757fdaa7d22e78b3aac3b69ea1b7200538c2c6995d649365bddab92", - "sha256:9665594d137fb08a1117518c25551e0ede1687197cf353a4fdc78d27e1073568" - ], - "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==3.10.0" - }, - "requests": { - "hashes": [ - "sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760", - "sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6" - ], - "index": "pypi", - "markers": "python_version >= '3.8'", - "version": "==2.32.3" - }, - "smmap": { - "hashes": [ - "sha256:dceeb6c0028fdb6734471eb07c0cd2aae706ccaecab45965ee83f11c8d3b1f62", - "sha256:e6d8668fa5f93e706934a62d7b4db19c8d9eb8cf2adbb75ef1b675aa332b69da" - ], - "markers": "python_version >= '3.7'", - "version": "==5.0.1" - }, - "urllib3": { - "hashes": [ - "sha256:a448b2f64d686155468037e1ace9f2d2199776e17f0a46610480d311f73e3472", - "sha256:dd505485549a7a552833da5e6063639d0d177c04f23bc3864e41e5dc5f612168" - ], - "markers": "python_version >= '3.8'", - "version": "==2.2.2" - }, - "wcwidth": { - "hashes": [ - "sha256:3da69048e4540d84af32131829ff948f1e022c1c6bdb8d6102117aac784f6859", - "sha256:72ea0c06399eb286d978fdedb6923a9eb47e1c486ce63e9b4e64fc18303972b5" - ], - "version": "==0.2.13" - } - }, - "develop": {} -} diff --git a/README.md b/README.md index e05657b..a94ae47 100644 --- a/README.md +++ b/README.md @@ -2,11 +2,13 @@ The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code. + + ## Usage ```` shell -socketcli [-h] [--api_token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr_number PR_NUMBER] - [--commit_message COMMIT_MESSAGE] [--default_branch] [--target_path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE] +socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr-number PR_NUMBER] + [--commit-message COMMIT_MESSAGE] [--default-branch] [--target-path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE] [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout] ```` @@ -17,14 +19,14 @@ If you don't want to provide the Socket API Token every time then you can use th | Parameter | Alternate Name | Required | Default | Description | |:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | -h | --help | False | | Show the CLI help message | -| --api_token | | False | | Provides the Socket API Token | +| --api-token | | False | | Provides the Socket API Token | | --repo | | True | | The string name in a git approved name for repositories. | | --branch | | False | | The string name in a git approved name for branches. | | --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer | -| --pr_number | | False | 0 | The integer for the PR or MR number | -| --commit_message | | False | | The string for a commit message if there is one | -| --default_branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies | -| --target_path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files | +| --pr-number | | False | 0 | The integer for the PR or MR number | +| --commit-message | | False | | The string for a commit message if there is one | +| --default-branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies | +| --target-path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files | | --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` | | --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory | | --version | -v | False | | Prints the version and exits | @@ -39,4 +41,66 @@ If you don't want to provide the Socket API Token every time then you can use th | --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. | | --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | | --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 | -| --timeout | | False | 1200 | The timeout per request for the CLI | + +## Development + +This project uses `pyproject.toml` as the primary dependency specification. + +### Development Workflows + +The following Make targets provide streamlined workflows for common development tasks: + +#### Initial Setup (Choose One) + +1. Standard Setup (using PyPI packages): +```bash +pyenv local 3.11 # Ensure correct Python version +make first-time-setup +``` + +2. Local Development Setup (for SDK development): +```bash +pyenv local 3.11 # Ensure correct Python version +SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup +``` +The default SDK path is `../socket-sdk-python` if not specified. + +#### Ongoing Development Tasks + +After changing dependencies in pyproject.toml: +```bash +make update-deps +``` + +After pulling changes: +```bash +make sync-all +``` + +### Available Make targets: + +High-level workflows: +- `make first-time-setup`: Complete setup using PyPI packages +- `make first-time-local-setup`: Complete setup for local SDK development +- `make update-deps`: Update requirements.txt files and sync dependencies +- `make sync-all`: Sync dependencies after pulling changes +- `make dev-setup`: Setup for local development (included in first-time-local-setup) + +Implementation targets: +- `make init-tools`: Creates virtual environment and installs pip-tools +- `make local-dev`: Installs dependencies needed for local development +- `make compile-deps`: Generates requirements.txt files with locked versions +- `make setup`: Creates virtual environment and installs dependencies +- `make sync-deps`: Installs exact versions from requirements.txt +- `make clean`: Removes virtual environment and cache files +- `make test`: Runs pytest suite +- `make lint`: Runs ruff for code formatting and linting + +### Environment Variables + +- `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python) + +### Running tests: + +#### Run all tests: +``` \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index 00320f6..bf85302 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,14 +5,15 @@ build-backend = "setuptools.build_meta" [project] name = "socketsecurity" dynamic = ["version"] -requires-python = ">= 3.9" +requires-python = ">= 3.11" dependencies = [ 'requests', 'mdutils', 'prettytable', 'GitPython', 'packaging', - 'socket-sdk-python>=1.0.15,<2.0.0' + 'python-dotenv', + 'socket-sdk-python>=2.0.4' ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -26,12 +27,22 @@ maintainers = [ classifiers = [ "Development Status :: 4 - Beta", "Intended Audience :: Developers", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", ] +[project.optional-dependencies] +test = [ + "pytest>=7.4.0", + "pytest-cov>=4.1.0", + "pytest-mock>=3.12.0", + "pytest-asyncio>=0.23.0", + "pytest-watch >=4.2.0" +] +dev = [ + "ruff>=0.3.0", + "pip-tools>=7.4.0", # for pip-compile +] [project.scripts] socketcli = "socketsecurity.socketcli:cli" @@ -41,9 +52,114 @@ Homepage = "https://socket.dev" [tool.setuptools.packages.find] include = [ - "socketsecurity", - "socketsecurity.core" + "socketsecurity*" ] [tool.setuptools.dynamic] version = {attr = "socketsecurity.__version__"} + + + +[tool.coverage.run] +source = ["socketsecurity"] +branch = true +include = [ + "socketsecurity/**/*.py", + "socketsecurity/**/__init__.py" +] +omit = [ + "socketsecurity/core/issues.py", # Large data file + "socketsecurity/core/licenses.py" # Large data file +] + +[tool.coverage.report] +exclude_lines = [ + "pragma: no cover", + "def __repr__", + "if __name__ == .__main__.:", + "raise NotImplementedError", + "if TYPE_CHECKING:", +] +show_missing = true +skip_empty = true + +[tool.ruff] +# Exclude a variety of commonly ignored directories. +exclude = [ + ".bzr", + ".direnv", + ".eggs", + ".git", + ".git-rewrite", + ".hg", + ".ipynb_checkpoints", + ".mypy_cache", + ".nox", + ".pants.d", + ".pyenv", + ".pytest_cache", + ".pytype", + ".ruff_cache", + ".svn", + ".tox", + ".venv", + ".vscode", + "__pypackages__", + "_build", + "buck-out", + "build", + "dist", + "node_modules", + "site-packages", + "venv", +] + +[tool.ruff.lint] +# Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`) codes by default. +# Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or +# McCabe complexity (`C901`) by default. +select = [ + "E4", "E7", "E9", "F", # Current rules + "I", # isort + "F401", # Unused imports + "F403", # Star imports + "F405", # Star imports undefined + "F821", # Undefined names +] + +# Allow fix for all enabled rules (when `--fix`) is provided. +fixable = ["ALL"] +unfixable = [] + +# Allow unused variables when underscore-prefixed. +dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$" + +[tool.ruff.lint.isort] +known-first-party = ["socketsecurity"] + +[tool.ruff.format] +# Like Black, use double quotes for strings. +quote-style = "double" + +# Like Black, indent with spaces, rather than tabs. +indent-style = "space" + +# Like Black, respect magic trailing commas. +skip-magic-trailing-comma = false + +# Like Black, automatically detect the appropriate line ending. +line-ending = "auto" + +# Enable auto-formatting of code examples in docstrings. Markdown, +# reStructuredText code/literal blocks and doctests are all supported. +# +# This is currently disabled by default, but it is planned for this +# to be opt-out in the future. +docstring-code-format = false + +# Set the line length limit used when formatting code snippets in +# docstrings. +# +# This only has an effect when the `docstring-code-format` setting is +# enabled. +docstring-code-line-length = "dynamic" \ No newline at end of file diff --git a/pytest.ini b/pytest.ini new file mode 100644 index 0000000..69591c0 --- /dev/null +++ b/pytest.ini @@ -0,0 +1,7 @@ +[pytest] +testpaths = tests/unit +; addopts = -vv --no-cov --tb=short -ra +addopts = -vv --tb=short -ra --cov=socketsecurity --cov-report=term-missing +python_files = test_*.py +asyncio_mode = strict +asyncio_default_fixture_loop_scope = function diff --git a/requirements-dev.lock b/requirements-dev.lock new file mode 100644 index 0000000..137e3e6 --- /dev/null +++ b/requirements-dev.lock @@ -0,0 +1,72 @@ +# generated by rye +# use `rye lock` or `rye sync` to update this lockfile +# +# last locked with the following flags: +# pre: false +# features: ["test"] +# all-features: false +# with-sources: false +# generate-hashes: false +# universal: false + +-e file:. +argparse==1.4.0 + # via socketsecurity +certifi==2024.12.14 + # via requests +charset-normalizer==3.4.1 + # via requests +colorama==0.4.6 + # via pytest-watch +coverage==7.6.10 + # via pytest-cov +docopt==0.6.2 + # via pytest-watch +gitdb==4.0.12 + # via gitpython +gitpython==3.1.44 + # via socketsecurity +idna==3.10 + # via requests +iniconfig==2.0.0 + # via pytest +mdutils==1.6.0 + # via socketsecurity +packaging==24.2 + # via pytest + # via socketsecurity +pluggy==1.5.0 + # via pytest +prettytable==3.12.0 + # via socketsecurity +pytest==8.3.4 + # via pytest-asyncio + # via pytest-cov + # via pytest-mock + # via pytest-watch + # via socketsecurity +pytest-asyncio==0.25.1 + # via socketsecurity +pytest-cov==6.0.0 + # via socketsecurity +pytest-mock==3.14.0 + # via socketsecurity +pytest-watch==4.2.0 + # via socketsecurity +python-dotenv==1.0.1 + # via socketsecurity +requests==2.32.3 + # via socket-sdk-python + # via socketsecurity +smmap==5.0.2 + # via gitdb +socket-sdk-python @ file:///Users/erichibbs/code/socket/socket-sdk-python + # via socketsecurity +typing-extensions==4.12.2 + # via socket-sdk-python +urllib3==2.3.0 + # via requests +watchdog==6.0.0 + # via pytest-watch +wcwidth==0.2.13 + # via prettytable diff --git a/requirements.lock b/requirements.lock new file mode 100644 index 0000000..137e3e6 --- /dev/null +++ b/requirements.lock @@ -0,0 +1,72 @@ +# generated by rye +# use `rye lock` or `rye sync` to update this lockfile +# +# last locked with the following flags: +# pre: false +# features: ["test"] +# all-features: false +# with-sources: false +# generate-hashes: false +# universal: false + +-e file:. +argparse==1.4.0 + # via socketsecurity +certifi==2024.12.14 + # via requests +charset-normalizer==3.4.1 + # via requests +colorama==0.4.6 + # via pytest-watch +coverage==7.6.10 + # via pytest-cov +docopt==0.6.2 + # via pytest-watch +gitdb==4.0.12 + # via gitpython +gitpython==3.1.44 + # via socketsecurity +idna==3.10 + # via requests +iniconfig==2.0.0 + # via pytest +mdutils==1.6.0 + # via socketsecurity +packaging==24.2 + # via pytest + # via socketsecurity +pluggy==1.5.0 + # via pytest +prettytable==3.12.0 + # via socketsecurity +pytest==8.3.4 + # via pytest-asyncio + # via pytest-cov + # via pytest-mock + # via pytest-watch + # via socketsecurity +pytest-asyncio==0.25.1 + # via socketsecurity +pytest-cov==6.0.0 + # via socketsecurity +pytest-mock==3.14.0 + # via socketsecurity +pytest-watch==4.2.0 + # via socketsecurity +python-dotenv==1.0.1 + # via socketsecurity +requests==2.32.3 + # via socket-sdk-python + # via socketsecurity +smmap==5.0.2 + # via gitdb +socket-sdk-python @ file:///Users/erichibbs/code/socket/socket-sdk-python + # via socketsecurity +typing-extensions==4.12.2 + # via socket-sdk-python +urllib3==2.3.0 + # via requests +watchdog==6.0.0 + # via pytest-watch +wcwidth==0.2.13 + # via prettytable diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 885c5b9..0000000 --- a/requirements.txt +++ /dev/null @@ -1,7 +0,0 @@ -socket-sdk-python>=1.0.15,<2.0.0 -requests>=2.32.0 -mdutils~=1.6.0 -prettytable -argparse -gitpython>=3.1.43 -packaging>=24.1 \ No newline at end of file diff --git a/scripts/build_container.sh b/scripts/build_container.sh index de96fa0..6e19511 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -2,42 +2,98 @@ VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'") ENABLE_PYPI_BUILD=$1 STABLE_VERSION=$2 + +verify_package() { + local version=$1 + local pip_index=$2 + echo "Verifying package availability..." + + for i in $(seq 1 30); do + if pip install --index-url $pip_index socketsecurity==$version; then + echo "Package $version is now available and installable" + pip uninstall -y socketsecurity + return 0 + fi + echo "Attempt $i: Package not yet installable, waiting 20s... ($i/30)" + sleep 20 + done + + echo "Package verification failed after 30 attempts" + return 1 +} + echo $VERSION if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then - echo "$0 pypi-build=enable stable=true" - echo "\tpypi-build: Build and publish a new version of the package to pypi. Options are prod or test" - echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog" - exit + echo "$0 pypi-build=enable stable=true" + echo "\tpypi-build: Build and publish a new version of the package to pypi. Options are prod or test" + echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog" + exit fi if [ $ENABLE_PYPI_BUILD = "pypi-build=prod" ]; then - echo "Doing production build" - python -m build --wheel --sdist - twine upload dist/*$VERSION* - sleep 120 - docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ - && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ - && docker push socketdev/cli:$VERSION \ - && docker push socketdev/cli:latest + echo "Doing production build" + if ! python -m build --wheel --sdist; then + echo "Build failed" + exit 1 + fi + + if ! twine upload dist/*$VERSION*; then + echo "Upload to PyPI failed" + exit 1 + fi + + if ! verify_package $VERSION "https://pypi.org/simple"; then + echo "Failed to verify package on PyPI" + exit 1 + fi + + docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ + && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ + && docker push socketdev/cli:$VERSION \ + && docker push socketdev/cli:latest fi if [ $ENABLE_PYPI_BUILD = "pypi-build=test" ]; then - echo "Doing test build" - python -m build --wheel --sdist - twine upload --repository testpypi dist/*$VERSION* - sleep 120 - docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION-test . \ - && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:test . \ - && docker push socketdev/cli:$VERSION-test \ - && docker push socketdev/cli:test + echo "Doing test build" + if ! python -m build --wheel --sdist; then + echo "Build failed" + exit 1 + fi + + if ! twine upload --repository testpypi dist/*$VERSION*; then + echo "Upload to TestPyPI failed" + exit 1 + fi + + if ! verify_package $VERSION "https://test.pypi.org/simple"; then + echo "Failed to verify package on TestPyPI" + exit 1 + fi + + docker build --no-cache \ + --build-arg CLI_VERSION=$VERSION \ + --build-arg PIP_INDEX_URL=https://test.pypi.org/simple \ + --build-arg PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ + --platform linux/amd64,linux/arm64 \ + -t socketdev/cli:$VERSION-test . \ + && docker build --no-cache \ + --build-arg CLI_VERSION=$VERSION \ + --build-arg PIP_INDEX_URL=https://test.pypi.org/simple \ + --build-arg PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ + --platform linux/amd64,linux/arm64 \ + -t socketdev/cli:test . \ + && docker push socketdev/cli:$VERSION-test \ + && docker push socketdev/cli:test fi - if [ $STABLE_VERSION = "stable=true" ]; then if [ $ENABLE_PYPI_BUILD = "pypi-build=enable" ]; then - sleep 120 + if ! verify_package $VERSION "https://pypi.org/simple"; then + echo "Failed to verify package on PyPI" + exit 1 + fi fi docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:stable . \ - && docker push socketdev/cli:stable - fi + && docker push socketdev/cli:stable +fi diff --git a/scripts/deploy-test-docker.sh b/scripts/deploy-test-docker.sh new file mode 100755 index 0000000..c9526e2 --- /dev/null +++ b/scripts/deploy-test-docker.sh @@ -0,0 +1,67 @@ +#!/bin/sh + +# This script builds the Docker image tagged cli:test and cli:$CLI_VERSION-test and pushes them to docker hub + +# If CLI Version and/or SDK Version are not provided, it will check TestPyPI for the latest dev versions and use that after asking the user for confirmation + +CLI_VERSION=$1 +SDK_VERSION=$2 + +get_latest_version() { + package=$1 + curl -s https://test.pypi.org/pypi/$package/json | python -c " +import sys, json +data = json.load(sys.stdin) +versions = list(data.get('releases', {}).keys()) +versions.sort(key=lambda x: ( + x.split('.dev')[0], + int(x.split('.dev')[1]) if '.dev' in x else 0 +)) +print(versions[-1] if versions else '') +" +} + +if [ -z "$CLI_VERSION" ]; then + echo "No CLI version specified, checking TestPyPI for latest version..." + CLI_VERSION=$(get_latest_version "socketsecurity") + echo "Latest CLI version on TestPyPI is: $CLI_VERSION" +fi + +if [ -z "$SDK_VERSION" ]; then + echo "No SDK version specified, checking TestPyPI for latest version..." + SDK_VERSION=$(get_latest_version "socket-sdk-python") + echo "Latest SDK version on TestPyPI is: $SDK_VERSION" +fi + +echo -n "Deploy with CLI=$CLI_VERSION and SDK=$SDK_VERSION? (y/n): " +read answer + +case $answer in + [Yy]* ) ;; + * ) echo "Aborted."; exit;; +esac + +echo "Building and pushing Docker image..." +docker build --no-cache \ + --build-arg CLI_VERSION=$CLI_VERSION \ + --build-arg SDK_VERSION=$SDK_VERSION \ + --build-arg PIP_INDEX_URL=https://test.pypi.org/simple \ + --build-arg PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ + --platform linux/amd64,linux/arm64 \ + -t socketdev/cli:$CLI_VERSION-test . \ + && docker build --no-cache \ + --build-arg CLI_VERSION=$CLI_VERSION \ + --build-arg SDK_VERSION=$SDK_VERSION \ + --build-arg PIP_INDEX_URL=https://test.pypi.org/simple \ + --build-arg PIP_EXTRA_INDEX_URL=https://pypi.org/simple \ + --platform linux/amd64,linux/arm64 \ + -t socketdev/cli:test . \ + && docker push socketdev/cli:$CLI_VERSION-test \ + && docker push socketdev/cli:test + +if [ $? -eq 0 ]; then + echo "Successfully deployed version $CLI_VERSION" +else + echo "Failed to deploy version $CLI_VERSION" + exit 1 +fi \ No newline at end of file diff --git a/scripts/deploy-test-pypi.sh b/scripts/deploy-test-pypi.sh new file mode 100755 index 0000000..408cc92 --- /dev/null +++ b/scripts/deploy-test-pypi.sh @@ -0,0 +1,60 @@ +#!/bin/sh + +# This script finds the latest dev version on TestPyPI, increments the dev version, and then uploads the new version to TestPyPI + +# Get version from __init__.py +INIT_FILE="socketsecurity/__init__.py" +ORIGINAL_VERSION=$(grep -o "__version__.*" $INIT_FILE | awk '{print $3}' | tr -d "'") +BACKUP_FILE="${INIT_FILE}.bak" + +# Get existing versions from TestPyPI +echo "Checking existing versions on TestPyPI..." +EXISTING_VERSIONS=$(curl -s https://test.pypi.org/pypi/socketsecurity/json | python -c " +import sys, json +data = json.load(sys.stdin) +versions = [v for v in data.get('releases', {}).keys() if v.startswith('$ORIGINAL_VERSION.dev')] +print('Filtered versions:', versions, file=sys.stderr) +if versions: + versions.sort(key=lambda x: int(x.split('dev')[1])) + print('Sorted versions:', versions, file=sys.stderr) + print(versions[-1]) +") + +# Determine new version +if [ -z "$EXISTING_VERSIONS" ]; then + VERSION="${ORIGINAL_VERSION}.dev1" + echo "No existing dev versions found. Using ${VERSION}" +else + LAST_DEV_NUM=$(echo $EXISTING_VERSIONS | grep -o 'dev[0-9]*' | grep -o '[0-9]*') + NEXT_DEV_NUM=$((LAST_DEV_NUM + 1)) + VERSION="${ORIGINAL_VERSION}.dev${NEXT_DEV_NUM}" + echo "Found existing version ${EXISTING_VERSIONS}. Using ${VERSION}" +fi + +echo "Deploying version ${VERSION} to Test PyPI" + +# Backup original __init__.py +cp $INIT_FILE $BACKUP_FILE + +# Update version in __init__.py +sed -i.tmp "s/__version__ = '${ORIGINAL_VERSION}'/__version__ = '${VERSION}'/" $INIT_FILE +rm "${INIT_FILE}.tmp" + +# Build and upload to test PyPI +python -m build --wheel --sdist > /dev/null 2>&1 + +# Restore original __init__.py +mv $BACKUP_FILE $INIT_FILE + +# Upload to TestPyPI using python -m +if python -m twine upload --repository testpypi dist/*${VERSION}*; then + echo + echo "Deployed to Test PyPI. Wait a few minutes before installing the new version." + echo + echo "New version:" + echo "${VERSION}" +else + echo + echo "Failed to deploy to Test PyPI" + exit 1 +fi \ No newline at end of file diff --git a/scripts/run.sh b/scripts/run.sh old mode 100644 new mode 100755 diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index fd0caea..30c5fa0 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '1.0.47' +__version__ = '2.0.2' diff --git a/socketsecurity/config.py b/socketsecurity/config.py new file mode 100644 index 0000000..630acca --- /dev/null +++ b/socketsecurity/config.py @@ -0,0 +1,336 @@ +import argparse +import os +from dataclasses import asdict, dataclass +from typing import List, Optional + +from socketdev import INTEGRATION_TYPES, IntegrationType + + +@dataclass +class CliConfig: + api_token: str + repo: Optional[str] + branch: str = "" + committers: Optional[List[str]] = None + pr_number: str = "0" + commit_message: Optional[str] = None + default_branch: bool = False + target_path: str = "./" + scm: str = "api" + sbom_file: Optional[str] = None + commit_sha: str = "" + generate_license: bool = False + enable_debug: bool = False + allow_unverified: bool = False + enable_json: bool = False + disable_overview: bool = False + disable_security_issue: bool = False + files: str = "[]" + ignore_commit_files: bool = False + disable_blocking: bool = False + integration_type: IntegrationType = "api" + integration_org_slug: Optional[str] = None + pending_head: bool = False + timeout: Optional[int] = None + @classmethod + def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': + parser = create_argument_parser() + args = parser.parse_args(args_list) + + # Get API token from env or args + api_token = os.getenv("SOCKET_SECURITY_API_KEY") or args.api_token + + # Strip quotes from commit message if present + commit_message = args.commit_message + if commit_message and commit_message.startswith('"') and commit_message.endswith('"'): + commit_message = commit_message[1:-1] + + config_args = { + 'api_token': api_token, + 'repo': args.repo, + 'branch': args.branch, + 'committers': args.committers, + 'pr_number': args.pr_number, + 'commit_message': commit_message, + 'default_branch': args.default_branch, + 'target_path': args.target_path, + 'scm': args.scm, + 'sbom_file': args.sbom_file, + 'commit_sha': args.commit_sha, + 'generate_license': args.generate_license, + 'enable_debug': args.enable_debug, + 'allow_unverified': args.allow_unverified, + 'enable_json': args.enable_json, + 'disable_overview': args.disable_overview, + 'disable_security_issue': args.disable_security_issue, + 'files': args.files, + 'ignore_commit_files': args.ignore_commit_files, + 'disable_blocking': args.disable_blocking, + 'integration_type': args.integration, + 'pending_head': args.pending_head, + 'timeout': args.timeout, + } + + if args.owner: + config_args['integration_org_slug'] = args.owner + + return cls(**config_args) + + def to_dict(self) -> dict: + return asdict(self) + +def create_argument_parser() -> argparse.ArgumentParser: + parser = argparse.ArgumentParser( + prog="socketcli", + description="The Socket Security CLI will get the head scan for the provided repo from Socket, create a new one, and then report any alerts introduced by the changes. Any new alerts will cause the CLI to exit with a non-Zero exit code (1 for error alerts, 5 for warnings)." + ) + + # Authentication + auth_group = parser.add_argument_group('Authentication') + auth_group.add_argument( + "--api-token", + dest="api_token", + metavar="", + help="Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var)", + required=False + ) + auth_group.add_argument( + "--api_token", + dest="api_token", + help=argparse.SUPPRESS + ) + + # Repository info + repo_group = parser.add_argument_group('Repository') + repo_group.add_argument( + "--repo", + metavar="", + help="Repository name in owner/repo format", + required=False + ) + repo_group.add_argument( + "--integration", + choices=INTEGRATION_TYPES, + metavar="", + help="Integration type", + default="api" + ) + repo_group.add_argument( + "--owner", + metavar="", + help="Name of the integration owner, defaults to the socket organization slug", + required=False + ) + repo_group.add_argument( + "--branch", + metavar="", + help="Branch name", + default="" + ) + repo_group.add_argument( + "--committers", + metavar="", + help="Committer(s) to filter by", + nargs="*" + ) + + # Pull Request and Commit info + pr_group = parser.add_argument_group('Pull Request and Commit') + pr_group.add_argument( + "--pr-number", + dest="pr_number", + metavar="", + help="Pull request number", + default="0" + ) + pr_group.add_argument( + "--pr_number", + dest="pr_number", + help=argparse.SUPPRESS + ) + pr_group.add_argument( + "--commit-message", + dest="commit_message", + metavar="", + help="Commit message" + ) + pr_group.add_argument( + "--commit_message", + dest="commit_message", + help=argparse.SUPPRESS + ) + pr_group.add_argument( + "--commit-sha", + dest="commit_sha", + metavar="", + default="", + help="Commit SHA" + ) + pr_group.add_argument( + "--commit_sha", + dest="commit_sha", + help=argparse.SUPPRESS + ) + + # Path and File options + path_group = parser.add_argument_group('Path and File') + path_group.add_argument( + "--target-path", + dest="target_path", + metavar="", + default="./", + help="Target path for analysis" + ) + path_group.add_argument( + "--target_path", + dest="target_path", + help=argparse.SUPPRESS + ) + path_group.add_argument( + "--sbom-file", + dest="sbom_file", + metavar="", + help="SBOM file path" + ) + path_group.add_argument( + "--sbom_file", + dest="sbom_file", + help=argparse.SUPPRESS + ) + path_group.add_argument( + "--files", + metavar="", + default="[]", + help="Files to analyze (JSON array string)" + ) + + # Branch and Scan Configuration + config_group = parser.add_argument_group('Branch and Scan Configuration') + config_group.add_argument( + "--default-branch", + dest="default_branch", + action="store_true", + help="Make this branch the default branch" + ) + config_group.add_argument( + "--default_branch", + dest="default_branch", + help=argparse.SUPPRESS + ) + config_group.add_argument( + "--pending-head", + dest="pending_head", + action="store_true", + help="If true, the new scan will be set as the branch's head scan" + ) + config_group.add_argument( + "--pending_head", + dest="pending_head", + help=argparse.SUPPRESS + ) + + # Output Configuration + output_group = parser.add_argument_group('Output Configuration') + output_group.add_argument( + "--generate-license", + dest="generate_license", + action="store_true", + help="Generate license information" + ) + output_group.add_argument( + "--generate_license", + dest="generate_license", + help=argparse.SUPPRESS + ) + output_group.add_argument( + "--enable-debug", + dest="enable_debug", + action="store_true", + help="Enable debug logging" + ) + output_group.add_argument( + "--enable_debug", + dest="enable_debug", + help=argparse.SUPPRESS + ) + output_group.add_argument( + "--enable-json", + dest="enable_json", + action="store_true", + help="Output in JSON format" + ) + output_group.add_argument( + "--enable_json", + dest="enable_json", + help=argparse.SUPPRESS + ) + output_group.add_argument( + "--disable-overview", + dest="disable_overview", + action="store_true", + help="Disable overview output" + ) + output_group.add_argument( + "--disable_overview", + dest="disable_overview", + help=argparse.SUPPRESS + ) + + # Security Configuration + security_group = parser.add_argument_group('Security Configuration') + security_group.add_argument( + "--allow-unverified", + action="store_true", + help="Allow unverified packages" + ) + security_group.add_argument( + "--disable-security-issue", + dest="disable_security_issue", + action="store_true", + help="Disable security issue checks" + ) + security_group.add_argument( + "--disable_security_issue", + dest="disable_security_issue", + help=argparse.SUPPRESS + ) + + # Advanced Configuration + advanced_group = parser.add_argument_group('Advanced Configuration') + advanced_group.add_argument( + "--ignore-commit-files", + dest="ignore_commit_files", + action="store_true", + help="Ignore commit files" + ) + advanced_group.add_argument( + "--ignore_commit_files", + dest="ignore_commit_files", + help=argparse.SUPPRESS + ) + advanced_group.add_argument( + "--disable-blocking", + dest="disable_blocking", + action="store_true", + help="Disable blocking mode" + ) + advanced_group.add_argument( + "--disable_blocking", + dest="disable_blocking", + help=argparse.SUPPRESS + ) + advanced_group.add_argument( + "--scm", + metavar="", + default="api", + help="Source control management type" + ) + advanced_group.add_argument( + "--timeout", + type=int, + metavar="", + help="Timeout in seconds for API requests", + required=False + ) + + return parser \ No newline at end of file diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 4b71606..751c456 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,456 +1,148 @@ import base64 import json import logging -import platform import time +from dataclasses import asdict from glob import glob from pathlib import PurePath -from urllib.parse import urlencode +from typing import BinaryIO, Dict, List, Optional, Tuple -import requests -from requests.exceptions import ReadTimeout from socketdev import socketdev +from socketdev.fullscans import ( + FullScanParams, + SocketArtifact, + DiffArtifact, +) +from socketdev.org import Organization +from socketdev.repos import RepositoryInfo +from socketdev.settings import SecurityPolicyRule from socketsecurity import __version__ from socketsecurity.core.classes import ( Alert, Diff, FullScan, - FullScanParams, Issue, Package, Purl, - Report, - Repository, ) from socketsecurity.core.exceptions import ( - APIAccessDenied, - APICloudflareError, - APIFailure, - APIInsufficientQuota, - APIKeyMissing, APIResourceNotFound, - RequestTimeoutExceeded, ) -from socketsecurity.core.issues import AllIssues from socketsecurity.core.licenses import Licenses +from .socket_config import SocketConfig +from .utils import socket_globs + __all__ = [ "Core", "log", "__version__", - "do_request" ] - -global encoded_key version = __version__ -api_url = "https://api.socket.dev/v0" -timeout = 30 -full_scan_path = "" -repository_path = "" -all_issues = AllIssues() -org_id = None -org_slug = None -all_new_alerts = False -security_policy = {} -allow_unverified_ssl = False log = logging.getLogger("socketdev") -log.addHandler(logging.NullHandler()) - -socket_sdk = None - -socket_globs = { - "spdx": { - "spdx.json": { - "pattern": "*[-.]spdx.json" - } - }, - "cdx": { - "cyclonedx.json": { - "pattern": "{bom,*[-.]c{yclone,}dx}.json" - }, - "xml": { - "pattern": "{bom,*[-.]c{yclone,}dx}.xml" - } - }, - "npm": { - "package.json": { - "pattern": "package.json" - }, - "package-lock.json": { - "pattern": "package-lock.json" - }, - "npm-shrinkwrap.json": { - "pattern": "npm-shrinkwrap.json" - }, - "yarn.lock": { - "pattern": "yarn.lock" - }, - "pnpm-lock.yaml": { - "pattern": "pnpm-lock.yaml" - }, - "pnpm-lock.yml": { - "pattern": "pnpm-lock.yml" - }, - "pnpm-workspace.yaml": { - "pattern": "pnpm-workspace.yaml" - }, - "pnpm-workspace.yml": { - "pattern": "pnpm-workspace.yml" - } - }, - "pypi": { - "pipfile": { - "pattern": "pipfile" - }, - "pyproject.toml": { - "pattern": "pyproject.toml" - }, - "poetry.lock": { - "pattern": "poetry.lock" - }, - "requirements.txt": { - "pattern": "*requirements.txt" - }, - "requirements": { - "pattern": "requirements/*.txt" - }, - "requirements-*.txt": { - "pattern": "requirements-*.txt" - }, - "requirements_*.txt": { - "pattern": "requirements_*.txt" - }, - "requirements.frozen": { - "pattern": "requirements.frozen" - }, - "setup.py": { - "pattern": "setup.py" - }, - "pipfile.lock": { - "pattern": "pipfile.lock" - } - }, - "golang": { - "go.mod": { - "pattern": "go.mod" - }, - "go.sum": { - "pattern": "go.sum" - } - }, - "java": { - "pom.xml": { - "pattern": "pom.xml" - } + +class Core: + """Main class for interacting with Socket Security API and processing scan results.""" + + ALERT_TYPE_TO_CAPABILITY = { + "envVars": "Environment Variables", + "networkAccess": "Network Access", + "filesystemAccess": "File System Access", + "shellAccess": "Shell Access", + "usesEval": "Uses Eval", + "unsafe": "Unsafe" } -} - - -def encode_key(token: str) -> None: - """ - encode_key takes passed token string and does a base64 encoding. It sets this as a global variable - :param token: str of the Socket API Security Token - :return: - """ - global encoded_key - encoded_key = base64.b64encode(token.encode()).decode('ascii') - - -class SCMRequestError(Exception): - """Generic exception for SCM API request failures""" - def __init__(self, status_code: int, message: str, url: str): - self.status_code = status_code - self.message = message - self.url = url - super().__init__(f"SCM API request failed: {status_code} - {message} (URL: {url})") - - -def do_request( - path: str, - headers: dict = None, - payload: [dict, str] = None, - files: list = None, - method: str = "GET", - base_url: str = None, -) -> requests.Response: - """ - Shared function for making HTTP calls to SCM providers (GitHub/GitLab) - :param base_url: Base URL for the SCM provider API - :param path: Required path for the request - :param headers: Optional dictionary of headers - :param payload: Optional dictionary or string of the payload to pass - :param files: Optional list of files to upload - :param method: Optional method to use, defaults to GET - :return: Response object - :raises: SCMRequestError if the request fails - """ - if base_url is None: - raise ValueError("base_url is required for SCM API calls") - - url = f"{base_url}/{path}" - verify = not allow_unverified_ssl - - try: - response = requests.request( - method.upper(), - url, - headers=headers, - data=payload, - files=files, - timeout=timeout, - verify=verify - ) - - # Log request details (with redacted auth) - output_headers = headers.copy() if headers else {} - if 'Authorization' in output_headers: - output_headers['Authorization'] = "TOKEN_REDACTED" - - log.debug({ - "url": url, - "headers": output_headers, - "status_code": response.status_code, - "body": response.text, - "payload": payload, - "files": files, - "timeout": timeout - }) - - if response.status_code < 400: - return response - - # Try to get error message from response - try: - error_msg = response.json().get('message', response.text) - except (json.JSONDecodeError, AttributeError): - error_msg = response.text - - raise SCMRequestError( - status_code=response.status_code, - message=error_msg, - url=url - ) - - except ReadTimeout: - raise SCMRequestError( - status_code=408, - message=f"Request timed out after {timeout} seconds", - url=url - ) - except requests.RequestException as e: - raise SCMRequestError( - status_code=500, - message=str(e), - url=url - ) + config: SocketConfig + sdk: socketdev -class Core: - token: str - base_api_url: str - request_timeout: int - reports: list + def __init__(self, config: SocketConfig, sdk: socketdev) -> None: + """Initialize Core with configuration and SDK instance.""" + self.config = config + self.sdk = sdk + self.set_org_vars() - def __init__( - self, - token: str, - base_api_url: str = None, - request_timeout: int = None, - enable_all_alerts: bool = False, - allow_unverified: bool = False - ): - global allow_unverified_ssl, socket_sdk - allow_unverified_ssl = allow_unverified - self.token = token + ":" - socket_sdk = socketdev(self.token, timeout=request_timeout) - encode_key(self.token) - self.socket_date_format = "%Y-%m-%dT%H:%M:%S.%fZ" - self.base_api_url = base_api_url - if self.base_api_url is not None: - Core.set_api_url(self.base_api_url) - self.request_timeout = request_timeout - if self.request_timeout is not None: - Core.set_timeout(self.request_timeout) - if enable_all_alerts: - global all_new_alerts - all_new_alerts = True - Core.set_org_vars() + def set_org_vars(self) -> None: + """Sets the main shared configuration variables for organization access.""" + org_id, org_slug = self.get_org_id_slug() - @staticmethod - def enable_debug_log(level: int): - global log - log.setLevel(level) + self.config.org_id = org_id + self.config.org_slug = org_slug - @staticmethod - def set_org_vars() -> None: - """ - Sets the main shared global variables - :return: - """ - global org_id, org_slug, full_scan_path, repository_path, security_policy - org_id, org_slug = Core.get_org_id_slug() base_path = f"orgs/{org_slug}" - full_scan_path = f"{base_path}/full-scans" - repository_path = f"{base_path}/repos" - security_policy = Core.get_security_policy() + self.config.full_scan_path = f"{base_path}/full-scans" + self.config.repository_path = f"{base_path}/repos" - @staticmethod - def set_api_url(base_url: str): - """ - Set the global API URl if provided - :param base_url: - :return: - """ - global api_url - api_url = base_url + self.config.security_policy = self.get_security_policy() - @staticmethod - def set_timeout(request_timeout: int): - """ - Set the global Requests timeout - :param request_timeout: - :return: - """ - global timeout - timeout = request_timeout + def get_org_id_slug(self) -> Tuple[str, str]: + """Gets the Org ID and Org Slug for the API Token.""" + response = self.sdk.org.get() + organizations: Dict[str, Organization] = response.get("organizations", {}) - @staticmethod - def get_org_id_slug() -> (str, str): - """ - Gets the Org ID and Org Slug for the API Token - :return: - """ - data = socket_sdk.org.get() - organizations = data.get("organizations") - new_org_id = None - new_org_slug = None if len(organizations) == 1: - for key in organizations: - new_org_id = key - new_org_slug = organizations[key].get('slug') - return new_org_id, new_org_slug - - @staticmethod - def get_sbom_data(full_scan_id: str) -> list: - """ - Gets SBOM data for a full scan using the Socket SDK - :param full_scan_id: str - ID of the full scan to get SBOM data for - :return: list of SBOM artifacts - """ - try: - result = socket_sdk.fullscans.stream(org_slug, full_scan_id) - if result.get("success", False): - # Remove metadata properties before returning artifacts - result.pop("success", None) - result.pop("status", None) - # The SDK returns a dict with the SBOM artifacts as values, so we need to convert it to a list - return list(result.values()) - else: - # TODO: In future ticket, throw appropriate error here instead of returning empty list - log.error(f"Failed to get SBOM data for scan {full_scan_id}") - log.error(f"Status: {result.get('status')}") - log.error(f"Message: {result.get('message')}") - return [] - except Exception as error: - # TODO: In future ticket, throw appropriate error here instead of returning empty list - log.error(f"Unexpected error getting SBOM data for scan {full_scan_id}") - log.error(error) - return [] - - @staticmethod - def get_security_policy() -> dict: - """ - Get the Security policy and determine the effective Org security policy - :return: - """ - data = socket_sdk.settings.get(org_id) - defaults = data.get("defaults") - default_rules = defaults.get("issueRules") - entries = data.get("entries") - org_rules = {} - for org_set in entries: - settings = org_set.get("settings") - if settings is not None: - org_details = settings.get("organization") - org_rules = org_details.get("issueRules") - for default in default_rules: - if default not in org_rules: - action = default_rules[default]["action"] - org_rules[default] = { - "action": action - } - return org_rules - - # @staticmethod - # def get_supported_file_types() -> dict: - # path = "report/supported" + org_id = next(iter(organizations)) + return org_id, organizations[org_id]['slug'] + return None, None + + def get_sbom_data(self, full_scan_id: str) -> Dict[str, SocketArtifact]: + """Returns the list of SBOM artifacts for a full scan.""" + response = self.sdk.fullscans.stream(self.config.org_slug, full_scan_id) + if not response.success: + log.debug(f"Failed to get SBOM data for full-scan {full_scan_id}") + log.debug(response.message) + return {} - @staticmethod - def get_manifest_files(package: Package, packages: dict) -> str: - if package.direct: - manifests = [] - for manifest_item in package.manifestFiles: - manifest = manifest_item["file"] - manifests.append(manifest) - manifest_files = ";".join(manifests) - else: - manifests = [] - for top_id in package.topLevelAncestors: - top_package: Package - top_package = packages[top_id] - for manifest_item in top_package.manifestFiles: - manifest = manifest_item["file"] - new_string = f"{package.name}@{package.version}({manifest})" - manifests.append(new_string) - manifest_files = ";".join(manifests) - return manifest_files + return response.artifacts + + def get_sbom_data_list(self, artifacts_dict: Dict[str, SocketArtifact]) -> list[SocketArtifact]: + """Converts artifacts dictionary to a list.""" + return list(artifacts_dict.values()) - @staticmethod - def create_sbom_output(diff: Diff) -> dict: - result = socket_sdk.export.cdx_bom(org_slug, diff.id) + def get_security_policy(self) -> Dict[str, SecurityPolicyRule]: + """Gets the organization's security policy.""" + response = self.sdk.settings.get(self.config.org_slug) + + if not response.success: + log.error(f"Failed to get security policy: {response.status}") + log.error(response.message) + raise Exception(f"Failed to get security policy: {response.status}, message: {response.message}") - if not result.get("success", False): + return response.securityPolicyRules + + def create_sbom_output(self, diff: Diff) -> dict: + """Creates CycloneDX output for a given diff.""" + try: + result = self.sdk.export.cdx_bom(self.config.org_slug, diff.id) + if not result.success: + log.error(f"Failed to get CycloneDX Output for full-scan {diff.id}") + log.error(result.message) + return {} + + result.pop("success", None) + return result + except Exception as error: log.error(f"Unable to get CycloneDX Output for {diff.id}") log.error(result.get("message", "No error message provided")) return {} - - result.pop("success", None) - return result - - @staticmethod - def match_supported_files(files: list) -> bool: - matched_files = [] - not_matched = False - for ecosystem in socket_globs: - patterns = socket_globs[ecosystem] - for file_name in patterns: - pattern = patterns[file_name]["pattern"] - for file in files: - if "\\" in file: - file = file.replace("\\", "/") - # Split path and filename - path_parts = PurePath(file).parts - if path_parts: - # Compare only the filename portion case-insensitively - if PurePath(path_parts[-1].lower()).match(pattern.lower()): - matched_files.append(file) - if len(matched_files) == 0: - not_matched = True - return not_matched @staticmethod - def find_files(path: str) -> list: + def find_files(path: str) -> List[str]: """ - Globs the path for supported manifest files. - Note: Might move the source to a JSON file - :param path: Str - path to where the manifest files are located - :return: + Finds supported manifest files in the given path. + + Args: + path: Path to search for manifest files + + Returns: + List of found manifest file paths """ log.debug("Starting Find Files") start_time = time.time() files = set() + for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: @@ -472,310 +164,427 @@ def find_files(path: str) -> list: log.info(f"Found {len(files)} in {total_time:.2f} seconds") log.debug(f"Files found: {list(files)}") return list(files) - + @staticmethod - def create_full_scan(files: list, params: FullScanParams, workspace: str) -> FullScan: - """ - Calls the full scan API to create a new Full Scan - :param files: list - Globbed files of manifest files - :param params: FullScanParams - Set of query params to pass to the endpoint - :param workspace: str - Path of workspace - :return: + def to_case_insensitive_regex(input_string: str) -> str: """ - create_full_start = time.time() - log.debug("Creating new full scan") + Converts a string into a case-insensitive regex pattern. - # Convert params to dict and add org_slug - params_dict = params.__dict__.copy() - params_dict['org_slug'] = org_slug + Args: + input_string: String to convert + + Returns: + Case-insensitive regex pattern - results = socket_sdk.fullscans.post(files=files, params=params_dict, workspace=workspace) + Example: + "pipfile" -> "[Pp][Ii][Pp][Ff][Ii][Ll][Ee]" + """ + return ''.join(f'[{char.lower()}{char.upper()}]' if char.isalpha() else char for char in input_string) + + @staticmethod + def load_files_for_sending(files: List[str], workspace: str) -> List[Tuple[str, Tuple[str, BinaryIO]]]: + """ + Prepares files for sending to the Socket API. + + Args: + files: List of file paths from find_files() + workspace: Base directory path to make paths relative to + + Returns: + List of tuples formatted for requests multipart upload: + [(field_name, (filename, file_object)), ...] + """ + send_files = [] - full_scan = FullScan(**results) - full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) + for file_path in files: + if "/" in file_path: + _, name = file_path.rsplit("/", 1) + else: + name = file_path + + if file_path.startswith(workspace): + key = file_path[len(workspace):] + else: + key = file_path + + key = key.lstrip("/") + key = key.lstrip("./") + + f = open(file_path, 'rb') + payload = (key, (name, f)) + send_files.append(payload) + + return send_files + + def create_full_scan(self, files: List[str], params: FullScanParams) -> FullScan: + """ + Creates a new full scan via the Socket API. + Args: + files: List of files to scan + params: Parameters for the full scan + + Returns: + FullScan object with scan results + """ + log.debug("Creating new full scan") + create_full_start = time.time() + + res = self.sdk.fullscans.post(files, params) + if not res.success: + log.error(f"Error creating full scan: {res.message}, status: {res.status}") + raise Exception(f"Error creating full scan: {res.message}, status: {res.status}") + + full_scan = FullScan(**asdict(res.data)) + + full_scan_artifacts_dict = self.get_sbom_data(full_scan.id) + full_scan.sbom_artifacts = self.get_sbom_data_list(full_scan_artifacts_dict) + full_scan.packages = self.create_packages_dict(full_scan.sbom_artifacts) + create_full_end = time.time() total_time = create_full_end - create_full_start log.debug(f"New Full Scan created in {total_time:.2f} seconds") + return full_scan - @staticmethod - def get_license_details(package: Package) -> Package: + def get_full_scan(self, full_scan_id: str) -> FullScan: + """ + Get a FullScan object for an existing full scan including sbom_artifacts and packages. + + Args: + full_scan_id: The ID of the full scan to get + + Returns: + The FullScan object with populated artifacts and packages + """ + full_scan_metadata = self.sdk.fullscans.metadata(self.config.org_slug, full_scan_id) + full_scan = FullScan(**asdict(full_scan_metadata.data)) + full_scan_artifacts_dict = self.get_sbom_data(full_scan_id) + full_scan.sbom_artifacts = self.get_sbom_data_list(full_scan_artifacts_dict) + full_scan.packages = self.create_packages_dict(full_scan.sbom_artifacts) + return full_scan + + def create_packages_dict(self, sbom_artifacts: list[SocketArtifact]) -> dict[str, Package]: + """ + Creates a dictionary of Package objects from SBOM artifacts. + + Args: + sbom_artifacts: List of SBOM artifacts from the scan + + Returns: + Dictionary mapping package IDs to Package objects + """ + packages = {} + top_level_count = {} + for artifact in sbom_artifacts: + package = Package.from_socket_artifact(asdict(artifact)) + if package.id in packages: + print("Duplicate package?") + else: + package.license_text = self.get_package_license_text(package) + packages[package.id] = package + for top_id in package.topLevelAncestors: + if top_id not in top_level_count: + top_level_count[top_id] = 1 + else: + top_level_count[top_id] += 1 + + for package_id, package in packages.items(): + package.transitives = top_level_count.get(package_id, 0) + + return packages + + def get_package_license_text(self, package: Package) -> str: + """ + Gets the license text for a package if available. + + Args: + package: Package object to get license text for + + Returns: + License text if found, empty string otherwise + """ + if package.license is None: + return "" + license_raw = package.license all_licenses = Licenses() license_str = Licenses.make_python_safe(license_raw) + if license_str is not None and hasattr(all_licenses, license_str): license_obj = getattr(all_licenses, license_str) - package.license_text = license_obj.licenseText - return package + return license_obj.licenseText + + return "" - @staticmethod - def get_head_scan_for_repo(repo_slug: str): + def get_repo_info(self, repo_slug: str) -> RepositoryInfo: """ - Get the head scan ID for a repository to use for the diff - :param repo_slug: Str - Repo slug for the repository that is being diffed - :return: + Gets repository information from the Socket API. + + Args: + repo_slug: Repository slug to get info for + + Returns: + RepositoryInfo object + + Raises: + Exception: If API request fails + """ + response = self.sdk.repos.repo(self.config.org_slug, repo_slug) + if not response.success: + log.error(f"Failed to get repository: {response.status}") + log.error(response.message) + raise Exception(f"Failed to get repository info: {response.status}, message: {response.message}") + return response.data + + def get_head_scan_for_repo(self, repo_slug: str) -> str: """ - results = socket_sdk.repos.repo(org_slug, repo_name=repo_slug) + Gets the head scan ID for a repository. - repository = Repository(**results) - return repository.head_full_scan_id + Args: + repo_slug: Repository slug to get head scan for + + Returns: + Head scan ID if it exists, None otherwise + """ + repo_info = self.get_repo_info(repo_slug) + return repo_info.head_full_scan_id if repo_info.head_full_scan_id else None - @staticmethod - def get_full_scan(full_scan_id: str) -> FullScan: + def get_added_and_removed_packages(self, head_full_scan: Optional[FullScan], new_full_scan: FullScan) -> Tuple[Dict[str, Package], Dict[str, Package]]: """ - Get the specified full scan and return a FullScan object - :param full_scan_id: str - ID of the full scan to pull - :return: + Get packages that were added and removed between scans. + + Args: + head_full_scan: Previous scan (may be None if first scan) + new_full_scan: New scan just created + + Returns: + Tuple of (added_packages, removed_packages) dictionaries """ - results = socket_sdk.fullscans.metadata(org_slug, full_scan_id) - full_scan = FullScan(**results) - full_scan.sbom_artifacts = Core.get_sbom_data(full_scan.id) - return full_scan + if head_full_scan is None: + log.info(f"No head scan found. New scan ID: {new_full_scan.id}") + return new_full_scan.packages, {} + + log.info(f"Comparing scans - Head scan ID: {head_full_scan.id}, New scan ID: {new_full_scan.id}") + diff_report = self.sdk.fullscans.stream_diff(self.config.org_slug, head_full_scan.id, new_full_scan.id).data + + log.info(f"Diff report artifact counts:") + log.info(f"Added: {len(diff_report.artifacts.added)}") + log.info(f"Removed: {len(diff_report.artifacts.removed)}") + log.info(f"Unchanged: {len(diff_report.artifacts.unchanged)}") + log.info(f"Replaced: {len(diff_report.artifacts.replaced)}") + log.info(f"Updated: {len(diff_report.artifacts.updated)}") + + added_artifacts = diff_report.artifacts.added + diff_report.artifacts.updated + removed_artifacts = diff_report.artifacts.removed + diff_report.artifacts.replaced + + added_packages: Dict[str, Package] = {} + removed_packages: Dict[str, Package] = {} + + for artifact in added_artifacts: + try: + pkg = Package.from_diff_artifact(asdict(artifact)) + added_packages[artifact.id] = pkg + except KeyError: + log.error(f"KeyError: Could not create package from added artifact {artifact.id}") + log.error(f"Artifact details - name: {artifact.name}, version: {artifact.version}") + matches = [p for p in new_full_scan.packages.values() if p.name == artifact.name and p.version == artifact.version] + if matches: + log.error(f"Found {len(matches)} packages with matching name/version:") + for m in matches: + log.error(f" ID: {m.id}, name: {m.name}, version: {m.version}") + else: + log.error("No matching packages found in new_full_scan") + + for artifact in removed_artifacts: + try: + pkg = Package.from_diff_artifact(asdict(artifact)) + removed_packages[artifact.id] = pkg + except KeyError: + log.error(f"KeyError: Could not create package from removed artifact {artifact.id}") + log.error(f"Artifact details - name: {artifact.name}, version: {artifact.version}") + matches = [p for p in head_full_scan.packages.values() if p.name == artifact.name and p.version == artifact.version] + if matches: + log.error(f"Found {len(matches)} packages with matching name/version:") + for m in matches: + log.error(f" ID: {m.id}, name: {m.name}, version: {m.version}") + else: + log.error("No matching packages found in head_full_scan") + + return added_packages, removed_packages - @staticmethod def create_new_diff( + self, path: str, params: FullScanParams, - workspace: str, no_change: bool = False ) -> Diff: + """Create a new diff using the Socket SDK. + + Args: + path: Path to look for manifest files + params: Query params for the Full Scan endpoint + + no_change: If True, return empty diff """ - 1. Get the head full scan. If it isn't present because this repo doesn't exist yet return an Empty full scan. - 2. Create a new Full scan for the current run - 3. Compare the head and new Full scan - 4. Return a Diff report - :param path: Str - path of where to look for manifest files for the new Full Scan - :param params: FullScanParams - Query params for the Full Scan endpoint - :param workspace: str - Path for workspace - :param no_change: - :return: - """ + print(f"starting create_new_diff with no_change: {no_change}") if no_change: - diff = Diff() - diff.id = "no_diff_id" - return diff - files = Core.find_files(path) - if files is None or len(files) == 0: - diff = Diff() - diff.id = "no_diff_id" - return diff + return Diff(id="no_diff_id") + + # Find manifest files + files = self.find_files(path) + files_for_sending = self.load_files_for_sending(files, path) + + print(f"files: {files} found at path {path}") + if not files: + return Diff(id="no_diff_id") + + head_full_scan_id = None + try: - head_full_scan_id = Core.get_head_scan_for_repo(params.repo) - if head_full_scan_id is None or head_full_scan_id == "": - head_full_scan = [] - else: - head_start = time.time() - head_full_scan = Core.get_sbom_data(head_full_scan_id) - head_end = time.time() - total_head_time = head_end - head_start - log.info(f"Total time to get head full-scan {total_head_time: .2f}") + # Get head scan ID + head_full_scan_id = self.get_head_scan_for_repo(params.repo) except APIResourceNotFound: head_full_scan_id = None - head_full_scan = [] + + # Create new scan new_scan_start = time.time() - new_full_scan = Core.create_full_scan(files, params, workspace) - new_full_scan.packages = Core.create_sbom_dict(new_full_scan.sbom_artifacts) + new_full_scan = self.create_full_scan(files_for_sending, params) new_scan_end = time.time() - total_new_time = new_scan_end - new_scan_start - log.info(f"Total time to get new full-scan {total_new_time: .2f}") - diff_report = Core.compare_sboms(new_full_scan.sbom_artifacts, head_full_scan) - diff_report.packages = new_full_scan.packages - # Set the diff ID and URLs + log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") + + + head_full_scan = None + if head_full_scan_id: + head_full_scan = self.get_full_scan(head_full_scan_id) + + added_packages, removed_packages = self.get_added_and_removed_packages(head_full_scan, new_full_scan) + + diff = self.create_diff_report(added_packages, removed_packages) + base_socket = "https://socket.dev/dashboard/org" - diff_report.id = new_full_scan.id - diff_report.report_url = f"{base_socket}/{org_slug}/sbom/{diff_report.id}" + diff.id = new_full_scan.id + diff.report_url = f"{base_socket}/{self.config.org_slug}/sbom/{diff.id}" if head_full_scan_id is not None: - diff_report.diff_url = f"{base_socket}/{org_slug}/diff/{diff_report.id}/{head_full_scan_id}" + diff.diff_url = f"{base_socket}/{self.config.org_slug}/diff/{diff.id}/{head_full_scan_id}" else: - diff_report.diff_url = diff_report.report_url - return diff_report + diff.diff_url = diff.report_url - @staticmethod - def compare_sboms(new_scan: list, head_scan: list) -> Diff: + return diff + + def create_diff_report( + self, + added_packages: Dict[str, Package], + removed_packages: Dict[str, Package], + direct_only: bool = True + ) -> Diff: """ - compare the SBOMs of the new full Scan and the head full scan. Return a Diff report with new packages, - removed packages, and new alerts for the new full scan compared to the head. - :param new_scan: FullScan - Newly created FullScan for this execution - :param head_scan: FullScan - Current head FullScan for the repository - :return: + Creates a diff report comparing two sets of packages. + + Takes packages that were added and removed between two scans and: + 1. Records new/removed packages (direct only by default) + 2. Collects alerts from both sets of packages + 3. Determines new capabilities introduced + + Args: + added_packages: Dict of packages added in new scan + removed_packages: Dict of packages removed in new scan + direct_only: If True, only direct dependencies are included in new/removed lists + (but alerts are still processed for all packages) + + Returns: + Diff object containing the comparison results """ - diff: Diff diff = Diff() - new_packages = Core.create_sbom_dict(new_scan) - head_packages = Core.create_sbom_dict(head_scan) - new_scan_alerts = {} - head_scan_alerts = {} - consolidated = set() - for package_id in new_packages: - purl, package = Core.create_purl(package_id, new_packages) + + alerts_in_added_packages: Dict[str, List[Issue]] = {} + alerts_in_removed_packages: Dict[str, List[Issue]] = {} + + seen_new_packages = set() + seen_removed_packages = set() + + for package_id, package in added_packages.items(): + purl = Core.create_purl(package_id, added_packages) base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" - if package_id not in head_packages and package.direct and base_purl not in consolidated: + + if (not direct_only or package.direct) and base_purl not in seen_new_packages: diff.new_packages.append(purl) - consolidated.add(base_purl) - new_scan_alerts = Core.create_issue_alerts(package, new_scan_alerts, new_packages) - for package_id in head_packages: - purl, package = Core.create_purl(package_id, head_packages) - if package_id not in new_packages and package.direct: + seen_new_packages.add(base_purl) + + self.add_package_alerts_to_collection( + package=package, + alerts_collection=alerts_in_added_packages, + packages=added_packages + ) + + for package_id, package in removed_packages.items(): + purl = Core.create_purl(package_id, removed_packages) + base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" + + if (not direct_only or package.direct) and base_purl not in seen_removed_packages: diff.removed_packages.append(purl) - head_scan_alerts = Core.create_issue_alerts(package, head_scan_alerts, head_packages) - diff.new_alerts = Core.compare_issue_alerts(new_scan_alerts, head_scan_alerts, diff.new_alerts) - diff.new_capabilities = Core.compare_capabilities(new_packages, head_packages) - diff = Core.add_capabilities_to_purl(diff) - return diff + seen_removed_packages.add(base_purl) - @staticmethod - def add_capabilities_to_purl(diff: Diff) -> Diff: - new_packages = [] - for purl in diff.new_packages: - purl: Purl - if purl.id in diff.new_capabilities: - capabilities = diff.new_capabilities[purl.id] - if len(capabilities) > 0: - purl.capabilities = capabilities - new_packages.append(purl) - else: - new_packages.append(purl) - diff.new_packages = new_packages - return diff + self.add_package_alerts_to_collection( + package=package, + alerts_collection=alerts_in_removed_packages, + packages=removed_packages + ) - @staticmethod - def compare_capabilities(new_packages: dict, head_packages: dict) -> dict: - capabilities = {} - for package_id in new_packages: - package: Package - head_package: Package - package = new_packages[package_id] - if package_id in head_packages: - head_package = head_packages[package_id] - for alert in package.alerts: - if alert not in head_package.alerts: - capabilities = Core.check_alert_capabilities(package, capabilities, package_id, head_package) - else: - capabilities = Core.check_alert_capabilities(package, capabilities, package_id) + diff.new_alerts = Core.get_new_alerts( + alerts_in_added_packages, + alerts_in_removed_packages + ) - return capabilities + diff.new_capabilities = Core.get_capabilities_for_added_packages(added_packages) - @staticmethod - def check_alert_capabilities( - package: Package, - capabilities: dict, - package_id: str, - head_package: Package = None - ) -> dict: - alert_types = { - "envVars": "Environment", - "networkAccess": "Network", - "filesystemAccess": "File System", - "shellAccess": "Shell" - } - - for alert in package.alerts: - new_alert = True - if head_package is not None and alert in head_package.alerts: - new_alert = False - if alert["type"] in alert_types and new_alert: - value = alert_types[alert["type"]] - if package_id not in capabilities: - capabilities[package_id] = [value] - else: - if value not in capabilities[package_id]: - capabilities[package_id].append(value) - return capabilities + Core.add_purl_capabilities(diff) - @staticmethod - def compare_issue_alerts(new_scan_alerts: dict, head_scan_alerts: dict, alerts: list) -> list: - """ - Compare the issue alerts from the new full scan and the head full scans. Return a list of new alerts that - are in the new full scan and not in the head full scan - :param new_scan_alerts: dictionary of alerts from the new full scan - :param head_scan_alerts: dictionary of alerts from the new head scan - :param alerts: List of new alerts that are only in the new Full Scan - :return: - """ - consolidated_alerts = [] - for alert_key in new_scan_alerts: - if alert_key not in head_scan_alerts: - new_alerts = new_scan_alerts[alert_key] - for alert in new_alerts: - alert: Issue - alert_str = f"{alert.purl},{alert.manifests},{alert.type}" - if alert.error or alert.warn: - if alert_str not in consolidated_alerts: - alerts.append(alert) - consolidated_alerts.append(alert_str) - else: - new_alerts = new_scan_alerts[alert_key] - head_alerts = head_scan_alerts[alert_key] - for alert in new_alerts: - alert: Issue - alert_str = f"{alert.purl},{alert.manifests},{alert.type}" - if alert not in head_alerts and alert_str not in consolidated_alerts: - if alert.error or alert.warn: - alerts.append(alert) - consolidated_alerts.append(alert_str) - return alerts + return diff @staticmethod - def create_issue_alerts(package: Package, alerts: dict, packages: dict) -> dict: + def create_purl(package_id: str, packages: dict[str, Package]) -> Purl: """ - Create the Issue Alerts from the package and base alert data. - :param package: Package - Current package that is being looked at for Alerts - :param alerts: Dict - All found Issue Alerts across all packages - :param packages: Dict - All packages detected in the SBOM and needed to find top level packages - :return: + Creates the extended PURL data for package identification and tracking. + + Args: + package_id: Package ID to create PURL data for + packages: Dictionary of all packages for transitive dependency lookup + + Returns: + Purl object containing package metadata and dependency information """ - for item in package.alerts: - alert = Alert(**item) - try: - props = getattr(all_issues, alert.type) - except AttributeError: - props = None - if props is not None: - description = props.description - title = props.title - suggestion = props.suggestion - next_step_title = props.nextStepTitle - else: - description = "" - title = "" - suggestion = "" - next_step_title = "" - introduced_by = Core.get_source_data(package, packages) - issue_alert = Issue( - pkg_type=package.type, - pkg_name=package.name, - pkg_version=package.version, - pkg_id=package.id, - type=alert.type, - severity=alert.severity, - key=alert.key, - props=alert.props, - description=description, - title=title, - suggestion=suggestion, - next_step_title=next_step_title, - introduced_by=introduced_by, - purl=package.purl, - url=package.url - ) - if alert.type in security_policy: - action = security_policy[alert.type]['action'] - setattr(issue_alert, action, True) - if issue_alert.type != 'licenseSpdxDisj': - if issue_alert.key not in alerts: - alerts[issue_alert.key] = [issue_alert] - else: - alerts[issue_alert.key].append(issue_alert) - return alerts + package = packages[package_id] + introduced_by = Core.get_source_data(package, packages) + purl = Purl( + id=package.id, + name=package.name, + version=package.version, + ecosystem=package.type, + direct=package.direct, + introduced_by=introduced_by, + author=package.author or [], + size=package.size, + transitives=package.transitives, + url=package.url, + purl=package.purl + ) + return purl @staticmethod def get_source_data(package: Package, packages: dict) -> list: """ - Creates the properties for source data of the source manifest file(s) and top level packages. - :param package: Package - Current package being evaluated - :param packages: Dict - All packages, used to determine top level package information for transitive packages - :return: + Determines how a package was introduced into the dependency tree. + + For direct dependencies, records the manifest file. + For transitive dependencies, records the top-level package that introduced it. + + Args: + package: Package to analyze + packages: Dictionary of all packages for ancestor lookup + + Returns: + List of tuples containing (source, manifest_file) information """ introduced_by = [] if package.direct: @@ -788,7 +597,6 @@ def get_source_data(package: Package, packages: dict) -> list: introduced_by.append(source) else: for top_id in package.topLevelAncestors: - top_package: Package top_package = packages.get(top_id) if top_package: manifests = "" @@ -804,96 +612,192 @@ def get_source_data(package: Package, packages: dict) -> list: return introduced_by @staticmethod - def create_purl(package_id: str, packages: dict) -> (Purl, Package): + def add_purl_capabilities(diff: Diff) -> None: """ - Creates the extended PURL data to use in the added or removed package details. Primarily used for outputting - data in the results for detections. - :param package_id: Str - Package ID of the package to create the PURL data - :param packages: dict - All packages to use for look up from transitive packages - :return: + Adds capability information to each package in the diff's new_packages list. + + Args: + diff: Diff object to update with capability information """ - package: Package - package = packages[package_id] - introduced_by = Core.get_source_data(package, packages) - purl = Purl( - id=package.id, - name=package.name, - version=package.version, - ecosystem=package.type, - direct=package.direct, - introduced_by=introduced_by, - author=package.author or [], - size=package.size, - transitives=package.transitives, - url=package.url, - purl=package.purl - ) - return purl, package + new_packages = [] + for purl in diff.new_packages: + if purl.id in diff.new_capabilities: + new_purl = Purl( + **{**purl.__dict__, + "capabilities": diff.new_capabilities[purl.id]} + ) + new_packages.append(new_purl) + else: + new_packages.append(purl) + + diff.new_packages = new_packages - @staticmethod - def create_sbom_dict(sbom: list) -> dict: + def add_package_alerts_to_collection(self, package: Package, alerts_collection: dict, packages: dict) -> dict: """ - Converts the SBOM Artifacts from the FulLScan into a Dictionary for parsing - :param sbom: list - Raw artifacts for the SBOM - :return: + Processes alerts from a package and adds them to a shared alerts collection. + + Args: + package: Package to process alerts from + alerts_collection: Dictionary to store processed alerts + packages: Dictionary of all packages for dependency lookup + + Returns: + Updated alerts collection dictionary """ - packages = {} - top_level_count = {} - top_levels = {} - for item in sbom: - package = Package(**item) - if package.id in packages: - log.debug("Duplicate package?") - else: - package = Core.get_license_details(package) - packages[package.id] = package - for top_id in package.topLevelAncestors: - if top_id not in top_level_count: - top_level_count[top_id] = 1 - top_levels[top_id] = [package.id] - else: - top_level_count[top_id] += 1 - if package.id not in top_levels[top_id]: - top_levels[top_id].append(package.id) - if len(top_level_count) > 0: - for package_id in top_level_count: - if package_id not in packages: - details = top_levels.get(package_id) - log.debug(f"Orphaned top level package id {package_id} for packages {details}") - else: - packages[package_id].transitives = top_level_count[package_id] + default_props = type('EmptyProps', (), { + 'description': "", + 'title': "", + 'suggestion': "", + 'nextStepTitle': "" + })() - # Check for potential API truncation - top_levels_len = len(top_levels) - packages_len = len(packages) - difference = top_levels_len - packages_len - - if difference > 10 and difference > (packages_len * 0.5): - raise APIFailure( - f"Potential API truncation detected: Found {top_levels_len} top-level ancestors but only {packages_len} packages. " - f"This suggests the SBOM data may be incomplete." + for alert_item in package.alerts: + alert = Alert(**alert_item) + props = getattr(self.config.all_issues, alert.type, default_props) + introduced_by = self.get_source_data(package, packages) + + issue_alert = Issue( + pkg_type=package.type, + pkg_name=package.name, + pkg_version=package.version, + pkg_id=package.id, + props=alert.props, + key=alert.key, + type=alert.type, + severity=alert.severity, + description=props.description, + title=props.title, + suggestion=props.suggestion, + next_step_title=props.nextStepTitle, + introduced_by=introduced_by, + purl=package.purl, + url=package.url ) - return packages + if alert.type in self.config.security_policy: + action = self.config.security_policy[alert.type]['action'] + setattr(issue_alert, action, True) + + if issue_alert.type != 'licenseSpdxDisj': + if issue_alert.key not in alerts_collection: + alerts_collection[issue_alert.key] = [issue_alert] + else: + alerts_collection[issue_alert.key].append(issue_alert) + + return alerts_collection @staticmethod def save_file(file_name: str, content: str) -> None: - file = open(file_name, "w") - file.write(content) - file.close() + """ + Saves content to a file, raising an error if the save fails. + + Args: + file_name: Path to save the file + content: Content to write to the file + + Raises: + IOError: If file cannot be written + """ + try: + with open(file_name, "w") as f: + f.write(content) + except IOError as e: + log.error(f"Failed to save file {file_name}: {e}") + raise @staticmethod - def to_case_insensitive_regex(input_string: str) -> str: + def has_manifest_files(files: list) -> bool: """ - Converts a string into a case-insensitive regex format. - Example: "pipfile" -> "[Pp][Ii][Pp][Ff][Ii][Ll][Ee]" - :param input_string: The input string to convert. - :return: A case-insensitive regex string. + Checks if any files in the list are supported manifest files. + + Args: + files: List of file paths to check + + Returns: + True if any files match manifest patterns, False otherwise """ - return ''.join(f'[{char.lower()}{char.upper()}]' if char.isalpha() else char for char in input_string) + for ecosystem in socket_globs: + patterns = socket_globs[ecosystem] + for file_name in patterns: + pattern = patterns[file_name]["pattern"] + for file in files: + if "\\" in file: + file = file.replace("\\", "/") + if PurePath(file).match(pattern): + return True + return False + + @staticmethod + def get_capabilities_for_added_packages(added_packages: Dict[str, Package]) -> Dict[str, List[str]]: + """ + Maps added packages to their capabilities based on their alerts. + + Args: + added_packages: Dictionary of packages added in new scan + + Returns: + Dictionary mapping package IDs to their capability lists + """ + capabilities: Dict[str, List[str]] = {} + + for package_id, package in added_packages.items(): + for alert in package.alerts: + if alert["type"] in Core.ALERT_TYPE_TO_CAPABILITY: + value = Core.ALERT_TYPE_TO_CAPABILITY[alert["type"]] + + if package_id not in capabilities: + capabilities[package_id] = [value] + elif value not in capabilities[package_id]: + capabilities[package_id].append(value) + + return capabilities + + @staticmethod + def get_new_alerts( + added_package_alerts: Dict[str, List[Issue]], + removed_package_alerts: Dict[str, List[Issue]], + ignore_readded: bool = True + ) -> List[Issue]: + """ + Find alerts that are new or changed between added and removed packages. + + Args: + added_package_alerts: Dictionary of alerts from packages that were added + removed_package_alerts: Dictionary of alerts from packages that were removed + ignore_readded: If True, don't report alerts that were both removed and added + + Returns: + List of newly found alerts + """ + alerts: List[Issue] = [] + consolidated_alerts = set() + + for alert_key in added_package_alerts: + if alert_key not in removed_package_alerts: + new_alerts = added_package_alerts[alert_key] + for alert in new_alerts: + alert_str = f"{alert.purl},{alert.manifests},{alert.type}" + + if alert.error or alert.warn: + if alert_str not in consolidated_alerts: + alerts.append(alert) + consolidated_alerts.add(alert_str) + else: + new_alerts = added_package_alerts[alert_key] + removed_alerts = removed_package_alerts[alert_key] + + for alert in new_alerts: + alert_str = f"{alert.purl},{alert.manifests},{alert.type}" + + # Only add if: + # 1. Alert isn't in removed packages (or we're not ignoring readded alerts) + # 2. We haven't already recorded this alert + # 3. It's an error or warning + if (not ignore_readded or alert not in removed_alerts) and alert_str not in consolidated_alerts: + if alert.error or alert.warn: + alerts.append(alert) + consolidated_alerts.add(alert_str) + + return alerts + - # @staticmethod - # def create_license_file(diff: Diff) -> None: - # output = [] - # for package_id in diff.packages: - # purl = Core.create_purl(package_id, diff.packages) diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index 8b93826..31b529e 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -1,5 +1,8 @@ import json +from dataclasses import dataclass, field +from typing import Dict, List, TypedDict, Any, Optional +from socketdev.fullscans import FullScanMetadata, SocketArtifact, SocketArtifactLink, DiffType, SocketManifestReference, SocketScore, SocketAlert __all__ = [ "Report", @@ -9,15 +12,15 @@ "YamlFile", "Alert", "FullScan", - "FullScanParams", "Repository", "Diff", "Purl", "Comment" ] - class Report: + """Represents a Socket Security scan report for a repository.""" + branch: str commit: str id: str @@ -43,8 +46,13 @@ def __init__(self, **kwargs): def __str__(self): return json.dumps(self.__dict__) - class Score: + """ + Represents Socket Security scores for a package or repository. + + All scores are normalized to 0-100 range, converting from 0-1 if needed. + """ + supplyChain: float quality: float maintenance: float @@ -65,70 +73,122 @@ def __init__(self, **kwargs): def __str__(self): return json.dumps(self.__dict__) + def to_dict(self) -> dict: + """ + Convert Score object to dictionary with default values. + + Returns: + Dictionary containing all score values, defaulting to 0 if not set + """ + return { + "supplyChain": self.supplyChain if hasattr(self, "supplyChain") else 0, + "quality": self.quality if hasattr(self, "quality") else 0, + "maintenance": self.maintenance if hasattr(self, "maintenance") else 0, + "license": self.license if hasattr(self, "license") else 0, + "overall": self.overall if hasattr(self, "overall") else 0, + "vulnerability": self.vulnerability if hasattr(self, "vulnerability") else 0 + } -class Package: - type: str +class AlertCounts(TypedDict): + """Type definition for counting alerts by severity level.""" + critical: int + high: int + middle: int + low: int + +@dataclass(kw_only=True) +class Package(SocketArtifactLink): + """ + Represents a package detected in a Socket Security scan. + + Inherits from SocketArtifactLink to maintain connection to dependency tree. + Adds additional fields for package-specific information. + """ + + # Common properties from both artifact types + id: str name: str version: str - release: str - id: str - direct: bool - manifestFiles: list - author: list - size: int - score: dict - scores: Score - alerts: list - error_alerts: list - alert_counts: dict - topLevelAncestors: list - url: str - transitives: int - license: str - license_text: str - purl: str - - def __init__(self, **kwargs): - if kwargs: - for key, value in kwargs.items(): - setattr(self, key, value) - if not hasattr(self, "direct"): - self.direct = False - else: - if str(self.direct).lower() == "true": - self.direct = True - self.url = f"https://socket.dev/{self.type}/package/{self.name}/overview/{self.version}" - if hasattr(self, 'score'): - self.scores = Score(**self.score) - if not hasattr(self, "alerts"): - self.alerts = [] - if not hasattr(self, "topLevelAncestors"): - self.topLevelAncestors = [] - if not hasattr(self, "manifestFiles"): - self.manifestFiles = [] - if not hasattr(self, "transitives"): - self.transitives = 0 - if not hasattr(self, "author"): - self.author = [] - if not hasattr(self, "size"): - self.size = 0 - self.alert_counts = { - "critical": 0, - "high": 0, - "middle": 0, - "low": 0 - } - self.error_alerts = [] - if not hasattr(self, "license"): - self.license = "NoLicenseFound" - if not hasattr(self, "license_text"): - self.license_text = "" - self.url = f"https://socket.dev/{self.type}/package/{self.name}/overview/{self.version}" - self.purl = f"{self.type}/{self.name}@{self.version}" - - def __str__(self): - return json.dumps(self.__dict__) - + type: str + score: SocketScore + alerts: List[SocketAlert] + author: List[str] = field(default_factory=list) + size: Optional[int] = None + license: Optional[str] = None + + # Package-specific fields + license_text: str = "" + purl: str = "" + transitives: int = 0 + url: str = "" + + @classmethod + def from_socket_artifact(cls, data: dict) -> "Package": + """ + Create a Package from a SocketArtifact dictionary. + + Args: + data: Dictionary containing SocketArtifact data + + Returns: + New Package instance + """ + return cls( + id=data["id"], + name=data["name"], + version=data["version"], + type=data["type"], + score=data["score"], + alerts=data["alerts"], + author=data.get("author", []), + size=data.get("size"), + license=data.get("license"), + topLevelAncestors=data["topLevelAncestors"], + direct=data.get("direct", False), + manifestFiles=data.get("manifestFiles", []), + dependencies=data.get("dependencies"), + artifact=data.get("artifact") + ) + + @classmethod + def from_diff_artifact(cls, data: dict) -> "Package": + """ + Create a Package from a DiffArtifact dictionary. + + Args: + data: Dictionary containing DiffArtifact data + + Returns: + New Package instance + + Raises: + ValueError: If reference data cannot be found in DiffArtifact + """ + ref = None + if data["diffType"] in ["added", "updated"] and data.get("head"): + ref = data["head"][0] + elif data["diffType"] in ["removed", "replaced"] and data.get("base"): + ref = data["base"][0] + + if not ref: + raise ValueError("Could not find reference data in DiffArtifact") + + return cls( + id=data["id"], + name=data["name"], + version=data["version"], + type=data["type"], + score=data["score"], + alerts=data["alerts"], + author=data.get("author", []), + size=data.get("size"), + license=data.get("license"), + topLevelAncestors=ref["topLevelAncestors"], + direct=ref.get("direct", False), + manifestFiles=ref.get("manifestFiles", []), + dependencies=ref.get("dependencies"), + artifact=ref.get("artifact") + ) class Issue: pkg_type: str @@ -163,6 +223,8 @@ def __init__(self, **kwargs): self.created_at = self.created_at.strip(" (Coordinated Universal Time)") if not hasattr(self, "manifests"): self.manifests = "" + if not hasattr(self, "suggestion"): + self.suggestion = "" if not hasattr(self, "introduced_by"): self.introduced_by = [] else: @@ -190,6 +252,12 @@ def __ne__(self, other): class YamlFile: + """ + Represents a YAML configuration file with associated alerts. + + Stores metadata about the file and any security alerts found during scanning. + """ + path: str name: str team: list @@ -199,10 +267,7 @@ class YamlFile: alerts: dict error_ids: list - def __init__( - self, - **kwargs - ): + def __init__(self, **kwargs): self.alerts = {} self.error_ids = [] @@ -226,8 +291,9 @@ def __str__(self): dump_object.alerts = alerts return json.dumps(dump_object.__dict__) - class Alert: + """Represents a security alert with its type, severity, and associated properties.""" + key: str type: str severity: str @@ -245,31 +311,30 @@ def __str__(self): return json.dumps(self.__dict__) -class FullScan: - id: str - created_at: str - updated_at: str - organization_id: str - repository_id: str - branch: str - commit_message: str - commit_hash: str - pull_request: int - sbom_artifacts: list - packages: dict +class FullScan(FullScanMetadata): + """ + Represents a complete Socket Security scan of a repository. + + Inherits from FullScanMetadata and adds fields for SBOM artifacts and package data. + """ + + sbom_artifacts: list[SocketArtifact] + packages: dict[str, Package] def __init__(self, **kwargs): - if kwargs: - for key, value in kwargs.items(): - setattr(self, key, value) + super().__init__(**kwargs) if not hasattr(self, "sbom_artifacts"): self.sbom_artifacts = [] + if not hasattr(self, "packages"): + self.packages = {} def __str__(self): return json.dumps(self.__dict__) class Repository: + """Represents a source code repository with its metadata and scan results.""" + id: str created_at: str updated_at: str @@ -290,54 +355,13 @@ def __str__(self): return json.dumps(self.__dict__) -class FullScanParams: - repo: str - branch: str - commit_message: str - commit_hash: str - pull_request: int - committer: str - make_default_branch: bool - set_as_pending_head: bool - - def __init__(self, **kwargs): - if kwargs: - for key, value in kwargs.items(): - setattr(self, key, value) - - def __str__(self): - return json.dumps(self.__dict__) - - -class Diff: - new_packages: list - new_capabilities: dict - removed_packages: list - new_alerts: list - id: str - sbom: str - packages: dict - report_url: str - diff_url: str - - def __init__(self, **kwargs): - if kwargs: - for key, value in kwargs.items(): - setattr(self, key, value) - if not hasattr(self, "new_packages"): - self.new_packages = [] - if not hasattr(self, "removed_packages"): - self.removed_packages = [] - if not hasattr(self, "new_alerts"): - self.new_alerts = [] - if not hasattr(self, "new_capabilities"): - self.new_capabilities = {} - - def __str__(self): - return json.dumps(self.__dict__) - - class Purl: + """ + Represents a Package URL (PURL) with extended metadata. + + Includes package identification, authorship, and dependency information. + """ + id: str name: str version: str @@ -347,7 +371,7 @@ class Purl: size: int transitives: int introduced_by: list - capabilities: dict + capabilities: List[str] is_new: bool author_url: str url: str @@ -360,7 +384,7 @@ def __init__(self, **kwargs): if not hasattr(self, "introduced_by"): self.new_packages = [] if not hasattr(self, "capabilities"): - self.capabilities = {} + self.capabilities = [] if not hasattr(self, "is_new"): self.is_new = False self.author_url = Purl.generate_author_data(self.author, self.ecosystem) @@ -368,10 +392,14 @@ def __init__(self, **kwargs): @staticmethod def generate_author_data(authors: list, ecosystem: str) -> str: """ - Creates the Author links for the package - :param authors: - :param ecosystem: - :return: + Creates markdown-formatted links to author profiles. + + Args: + authors: List of author names + ecosystem: Package ecosystem (npm, pypi, etc.) + + Returns: + Comma-separated string of markdown links to author profiles """ authors_str = "" for author in authors: @@ -383,75 +411,104 @@ def generate_author_data(authors: list, ecosystem: str) -> str: def __str__(self): return json.dumps(self.__dict__) + def to_dict(self) -> dict: + """ + Convert Purl object to a dictionary representation. + + Returns: + Dictionary containing all Purl attributes + """ + return { + "id": self.id, + "name": self.name, + "version": self.version, + "ecosystem": self.ecosystem, + "direct": self.direct, + "author": self.author, + "size": self.size, + "transitives": self.transitives, + "introduced_by": self.introduced_by, + "capabilities": self.capabilities, + "is_new": self.is_new, + "author_url": self.author_url, + "url": self.url, + "purl": self.purl + } -class GithubComment: - url: str - html_url: str - issue_url: str - id: int - node_id: str - user: dict - created_at: str - updated_at: str - author_association: str - body: str - body_list: list - reactions: dict - performed_via_github_app: dict + +class Diff: + """ + Represents differences between two Socket Security scans. + + Tracks changes in packages, capabilities, and security alerts between scans. + """ + + new_packages: list[Purl] + new_capabilities: Dict[str, List[str]] + removed_packages: list[Purl] + new_alerts: list[Issue] + id: str + sbom: str + packages: dict[str, Package] + report_url: str + diff_url: str def __init__(self, **kwargs): if kwargs: for key, value in kwargs.items(): setattr(self, key, value) - if not hasattr(self, "body_list"): - self.body_list = [] + if not hasattr(self, "new_packages"): + self.new_packages = [] + if not hasattr(self, "removed_packages"): + self.removed_packages = [] + if not hasattr(self, "new_alerts"): + self.new_alerts = [] + if not hasattr(self, "new_capabilities"): + self.new_capabilities = {} def __str__(self): return json.dumps(self.__dict__) + def to_dict(self) -> dict: + """ + Convert Diff object to a dictionary representation. + + Returns: + Dictionary containing all Diff attributes with nested objects converted + """ + return { + "new_packages": [p.to_dict() for p in self.new_packages], + "new_capabilities": self.new_capabilities, + "removed_packages": [p.to_dict() for p in self.removed_packages], + "new_alerts": [alert.__dict__ for alert in self.new_alerts], + "id": self.id, + "sbom": self.sbom if hasattr(self, "sbom") else [], + "packages": {k: v.to_dict() for k, v in self.packages.items()} if hasattr(self, "packages") else {}, + "report_url": self.report_url if hasattr(self, "report_url") else None, + "diff_url": self.diff_url if hasattr(self, "diff_url") else None + } -class GitlabComment: +class Comment: + """Represents a GitHub comment with its metadata and content.""" + + url: str + html_url: str + issue_url: str id: int - type: str - body: str - attachment: str - author: dict + node_id: str + user: dict created_at: str updated_at: str - system: bool - notable_id: int - noteable_type: str - project_id: int - resolvable: bool - confidential: bool - internal: bool - imported: bool - imported_from: str - noteable_iid: int - commands_changes: dict - body_list: list - - def __init__(self, **kwargs): - if kwargs: - for key, value in kwargs.items(): - setattr(self, key, value) - if not hasattr(self, "body_list"): - self.body_list = [] - - def __str__(self): - return json.dumps(self.__dict__) - -class Comment: - id: int + author_association: str body: str body_list: list + reactions: dict + performed_via_github_app: dict def __init__(self, **kwargs): if kwargs: for key, value in kwargs.items(): setattr(self, key, value) - if not hasattr(self, "body_list"): - self.body_list = [] def __str__(self): return json.dumps(self.__dict__) diff --git a/socketsecurity/core/cli_client.py b/socketsecurity/core/cli_client.py new file mode 100644 index 0000000..bf8db38 --- /dev/null +++ b/socketsecurity/core/cli_client.py @@ -0,0 +1,56 @@ +import base64 +import logging +from typing import Dict, List, Optional, Union + +import requests + +from .exceptions import APIFailure +from .socket_config import SocketConfig + +logger = logging.getLogger("socketdev") + +class CliClient: + def __init__(self, config: SocketConfig): + self.config = config + self._encoded_key = self._encode_key(config.api_key) + + @staticmethod + def _encode_key(token: str) -> str: + return base64.b64encode(f"{token}:".encode()).decode('ascii') + + def request( + self, + path: str, + method: str = "GET", + headers: Optional[Dict] = None, + payload: Optional[Union[Dict, str]] = None, + files: Optional[List] = None, + base_url: Optional[str] = None + ) -> requests.Response: + url = f"{base_url or self.config.api_url}/{path}" + + default_headers = { + 'Authorization': f"Basic {self._encoded_key}", + 'User-Agent': 'SocketPythonCLI/0.0.1', + "accept": "application/json" + } + + headers = headers or default_headers + + try: + response = requests.request( + method=method.upper(), + url=url, + headers=headers, + data=payload, + files=files, + timeout=self.config.timeout, + verify=not self.config.allow_unverified_ssl + ) + + response.raise_for_status() + return response + + except requests.exceptions.RequestException as e: + logger.error(f"API request failed: {str(e)}") + raise APIFailure(f"Request failed: {str(e)}") diff --git a/socketsecurity/core/git_interface.py b/socketsecurity/core/git_interface.py index 37ee877..5cf5296 100644 --- a/socketsecurity/core/git_interface.py +++ b/socketsecurity/core/git_interface.py @@ -1,6 +1,9 @@ +import urllib.parse +import os + from git import Repo + from socketsecurity.core import log -import urllib.parse class Git: @@ -12,7 +15,18 @@ def __init__(self, path: str): self.repo = Repo(path) assert self.repo self.head = self.repo.head - self.commit = self.head.commit + + # Use GITHUB_SHA if available, otherwise fall back to head commit + github_sha = os.getenv('GITHUB_SHA') + if github_sha: + try: + self.commit = self.repo.commit(github_sha) + except Exception as error: + log.debug(f"Failed to get commit from GITHUB_SHA: {error}") + self.commit = self.head.commit + else: + self.commit = self.head.commit + self.repo_name = self.repo.remotes.origin.url.split('.git')[0].split('/')[-1] try: self.branch = self.head.reference @@ -30,3 +44,8 @@ def __init__(self, path: str): if item != "": full_path = f"{self.path}/{item}" self.changed_files.append(full_path) + + @property + def commit_str(self) -> str: + """Return commit SHA as a string""" + return self.commit.hexsha diff --git a/socketsecurity/core/github.py b/socketsecurity/core/github.py deleted file mode 100644 index bd24339..0000000 --- a/socketsecurity/core/github.py +++ /dev/null @@ -1,247 +0,0 @@ -import json -import os -from socketsecurity.core import log, do_request -import requests -from socketsecurity.core.classes import Comment -from socketsecurity.core.scm_comments import Comments -import sys - - -global github_sha -global github_api_url -global github_ref_type -global github_event_name -global github_workspace -global github_repository -global github_ref_name -global github_actor -global default_branch -global github_env -global pr_number -global pr_name -global is_default_branch -global commit_message -global committer -global gh_api_token -global github_repository_owner -global event_action - -github_variables = [ - "GITHUB_SHA", - "GITHUB_API_URL", - "GITHUB_REF_TYPE", - "GITHUB_EVENT_NAME", - "GITHUB_WORKSPACE", - "GITHUB_REPOSITORY", - "GITHUB_REF_NAME", - "DEFAULT_BRANCH", - "PR_NUMBER", - "PR_NAME", - "COMMIT_MESSAGE", - "GITHUB_ACTOR", - "GITHUB_ENV", - "GH_API_TOKEN", - "GITHUB_REPOSITORY_OWNER", - "EVENT_ACTION" -] - -for env in github_variables: - var_name = env.lower() - globals()[var_name] = os.getenv(env) or None - if var_name == "default_branch": - global is_default_branch - if default_branch is None or default_branch.lower() == "false": - is_default_branch = False - else: - is_default_branch = True - if var_name != "gh_api_token": - value = globals()[var_name] = os.getenv(env) or None - log.debug(f"{env}={value}") - -headers = { - 'Authorization': f"Bearer {gh_api_token}", - 'User-Agent': 'SocketPythonScript/0.0.1', - "accept": "application/json" -} - - -class Github: - commit_sha: str - api_url: str - ref_type: str - event_name: str - workspace: str - repository: str - ref_name: str - default_branch: str - is_default_branch: bool - pr_number: int - pr_name: str - commit_message: str - committer: str - github_env: str - api_token: str - project_id: int - event_action: str - - def __init__(self): - self.commit_sha = github_sha - self.api_url = github_api_url - self.ref_type = github_ref_type - self.event_name = github_event_name - self.workspace = github_workspace - self.repository = github_repository - if "/" in self.repository: - self.repository = self.repository.rsplit("/")[1] - self.branch = github_ref_name - self.default_branch = default_branch - self.is_default_branch = is_default_branch - self.pr_number = pr_number - self.pr_name = pr_name - self.commit_message = commit_message - self.committer = github_actor - self.github_env = github_env - self.api_token = gh_api_token - self.project_id = 0 - self.event_action = event_action - if self.api_token is None: - print("Unable to get Github API Token from GH_API_TOKEN") - sys.exit(2) - - @staticmethod - def check_event_type() -> str: - if github_event_name.lower() == "push": - if pr_number is None or pr_number == "" or pr_number == "0": - event_type = "main" - else: - event_type = "diff" - elif github_event_name.lower() == "pull_request": - if event_action is not None and event_action != "" and ( - event_action.lower() == "opened" or event_action.lower() == 'synchronize'): - event_type = "diff" - else: - log.info(f"Pull Request Action {event_action} is not a supported type") - sys.exit(0) - elif github_event_name.lower() == "issue_comment": - event_type = "comment" - else: - event_type = None - log.error(f"Unknown event type {github_event_name}") - sys.exit(0) - return event_type - - @staticmethod - def add_socket_comments( - security_comment: str, - overview_comment: str, - comments: dict, - new_security_comment: bool = True, - new_overview_comment: bool = True - ) -> None: - existing_overview_comment = comments.get("overview") - existing_security_comment = comments.get("security") - if new_overview_comment: - log.debug("New Dependency Overview comment") - if existing_overview_comment is not None: - log.debug("Previous version of Dependency Overview, updating") - existing_overview_comment: Comment - Github.update_comment(overview_comment, str(existing_overview_comment.id)) - else: - log.debug("No previous version of Dependency Overview, posting") - Github.post_comment(overview_comment) - if new_security_comment: - log.debug("New Security Issue Comment") - if existing_security_comment is not None: - log.debug("Previous version of Security Issue comment, updating") - existing_security_comment: Comment - Github.update_comment(security_comment, str(existing_security_comment.id)) - else: - log.debug("No Previous version of Security Issue comment, posting") - Github.post_comment(security_comment) - - @staticmethod - def post_comment(body: str) -> None: - repo = github_repository.rsplit("/", 1)[1] - path = f"repos/{github_repository_owner}/{repo}/issues/{pr_number}/comments" - payload = { - "body": body - } - payload = json.dumps(payload) - do_request(path, payload=payload, method="POST", headers=headers, base_url=github_api_url) - - @staticmethod - def update_comment(body: str, comment_id: str) -> None: - repo = github_repository.rsplit("/", 1)[1] - path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}" - payload = { - "body": body - } - payload = json.dumps(payload) - do_request(path, payload=payload, method="PATCH", headers=headers, base_url=github_api_url) - - @staticmethod - def write_new_env(name: str, content: str) -> None: - file = open(github_env, "a") - new_content = content.replace("\n", "\\n") - env_output = f"{name}={new_content}" - file.write(env_output) - - @staticmethod - def get_comments_for_pr(repo: str, pr: str) -> dict: - path = f"repos/{github_repository_owner}/{repo}/issues/{pr}/comments" - raw_comments = Comments.process_response(do_request(path, headers=headers, base_url=github_api_url)) - comments = {} - if "error" not in raw_comments: - for item in raw_comments: - comment = Comment(**item) - comments[comment.id] = comment - for line in comment.body.split("\n"): - comment.body_list.append(line) - else: - log.error(raw_comments) - socket_comments = Comments.check_for_socket_comments(comments) - return socket_comments - - @staticmethod - def remove_comment_alerts(comments: dict): - security_alert = comments.get("security") - if security_alert is not None: - security_alert: Comment - new_body = Comments.process_security_comment(security_alert, comments) - Github.handle_ignore_reactions(comments) - Github.update_comment(new_body, str(security_alert.id)) - - @staticmethod - def handle_ignore_reactions(comments: dict) -> None: - for comment in comments["ignore"]: - comment: Comment - if "SocketSecurity ignore" in comment.body: - if not Github.comment_reaction_exists(comment.id): - Github.post_reaction(comment.id) - - @staticmethod - def post_reaction(comment_id: int) -> None: - repo = github_repository.rsplit("/", 1)[1] - path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}/reactions" - payload = { - "content": "+1" - } - payload = json.dumps(payload) - do_request(path, payload=payload, method="POST", headers=headers, base_url=github_api_url) - - @staticmethod - def comment_reaction_exists(comment_id: int) -> bool: - repo = github_repository.rsplit("/", 1)[1] - path = f"repos/{github_repository_owner}/{repo}/issues/comments/{comment_id}/reactions" - response = do_request(path, headers=headers, base_url=github_api_url) - exists = False - try: - data = response.json() - for reaction in data: - content = reaction.get("content") - if content is not None and content == ":thumbsup:": - exists = True - except Exception as error: - log.error(f"Unable to get reaction for {comment_id} for PR {pr_number}") - log.error(error) - return exists diff --git a/socketsecurity/core/gitlab.py b/socketsecurity/core/gitlab.py deleted file mode 100644 index 1d85887..0000000 --- a/socketsecurity/core/gitlab.py +++ /dev/null @@ -1,179 +0,0 @@ -import json -import os -from socketsecurity.core import log, do_request -from socketsecurity.core.scm_comments import Comments -import sys -from socketsecurity.core.classes import Comment, Issue - -global ci_commit_sha -global ci_api_v4_url -global ci_project_dir -global ci_merge_request_source_branch_name -global ci_merge_request_iid -global ci_merge_request_project_id -global ci_commit_message -global ci_default_branch -global ci_project_name -global ci_pipeline_source -global ci_commit_author -global project_dir -global pr_name -global is_default_branch -global committer -global gitlab_token - -gitlab_variables = [ - "CI_COMMIT_SHA", - "CI_API_V4_URL", - "CI_PROJECT_DIR", - "CI_MERGE_REQUEST_SOURCE_BRANCH_NAME", - "CI_MERGE_REQUEST_IID", - "CI_MERGE_REQUEST_PROJECT_ID", - "CI_COMMIT_MESSAGE", - "CI_DEFAULT_BRANCH", - "CI_PROJECT_NAME", - "CI_PIPELINE_SOURCE", - "CI_COMMIT_AUTHOR", - "PROJECT_DIR", - "DEFAULT_BRANCH", - "PR_NAME", - "GITLAB_TOKEN", -] - -for env in gitlab_variables: - var_name = env.lower() - globals()[var_name] = os.getenv(env) or None - if var_name != 'gitlab_token': - value = globals()[var_name] - log.debug(f"{env}={value}") - -headers = { - 'Authorization': f"Bearer {gitlab_token}", - 'User-Agent': 'SocketPythonScript/0.0.1', - "accept": "application/json" -} - -class Gitlab: - commit_sha: str - api_url: str - ref_type: str - event_name: str - workspace: str - repository: str - branch: str - default_branch: str - is_default_branch: bool - pr_number: int - pr_name: str - commit_message: str - committer: str - api_token: str - project_id: int - - def __init__(self): - self.commit_sha = ci_commit_sha - self.api_url = ci_api_v4_url - self.ref_type = "" - self.event_name = ci_pipeline_source - self.workspace = ci_project_dir - self.repository = ci_project_name - if "/" in self.repository: - self.repository = self.repository.rsplit("/")[1] - self.branch = ci_merge_request_source_branch_name - self.default_branch = ci_default_branch - if self.branch == self.default_branch: - self.is_default_branch = True - else: - self.is_default_branch = False - self.pr_number = ci_merge_request_iid - self.pr_name = pr_name - self.commit_message = ci_commit_message - self.committer = ci_commit_author - self.api_token = gitlab_token - self.project_id = ci_merge_request_project_id - if self.api_token is None: - print("Unable to get gitlab API Token from GITLAB_TOKEN") - sys.exit(2) - - @staticmethod - def check_event_type() -> str: - if ci_pipeline_source.lower() in ["web", 'merge_request_event', "push"]: - if ci_merge_request_iid is None or ci_merge_request_iid == "" or str(ci_merge_request_iid) == "0": - event_type = "main" - else: - event_type = "diff" - elif ci_pipeline_source.lower() == "issue_comment": - event_type = "comment" - else: - log.error(f"Unknown event type {ci_pipeline_source}") - sys.exit(0) - return event_type - - @staticmethod - def add_socket_comments( - security_comment: str, - overview_comment: str, - comments: dict, - new_security_comment: bool = True, - new_overview_comment: bool = True - ) -> None: - existing_overview_comment = comments.get("overview") - existing_security_comment = comments.get("security") - if new_overview_comment: - log.debug("New Dependency Overview comment") - if existing_overview_comment is not None: - log.debug("Previous version of Dependency Overview, updating") - existing_overview_comment: Comment - Gitlab.update_comment(overview_comment, str(existing_overview_comment.id)) - else: - log.debug("No previous version of Dependency Overview, posting") - Gitlab.post_comment(overview_comment) - if new_security_comment: - log.debug("New Security Issue Comment") - if existing_security_comment is not None: - log.debug("Previous version of Security Issue comment, updating") - existing_security_comment: Comment - Gitlab.update_comment(security_comment, str(existing_security_comment.id)) - else: - log.debug("No Previous version of Security Issue comment, posting") - Gitlab.post_comment(security_comment) - - @staticmethod - def post_comment(body: str) -> None: - path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes" - payload = { - "body": body - } - do_request(path, payload=payload, method="POST", headers=headers, base_url=ci_api_v4_url) - - @staticmethod - def update_comment(body: str, comment_id: str) -> None: - path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes/{comment_id}" - payload = { - "body": body - } - do_request(path, payload=payload, method="PUT", headers=headers, base_url=ci_api_v4_url) - - @staticmethod - def get_comments_for_pr(repo: str, pr: str) -> dict: - path = f"projects/{ci_merge_request_project_id}/merge_requests/{ci_merge_request_iid}/notes" - raw_comments = Comments.process_response(do_request(path, headers=headers, base_url=ci_api_v4_url)) - comments = {} - if "message" not in raw_comments: - for item in raw_comments: - comment = Comment(**item) - comments[comment.id] = comment - for line in comment.body.split("\n"): - comment.body_list.append(line) - else: - log.error(raw_comments) - socket_comments = Comments.check_for_socket_comments(comments) - return socket_comments - - @staticmethod - def remove_comment_alerts(comments: dict): - security_alert = comments.get("security") - if security_alert is not None: - security_alert: Comment - new_body = Comments.process_security_comment(security_alert, comments) - Gitlab.update_comment(new_body, str(security_alert.id)) diff --git a/socketsecurity/core/logging.py b/socketsecurity/core/logging.py new file mode 100644 index 0000000..c0ff12d --- /dev/null +++ b/socketsecurity/core/logging.py @@ -0,0 +1,32 @@ +import logging + +def initialize_logging( + level: int = logging.INFO, + format: str = "%(asctime)s: %(message)s", + socket_logger_name: str = "socketdev", + cli_logger_name: str = "socketcli" +) -> tuple[logging.Logger, logging.Logger]: + """Initialize logging for Socket Security + + Returns both the socket and CLI loggers for convenience, though they can also + be accessed via logging.getLogger() elsewhere + """ + # Configure root logger + logging.basicConfig(level=level, format=format) + + # Configure Socket logger + socket_logger = logging.getLogger(socket_logger_name) + socket_logger.setLevel(level) + socket_logger.addHandler(logging.NullHandler()) + + # Configure CLI logger + cli_logger = logging.getLogger(cli_logger_name) + cli_logger.setLevel(level) + + return socket_logger, cli_logger + +def set_debug_mode(enable: bool = True) -> None: + """Toggle debug logging across all loggers""" + level = logging.DEBUG if enable else logging.INFO + logging.getLogger("socketdev").setLevel(level) + logging.getLogger("socketcli").setLevel(level) \ No newline at end of file diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 8b739c1..ee17772 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -5,9 +5,10 @@ from pathlib import Path from mdutils import MdUtils -from socketsecurity.core.classes import Diff, Purl, Issue from prettytable import PrettyTable +from socketsecurity.core.classes import Diff, Issue, Purl + class Messages: @@ -224,7 +225,7 @@ def create_security_comment_sarif(diff) -> dict: # Prepare descriptions with
    replacements short_desc = f"{alert.props.get('note', '')}

    Suggested Action:
    {alert.suggestion}
    {socket_url}" - full_desc = f"{alert.title} - {alert.description.replace('\r\n', '
    ')}" + full_desc = "{} - {}".format(alert.title, alert.description.replace('\r\n', '
    ')) # Identify the line and snippet in the manifest file line_number, line_content = Messages.find_line_in_file(pkg_name, pkg_version, manifest_file) diff --git a/socketsecurity/core/scm/__init__.py b/socketsecurity/core/scm/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/socketsecurity/core/scm/base.py b/socketsecurity/core/scm/base.py new file mode 100644 index 0000000..715f6de --- /dev/null +++ b/socketsecurity/core/scm/base.py @@ -0,0 +1,37 @@ +from abc import ABC, abstractmethod +from typing import Dict + +from ..classes import Comment +from .client import ScmClient + + +class SCM(ABC): + def __init__(self, client: ScmClient): + self.client = client + + @abstractmethod + def check_event_type(self) -> str: + """Determine the type of event (push, pr, comment)""" + pass + + @abstractmethod + def add_socket_comments( + self, + security_comment: str, + overview_comment: str, + comments: Dict[str, Comment], + new_security_comment: bool = True, + new_overview_comment: bool = True + ) -> None: + """Add or update comments on PR""" + pass + + @abstractmethod + def get_comments_for_pr(self, repo: str, pr: str) -> Dict[str, Comment]: + """Get existing comments for PR""" + pass + + @abstractmethod + def remove_comment_alerts(self, comments: Dict[str, Comment]) -> None: + """Process and remove alerts from comments""" + pass diff --git a/socketsecurity/core/scm/client.py b/socketsecurity/core/scm/client.py new file mode 100644 index 0000000..e5bbb73 --- /dev/null +++ b/socketsecurity/core/scm/client.py @@ -0,0 +1,41 @@ +from abc import abstractmethod +from typing import Dict + +from ..cli_client import CliClient + + +class ScmClient(CliClient): + def __init__(self, token: str, api_url: str): + self.token = token + self.api_url = api_url + + @abstractmethod + def get_headers(self) -> Dict: + """Each SCM implements its own auth headers""" + pass + + def request(self, path: str, **kwargs): + """Override base request to use SCM-specific headers and base_url""" + headers = kwargs.pop('headers', None) or self.get_headers() + return super().request( + path=path, + headers=headers, + base_url=self.api_url, + **kwargs + ) + +class GithubClient(ScmClient): + def get_headers(self) -> Dict: + return { + 'Authorization': f"Bearer {self.token}", + 'User-Agent': 'SocketPythonScript/0.0.1', + "accept": "application/json" + } + +class GitlabClient(ScmClient): + def get_headers(self) -> Dict: + return { + 'Authorization': f"Bearer {self.token}", + 'User-Agent': 'SocketPythonScript/0.0.1', + "accept": "application/json" + } diff --git a/socketsecurity/core/scm/github.py b/socketsecurity/core/scm/github.py new file mode 100644 index 0000000..b958bbd --- /dev/null +++ b/socketsecurity/core/scm/github.py @@ -0,0 +1,215 @@ +import json +import os +import sys +from dataclasses import dataclass + +from git import Optional + +from socketsecurity.core import log +from socketsecurity.core.classes import Comment +from socketsecurity.core.scm_comments import Comments +from socketsecurity.socketcli import CliClient + + +@dataclass +class GithubConfig: + """Configuration from GitHub environment variables""" + sha: str + api_url: str + ref_type: str + event_name: str + workspace: str + repository: str + ref_name: str + default_branch: bool + is_default_branch: bool + pr_number: Optional[str] + pr_name: Optional[str] + commit_message: Optional[str] + actor: str + env: str + token: str + owner: str + event_action: Optional[str] + headers: dict + + @classmethod + def from_env(cls, pr_number: Optional[str] = None) -> 'GithubConfig': + """Create config from environment variables with optional overrides""" + token = os.getenv('GH_API_TOKEN') + if not token: + log.error("Unable to get Github API Token from GH_API_TOKEN") + sys.exit(2) + + # Use provided PR number if available, otherwise fall back to env var + pr_number = pr_number or os.getenv('PR_NUMBER') + + # Add debug logging + sha = os.getenv('GITHUB_SHA', '') + log.debug(f"Loading SHA from GITHUB_SHA: {sha}") + + repository = os.getenv('GITHUB_REPOSITORY', '') + owner = os.getenv('GITHUB_REPOSITORY_OWNER', '') + if '/' in repository: + owner = repository.split('/')[0] + repository = repository.split('/')[1] + + is_default = os.getenv('DEFAULT_BRANCH', '').lower() == 'true' + return cls( + sha=os.getenv('GITHUB_SHA', ''), + api_url=os.getenv('GITHUB_API_URL', ''), + ref_type=os.getenv('GITHUB_REF_TYPE', ''), + event_name=os.getenv('GITHUB_EVENT_NAME', ''), + workspace=os.getenv('GITHUB_WORKSPACE', ''), + repository=repository, + ref_name=os.getenv('GITHUB_REF_NAME', ''), + default_branch=is_default, + is_default_branch=is_default, + pr_number=pr_number, + pr_name=os.getenv('PR_NAME'), + commit_message=os.getenv('COMMIT_MESSAGE'), + actor=os.getenv('GITHUB_ACTOR', ''), + env=os.getenv('GITHUB_ENV', ''), + token=token, + owner=owner, + event_action=os.getenv('EVENT_ACTION'), + headers={ + 'Authorization': f"Bearer {token}", + 'User-Agent': 'SocketPythonScript/0.0.1', + "accept": "application/json" + } + ) + + +class Github: + def __init__(self, client: CliClient, config: Optional[GithubConfig] = None): + self.config = config or GithubConfig.from_env() + self.client = client + + if not self.config.token: + log.error("Unable to get Github API Token") + sys.exit(2) + + def check_event_type(self) -> str: + if self.config.event_name.lower() == "push": + if not self.config.pr_number: + return "main" + return "diff" + elif self.config.event_name.lower() == "pull_request": + if self.config.event_action and self.config.event_action.lower() in ['opened', 'synchronize']: + return "diff" + log.info(f"Pull Request Action {self.config.event_action} is not a supported type") + sys.exit(0) + elif self.config.event_name.lower() == "issue_comment": + return "comment" + + log.error(f"Unknown event type {self.config.event_name}") + sys.exit(0) + + def post_comment(self, body: str) -> None: + path = f"repos/{self.config.owner}/{self.config.repository}/issues/{self.config.pr_number}/comments" + payload = json.dumps({"body": body}) + self.client.request( + path=path, + payload=payload, + method="POST", + headers=self.config.headers, + base_url=self.config.api_url + ) + + def update_comment(self, body: str, comment_id: str) -> None: + path = f"repos/{self.config.owner}/{self.config.repository}/issues/comments/{comment_id}" + payload = json.dumps({"body": body}) + self.client.request( + path=path, + payload=payload, + method="PATCH", + headers=self.config.headers, + base_url=self.config.api_url + ) + + def write_new_env(self, name: str, content: str) -> None: + with open(self.config.env, "a") as f: + new_content = content.replace("\n", "\\n") + f.write(f"{name}={new_content}") + + def get_comments_for_pr(self) -> dict: + log.debug(f"Getting comments for Repo {self.config.repository} for PR {self.config.pr_number}") + path = f"repos/{self.config.owner}/{self.config.repository}/issues/{self.config.pr_number}/comments" + response = self.client.request( + path=path, + headers=self.config.headers, + base_url=self.config.api_url + ) + raw_comments = Comments.process_response(response) + + comments = {} + if "error" not in raw_comments: + for item in raw_comments: + comment = Comment(**item) + comments[comment.id] = comment + comment.body_list = comment.body.split("\n") + else: + log.error(raw_comments) + + return Comments.check_for_socket_comments(comments) + + def add_socket_comments( + self, + security_comment: str, + overview_comment: str, + comments: dict, + new_security_comment: bool = True, + new_overview_comment: bool = True + ) -> None: + if new_overview_comment: + log.debug("New Dependency Overview comment") + if overview := comments.get("overview"): + log.debug("Previous version of Dependency Overview, updating") + self.update_comment(overview_comment, str(overview.id)) + else: + log.debug("No previous version of Dependency Overview, posting") + self.post_comment(overview_comment) + + if new_security_comment: + log.debug("New Security Issue Comment") + if security := comments.get("security"): + log.debug("Previous version of Security Issue comment, updating") + self.update_comment(security_comment, str(security.id)) + else: + log.debug("No Previous version of Security Issue comment, posting") + self.post_comment(security_comment) + + def remove_comment_alerts(self, comments: dict) -> None: + if security_alert := comments.get("security"): + new_body = Comments.process_security_comment(security_alert, comments) + self.handle_ignore_reactions(comments) + self.update_comment(new_body, str(security_alert.id)) + + def handle_ignore_reactions(self, comments: dict) -> None: + for comment in comments.get("ignore", []): + if "SocketSecurity ignore" in comment.body and not self.comment_reaction_exists(comment.id): + self.post_reaction(comment.id) + + def post_reaction(self, comment_id: int) -> None: + path = f"repos/{self.config.owner}/{self.config.repository}/issues/comments/{comment_id}/reactions" + payload = json.dumps({"content": "+1"}) + self.client.request( + path=path, + payload=payload, + method="POST", + headers=self.config.headers, + base_url=self.config.api_url + ) + + def comment_reaction_exists(self, comment_id: int) -> bool: + path = f"repos/{self.config.owner}/{self.config.repository}/issues/comments/{comment_id}/reactions" + try: + response = self.client.request(path, headers=self.config.headers, base_url=self.config.api_url) + for reaction in response.json(): + if reaction.get("content") == ":thumbsup:": + return True + except Exception as error: + log.error(f"Unable to get reaction for {comment_id} for PR {self.config.pr_number}") + log.error(error) + return False diff --git a/socketsecurity/core/scm/gitlab.py b/socketsecurity/core/scm/gitlab.py new file mode 100644 index 0000000..8431cbf --- /dev/null +++ b/socketsecurity/core/scm/gitlab.py @@ -0,0 +1,159 @@ +import os +import sys +from dataclasses import dataclass +from typing import Optional + +from socketsecurity.core import log +from socketsecurity.core.classes import Comment +from socketsecurity.core.scm_comments import Comments +from socketsecurity.socketcli import CliClient + + +@dataclass +class GitlabConfig: + """Configuration from GitLab environment variables""" + commit_sha: str + api_url: str + project_dir: str + mr_source_branch: Optional[str] + mr_iid: Optional[str] + mr_project_id: Optional[str] + commit_message: str + default_branch: str + project_name: str + pipeline_source: str + commit_author: str + token: str + repository: str + is_default_branch: bool + headers: dict + + @classmethod + def from_env(cls) -> 'GitlabConfig': + token = os.getenv('GITLAB_TOKEN') + if not token: + log.error("Unable to get GitLab API Token from GITLAB_TOKEN") + sys.exit(2) + + project_name = os.getenv('CI_PROJECT_NAME', '') + if "/" in project_name: + project_name = project_name.rsplit("/")[1] + + mr_source_branch = os.getenv('CI_MERGE_REQUEST_SOURCE_BRANCH_NAME') + default_branch = os.getenv('CI_DEFAULT_BRANCH', '') + + return cls( + commit_sha=os.getenv('CI_COMMIT_SHA', ''), + api_url=os.getenv('CI_API_V4_URL', ''), + project_dir=os.getenv('CI_PROJECT_DIR', ''), + mr_source_branch=mr_source_branch, + mr_iid=os.getenv('CI_MERGE_REQUEST_IID'), + mr_project_id=os.getenv('CI_MERGE_REQUEST_PROJECT_ID'), + commit_message=os.getenv('CI_COMMIT_MESSAGE', ''), + default_branch=default_branch, + project_name=project_name, + pipeline_source=os.getenv('CI_PIPELINE_SOURCE', ''), + commit_author=os.getenv('CI_COMMIT_AUTHOR', ''), + token=token, + repository=project_name, + is_default_branch=(mr_source_branch == default_branch if mr_source_branch else False), + headers={ + 'Authorization': f"Bearer {token}", + 'User-Agent': 'SocketPythonScript/0.0.1', + "accept": "application/json" + } + ) + +class Gitlab: + def __init__(self, client: CliClient, config: Optional[GitlabConfig] = None): + self.config = config or GitlabConfig.from_env() + self.client = client + + def check_event_type(self) -> str: + pipeline_source = self.config.pipeline_source.lower() + if pipeline_source in ["web", 'merge_request_event', "push"]: + if not self.config.mr_iid: + return "main" + return "diff" + elif pipeline_source == "issue_comment": + return "comment" + else: + log.error(f"Unknown event type {pipeline_source}") + sys.exit(0) + + def post_comment(self, body: str) -> None: + path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes" + payload = {"body": body} + self.client.request( + path=path, + payload=payload, + method="POST", + headers=self.config.headers, + base_url=self.config.api_url + ) + + def update_comment(self, body: str, comment_id: str) -> None: + path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes/{comment_id}" + payload = {"body": body} + self.client.request( + path=path, + payload=payload, + method="PUT", + headers=self.config.headers, + base_url=self.config.api_url + ) + + def get_comments_for_pr(self) -> dict: + log.debug(f"Getting Gitlab comments for Repo {self.config.repository} for PR {self.config.mr_iid}") + path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes" + response = self.client.request( + path=path, + headers=self.config.headers, + base_url=self.config.api_url + ) + raw_comments = Comments.process_response(response) + comments = {} + if "message" not in raw_comments: + for item in raw_comments: + comment = Comment(**item) + comments[comment.id] = comment + comment.body_list = comment.body.split("\n") + else: + log.error(raw_comments) + return Comments.check_for_socket_comments(comments) + + def add_socket_comments( + self, + security_comment: str, + overview_comment: str, + comments: dict, + new_security_comment: bool = True, + new_overview_comment: bool = True + ) -> None: + existing_overview_comment = comments.get("overview") + existing_security_comment = comments.get("security") + if new_overview_comment: + log.debug("New Dependency Overview comment") + if existing_overview_comment is not None: + log.debug("Previous version of Dependency Overview, updating") + existing_overview_comment: Comment + self.update_comment(overview_comment, str(existing_overview_comment.id)) + else: + log.debug("No previous version of Dependency Overview, posting") + self.post_comment(overview_comment) + if new_security_comment: + log.debug("New Security Issue Comment") + if existing_security_comment is not None: + log.debug("Previous version of Security Issue comment, updating") + existing_security_comment: Comment + self.update_comment(security_comment, str(existing_security_comment.id)) + else: + log.debug("No Previous version of Security Issue comment, posting") + self.post_comment(security_comment) + + def remove_comment_alerts(self, comments: dict): + security_alert = comments.get("security") + if security_alert is not None: + security_alert: Comment + new_body = Comments.process_security_comment(security_alert, comments) + self.update_comment(new_body, str(security_alert.id)) diff --git a/socketsecurity/core/scm_comments.py b/socketsecurity/core/scm_comments.py index 2bf6db8..7bcb203 100644 --- a/socketsecurity/core/scm_comments.py +++ b/socketsecurity/core/scm_comments.py @@ -1,8 +1,10 @@ -from socketsecurity.core.classes import Comment, Issue -from socketsecurity.core import log -from requests import Response import json +from requests import Response + +from socketsecurity.core import log +from socketsecurity.core.classes import Comment, Issue + class Comments: @staticmethod diff --git a/socketsecurity/core/socket_config.py b/socketsecurity/core/socket_config.py new file mode 100644 index 0000000..f7580df --- /dev/null +++ b/socketsecurity/core/socket_config.py @@ -0,0 +1,62 @@ +from dataclasses import dataclass +from typing import Dict, Optional +from urllib.parse import urlparse + +from socketsecurity.core.issues import AllIssues + + +@dataclass +class SocketConfig: + api_key: str + api_url: str = "https://api.socket.dev/v0" + timeout: int = 30 + allow_unverified_ssl: bool = False + org_id: Optional[str] = None + org_slug: Optional[str] = None + full_scan_path: Optional[str] = None + repository_path: Optional[str] = None + security_policy: Dict = None + all_issues: Optional['AllIssues'] = None + + def __post_init__(self): + """Validate configuration after initialization""" + if not self.api_key: + raise ValueError("API key is required") + + if self.timeout <= 0: + raise ValueError("Timeout must be a positive integer") + + self._validate_api_url(self.api_url) + + # Initialize empty dict for security policy if None + if self.security_policy is None: + self.security_policy = {} + + # Initialize AllIssues if None + if self.all_issues is None: + from socketsecurity.core.issues import AllIssues + self.all_issues = AllIssues() + + @staticmethod + def _validate_api_url(url: str) -> None: + """Validate that the API URL is a valid HTTPS URL""" + try: + parsed = urlparse(url) + if not all([parsed.scheme, parsed.netloc]): + raise ValueError("Invalid URL format") + if parsed.scheme != "https": + raise ValueError("API URL must use HTTPS") + except Exception as e: + raise ValueError(f"Invalid API URL: {str(e)}") + + def update_org_details(self, org_id: str, org_slug: str) -> None: + """Update organization details and related paths""" + self.org_id = org_id + self.org_slug = org_slug + base_path = f"orgs/{org_slug}" + self.full_scan_path = f"{base_path}/full-scans" + self.repository_path = f"{base_path}/repos" + + def update_security_policy(self, policy: Dict) -> None: + """Update security policy""" + self.security_policy = policy \ No newline at end of file diff --git a/socketsecurity/core/utils.py b/socketsecurity/core/utils.py new file mode 100644 index 0000000..c7a45b0 --- /dev/null +++ b/socketsecurity/core/utils.py @@ -0,0 +1,85 @@ + +# File pattern definitions +socket_globs = { + "spdx": { + "spdx.json": { + "pattern": "*[-.]spdx.json" + } + }, + "cdx": { + "cyclonedx.json": { + "pattern": "{bom,*[-.]c{yclone,}dx}.json" + }, + "xml": { + "pattern": "{bom,*[-.]c{yclone,}dx}.xml" + } + }, + "npm": { + "package.json": { + "pattern": "package.json" + }, + "package-lock.json": { + "pattern": "package-lock.json" + }, + "npm-shrinkwrap.json": { + "pattern": "npm-shrinkwrap.json" + }, + "yarn.lock": { + "pattern": "yarn.lock" + }, + "pnpm-lock.yaml": { + "pattern": "pnpm-lock.yaml" + }, + "pnpm-lock.yml": { + "pattern": "pnpm-lock.yml" + }, + "pnpm-workspace.yaml": { + "pattern": "pnpm-workspace.yaml" + }, + "pnpm-workspace.yml": { + "pattern": "pnpm-workspace.yml" + } + }, + "pypi": { + "pipfile": { + "pattern": "pipfile" + }, + "pyproject.toml": { + "pattern": "pyproject.toml" + }, + "poetry.lock": { + "pattern": "poetry.lock" + }, + "requirements.txt": { + "pattern": "*requirements.txt" + }, + "requirements": { + "pattern": "requirements/*.txt" + }, + "requirements-*.txt": { + "pattern": "requirements-*.txt" + }, + "requirements_*.txt": { + "pattern": "requirements_*.txt" + }, + "requirements.frozen": { + "pattern": "requirements.frozen" + }, + "setup.py": { + "pattern": "setup.py" + } + }, + "golang": { + "go.mod": { + "pattern": "go.mod" + }, + "go.sum": { + "pattern": "go.sum" + } + }, + "java": { + "pom.xml": { + "pattern": "pom.xml" + } + } +} \ No newline at end of file diff --git a/socketsecurity/output.py b/socketsecurity/output.py new file mode 100644 index 0000000..ccbf359 --- /dev/null +++ b/socketsecurity/output.py @@ -0,0 +1,93 @@ +import json +import logging +import sys +from pathlib import Path +from typing import Any, Dict, Optional +from .core.messages import Messages +from .core.classes import Diff, Issue + + +class OutputHandler: + blocking_disabled: bool + logger: logging.Logger + + def __init__(self, blocking_disabled: bool): + self.blocking_disabled = blocking_disabled + self.logger = logging.getLogger("socketcli") + + def handle_output(self, diff_report: Diff, sbom_file_name: Optional[str] = None, json_output: bool = False) -> int: + """Main output handler that determines output format and returns exit code""" + if json_output: + self.output_console_json(diff_report, sbom_file_name) + else: + self.output_console_comments(diff_report, sbom_file_name) + + self.save_sbom_file(diff_report, sbom_file_name) + + def return_exit_code(self, diff_report: Diff) -> int: + if not self.report_pass(diff_report) and not self.blocking_disabled: + return 1 + elif len(diff_report.new_alerts) > 0 and not self.blocking_disabled: + # 5 means warning alerts but no blocking alerts + return 5 + else: + return 0 + + def output_console_comments(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None: + """Outputs formatted console comments""" + if len(diff_report.new_alerts) == 0: + self.logger.info("No issues found") + return + + console_security_comment = Messages.create_console_security_alert_table(diff_report) + self.logger.info("Security issues detected by Socket Security:") + self.logger.info(console_security_comment) + + def output_console_json(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None: + """Outputs JSON formatted results""" + console_security_comment = Messages.create_security_comment_json(diff_report) + self.logger.info(json.dumps(console_security_comment)) + + + def report_pass(self, diff_report: Diff) -> bool: + """Determines if the report passes security checks""" + if not diff_report.new_alerts: + return True + + if self.blocking_disabled: + return True + + return not any(issue.error for issue in diff_report.new_alerts) + + def save_sbom_file(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None: + """Saves SBOM file if filename is provided""" + if not sbom_file_name or not diff_report.sbom: + return + + sbom_path = Path(sbom_file_name) + sbom_path.parent.mkdir(parents=True, exist_ok=True) + + with open(sbom_path, "w") as f: + json.dump(diff_report.sbom, f, indent=2) + + def _output_issue(self, issue: Issue) -> None: + """Helper method to format and output a single issue""" + severity = issue.severity.upper() if issue.severity else "UNKNOWN" + status = "🚫 Blocking" if issue.error else "⚠️ Warning" + + self.logger.warning(f"\n{status} - Severity: {severity}") + self.logger.warning(f"Title: {issue.title}") + if issue.description: + self.logger.warning(f"Description: {issue.description}") + if issue.suggestion: + self.logger.warning(f"suggestion: {issue.suggestion}") + + def _format_issue(self, issue: Issue) -> Dict[str, Any]: + """Helper method to format an issue for JSON output""" + return { + "purl": issue.purl, + "title": issue.title, + "description": issue.description, + "severity": issue.severity, + "blocking": issue.error, + } diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index f2bc0cb..3ae28fc 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -1,424 +1,234 @@ -import argparse import json +import sys import traceback -import socketsecurity.core -from socketsecurity.core import Core, __version__ -from socketsecurity.core.classes import FullScanParams, Diff, Package, Issue -from socketsecurity.core.messages import Messages -from socketsecurity.core.scm_comments import Comments -from socketsecurity.core.git_interface import Git +from dotenv import load_dotenv from git import InvalidGitRepositoryError, NoSuchPathError -import os -import sys -import logging - -log_format = "%(asctime)s: %(message)s" -logging.basicConfig(level=logging.INFO, format=log_format) -socketsecurity.core.log.setLevel(level=logging.INFO) -log = logging.getLogger("socketcli") -blocking_disabled = False - -parser = argparse.ArgumentParser( - prog="socketcli", - description="Socket Security CLI" -) -parser.add_argument( - '--api_token', - help='The Socket API token can be set via SOCKET_SECURITY_API_KEY', - required=False -) -parser.add_argument( - '--repo', - help='The name of the repository', - required=False -) -parser.add_argument( - '--branch', - default='', - help='The name of the branch', - required=False -) -parser.add_argument( - - '--committer', - help='The name of the person or bot running this', - action="append", - required=False -) -parser.add_argument( - '--pr_number', - default="0", - help='The pr or build number', - required=False -) -parser.add_argument( - '--commit_message', - help='Commit or build message for the run', - required=False -) -parser.add_argument( - '--default_branch', - default=False, - action='store_true', - help='Whether this is the default/head for run' -) -parser.add_argument( - '--target_path', - default='./', - help='Path to look for manifest files', - required=False -) - -parser.add_argument( - '--scm', - default='api', - help='Integration mode choices are api, github, gitlab, and bitbucket', - choices=["api", "github", "gitlab"], - required=False -) - -parser.add_argument( - '--sbom-file', - default=None, - help='If soecified save the SBOM details to the specified file', - required=False -) - -parser.add_argument( - '--commit-sha', - default="", - help='Optional git commit sha', - required=False -) - -parser.add_argument( - '--generate-license', - default=False, - help='Run in license mode to generate license output', - required=False -) - -parser.add_argument( - '-v', - '--version', - action="version", - version=f'%(prog)s {__version__}', - help='Display the version', -) - -parser.add_argument( - '--enable-debug', - help='Enable debug mode', - action='store_true', - default=False -) - -parser.add_argument( - '--allow-unverified', - help='Allow unverified SSL Connections', - action='store_true', - default=False -) - -parser.add_argument( - '--enable-json', - help='Enable json output of results instead of table formatted', - action='store_true', - default=False -) - -parser.add_argument( - '--disable-overview', - help='Disables Dependency Overview comments', - action='store_true', - default=False -) - -parser.add_argument( - '--disable-security-issue', - help='Disables Security Issues comment', - action='store_true', - default=False -) - -parser.add_argument( - '--files', - help='Specify a list of files in the format of ["file1", "file2"]', - default="[]" -) - -parser.add_argument( - '--ignore-commit-files', - help='Ignores only looking for changed files form the commit. Will find any supported manifest file type', - action='store_true', - default=False -) - -parser.add_argument( - '--disable-blocking', - help='Disables failing checks and will only exit with an exit code of 0', - action='store_true', - default=False -) - -parser.add_argument( - '--timeout', - default=1200, - help='Timeout configuration for each request. Defaults to 1200 and applies to each unique HTTP request', - required=False, - type=float -) - -parser.add_argument( - '--enable-sarif', - help='Enable SARIF output of results instead of table or JSON format', - action='store_true', - default=False -) - - -def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> None: - if diff_report.id != "NO_DIFF_RAN": - console_security_comment = Messages.create_console_security_alert_table(diff_report) - save_sbom_file(diff_report, sbom_file_name) - log.info(f"Socket Full Scan ID: {diff_report.id}") - if len(diff_report.new_alerts) > 0: - log.info("Security issues detected by Socket Security") - msg = f"\n{console_security_comment}" - log.info(msg) - if not report_pass(diff_report) and not blocking_disabled: - sys.exit(1) - else: - # Means only warning alerts with no blocked - if not blocking_disabled: - sys.exit(5) - else: - log.info("No New Security issues detected by Socket Security") - -def output_console_sarif(diff_report: Diff, sbom_file_name: str = None) -> None: - """ - Generate SARIF output from the diff report and save it to a file. - """ - if diff_report.id != "NO_DIFF_RAN": - # Generate the SARIF structure using Messages - console_security_comment = Messages.create_security_comment_sarif(diff_report) - - # Save the SARIF output to the specified SBOM file name or fallback to a default - save_sbom_file(diff_report, sbom_file_name) - # Print the SARIF output to the console in JSON format - print(json.dumps(console_security_comment, indent=2)) - - # Handle exit codes based on alert severity - if not report_pass(diff_report) and not blocking_disabled: - sys.exit(1) - elif len(diff_report.new_alerts) > 0 and not blocking_disabled: - # Warning alerts without blocking - sys.exit(5) - -def output_console_json(diff_report: Diff, sbom_file_name: str = None) -> None: - if diff_report.id != "NO_DIFF_RAN": - console_security_comment = Messages.create_security_comment_json(diff_report) - save_sbom_file(diff_report, sbom_file_name) - print(json.dumps(console_security_comment)) - if not report_pass(diff_report) and not blocking_disabled: - sys.exit(1) - elif len(diff_report.new_alerts) > 0 and not blocking_disabled: - # Means only warning alerts with no blocked - sys.exit(5) - - -def report_pass(diff_report: Diff) -> bool: - report_passed = True - if len(diff_report.new_alerts) > 0: - for alert in diff_report.new_alerts: - alert: Issue - if report_passed and alert.error: - report_passed = False - break - return report_passed +from socketdev import socketdev +from socketdev.fullscans import FullScanParams +from socketsecurity.config import CliConfig +from socketsecurity.core import Core +from socketsecurity.core.classes import Diff +from socketsecurity.core.cli_client import CliClient +from socketsecurity.core.git_interface import Git +from socketsecurity.core.logging import initialize_logging, set_debug_mode +from socketsecurity.core.messages import Messages +from socketsecurity.core.scm_comments import Comments +from socketsecurity.core.socket_config import SocketConfig +from socketsecurity.output import OutputHandler -def save_sbom_file(diff_report: Diff, sbom_file_name: str = None): - if diff_report is not None and sbom_file_name is not None: - Core.save_file(sbom_file_name, json.dumps(Core.create_sbom_output(diff_report))) +socket_logger, log = initialize_logging() +load_dotenv() def cli(): try: main_code() except KeyboardInterrupt: log.info("Keyboard Interrupt detected, exiting") - if not blocking_disabled: + config = CliConfig.from_args() # Get current config + if not config.disable_blocking: sys.exit(2) else: sys.exit(0) except Exception as error: log.error("Unexpected error when running the cli") log.error(error) - log.error("Traceback:") - log.error(traceback.format_exc()) - if not blocking_disabled: + traceback.print_exc() + config = CliConfig.from_args() # Get current config + if not config.disable_blocking: sys.exit(3) else: sys.exit(0) def main_code(): - arguments = parser.parse_args() - debug = arguments.enable_debug - if debug: - logging.basicConfig(level=logging.DEBUG, format=log_format) - log.setLevel(logging.DEBUG) - Core.enable_debug_log(logging.DEBUG) + config = CliConfig.from_args() + print(f"config: {config.to_dict()}") + output_handler = OutputHandler(blocking_disabled=config.disable_blocking) + + sdk = socketdev(token=config.api_token) + print("sdk loaded") + + if config.enable_debug: + set_debug_mode(True) log.debug("Debug logging enabled") - repo = arguments.repo - branch = arguments.branch - commit_message = arguments.commit_message - committer = arguments.committer - default_branch = arguments.default_branch - pr_number = arguments.pr_number - target_path = arguments.target_path - scm_type = arguments.scm - commit_sha = arguments.commit_sha - sbom_file = arguments.sbom_file - license_mode = arguments.generate_license - enable_json = arguments.enable_json - enable_sarif = arguments.enable_sarif - disable_overview = arguments.disable_overview - disable_security_issue = arguments.disable_security_issue - ignore_commit_files = arguments.ignore_commit_files - disable_blocking = arguments.disable_blocking - allow_unverified = arguments.allow_unverified - timeout = arguments.timeout - if disable_blocking: - global blocking_disabled - blocking_disabled = True - files = arguments.files - log.info(f"Starting Socket Security Scan version {__version__}") - api_token = os.getenv("SOCKET_SECURITY_API_KEY") or arguments.api_token + # Validate API token + if not config.api_token: + log.info("Unable to find Socket API Token") + sys.exit(3) + + # Initialize Socket core components + socket_config = SocketConfig( + api_key=config.api_token, + allow_unverified_ssl=config.allow_unverified, + timeout=config.timeout if config.timeout is not None else 30 # Use CLI timeout if provided + ) + print("loaded socket_config") + client = CliClient(socket_config) + print("loaded client") + core = Core(socket_config, sdk) + print("loaded core") + # Load files - files defaults to "[]" in CliConfig try: - files = json.loads(files) - is_repo = True + files = json.loads(config.files) # Will always succeed with empty list by default + is_repo = True # FIXME: This is misleading - JSON parsing success doesn't indicate repo status except Exception as error: - log.error(f"Unable to parse {files}") + # Only hits this if files was manually set to invalid JSON + log.error(f"Unable to parse {config.files}") log.error(error) sys.exit(3) - if api_token is None: - log.info("Unable to find Socket API Token") - sys.exit(3) + + # Git setup try: - git_repo = Git(target_path) - if repo is None: - repo = git_repo.repo_name - if commit_sha is None or commit_sha == '': - commit_sha = git_repo.commit - if branch is None or branch == '': - branch = git_repo.branch - if committer is None or committer == '': - committer = git_repo.committer - if commit_message is None or commit_message == '': - commit_message = git_repo.commit_message - if len(files) == 0 and not ignore_commit_files: - files = git_repo.changed_files - is_repo = True + git_repo = Git(config.target_path) + if not config.repo: + config.repo = git_repo.repo_name + if not config.commit_sha: + config.commit_sha = git_repo.commit_str + if not config.branch: + config.branch = git_repo.branch + if not config.committers: + config.committers = [git_repo.committer] + if not config.commit_message: + config.commit_message = git_repo.commit_message + if files and not config.ignore_commit_files: # files is empty by default, so this is False unless files manually specified + files = git_repo.changed_files # Only gets git's changed files if files were manually specified + is_repo = True # Redundant since already True except InvalidGitRepositoryError: - is_repo = False - ignore_commit_files = True - pass + is_repo = False # Overwrites previous True - this is the REAL repo status + config.ignore_commit_files = True # Silently changes config - should log this except NoSuchPathError: - raise Exception(f"Unable to find path {target_path}") - # git_repo = None - if repo is None: + raise Exception(f"Unable to find path {config.target_path}") + + if not config.repo: log.info("Repo name needs to be set") sys.exit(2) - license_file = f"{repo}" - if branch is not None: - license_file += f"_{branch}" - license_file += ".json" + scm = None - if scm_type == "github": - from socketsecurity.core.github import Github - scm = Github() - elif scm_type == 'gitlab': - from socketsecurity.core.gitlab import Gitlab - scm = Gitlab() + if config.scm == "github": + from socketsecurity.core.scm.github import Github, GithubConfig + # Only pass pr_number if it's not "0" (the default) + pr_number = config.pr_number if config.pr_number != "0" else None + github_config = GithubConfig.from_env(pr_number=pr_number) + scm = Github(client=client, config=github_config) + elif config.scm == 'gitlab': + from socketsecurity.core.scm.gitlab import Gitlab, GitlabConfig + gitlab_config = GitlabConfig.from_env() + scm = Gitlab(client=client, config=gitlab_config) if scm is not None: - default_branch = scm.is_default_branch + config.default_branch = scm.config.is_default_branch + + + # Combine manually specified files with git changes if applicable + files_to_check = set(json.loads(config.files)) # Start with manually specified files + + # Add git changes if this is a repo and we're not ignoring commit files + if is_repo and not config.ignore_commit_files: + files_to_check.update(git_repo.changed_files) + + # Determine if we need to scan based on manifest files + should_skip_scan = True # Default to skipping + if config.ignore_commit_files: + should_skip_scan = False # Force scan if ignoring commit files + elif files_to_check: # If we have any files to check + should_skip_scan = not core.has_manifest_files(list(files_to_check)) + print(f"in elif, should_skip_scan: {should_skip_scan}") + + if should_skip_scan: + log.debug("No manifest files found in changes, skipping scan") + else: + log.debug("Found manifest files or forced scan, proceeding") - base_api_url = os.getenv("BASE_API_URL") or None - core = Core(token=api_token, request_timeout=timeout, base_api_url=base_api_url, allow_unverified=allow_unverified) - no_change = True - if ignore_commit_files: - no_change = False - elif is_repo and files is not None and len(files) > 0: - log.info(files) - no_change = core.match_supported_files(files) + org_slug = core.config.org_slug + integration_type = config.integration_type + integration_org_slug = config.integration_org_slug or org_slug - set_as_pending_head = False - if default_branch: - set_as_pending_head = True params = FullScanParams( - repo=repo, - branch=branch, - commit_message=commit_message, - commit_hash=commit_sha, - pull_request=pr_number, - committers=committer, - make_default_branch=default_branch, - set_as_pending_head=set_as_pending_head + org_slug=org_slug, + integration_type=integration_type, + integration_org_slug=integration_org_slug, + repo=config.repo, + branch=config.branch, + commit_message=config.commit_message, + commit_hash=config.commit_sha, + pull_request=config.pr_number, + committers=config.committers, + make_default_branch=config.default_branch, + set_as_pending_head=True ) + + # Initialize diff diff = Diff() diff.id = "NO_DIFF_RAN" + + # Handle SCM-specific flows if scm is not None and scm.check_event_type() == "comment": + # FIXME: This entire flow should be a separate command called "filter_ignored_alerts_in_comments" + # It's not related to scanning or diff generation - it just: + # 1. Triggers on comments in GitHub/GitLab + # 2. If comment was from Socket, checks for ignore reactions + # 3. Updates the comment to remove ignored alerts + # This is completely separate from the main scanning functionality log.info("Comment initiated flow") - log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") - comments = scm.get_comments_for_pr(scm.repository, str(scm.pr_number)) + + comments = scm.get_comments_for_pr() log.debug("Removing comment alerts") scm.remove_comment_alerts(comments) + elif scm is not None and scm.check_event_type() != "comment": log.info("Push initiated flow") - diff: Diff - if no_change: + if should_skip_scan: log.info("No manifest files changes, skipping scan") - # log.info("No dependency changes") elif scm.check_event_type() == "diff": - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) log.info("Starting comment logic for PR/MR event") - log.debug(f"Getting comments for Repo {scm.repository} for PR {scm.pr_number}") - comments = scm.get_comments_for_pr(repo, str(pr_number)) + diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan) + comments = scm.get_comments_for_pr() log.debug("Removing comment alerts") + + # FIXME: this overwrites diff.new_alerts, which was previously populated by Core.create_issue_alerts diff.new_alerts = Comments.remove_alerts(comments, diff.new_alerts) log.debug("Creating Dependency Overview Comment") + overview_comment = Messages.dependency_overview_template(diff) log.debug("Creating Security Issues Comment") + security_comment = Messages.security_comment_template(diff) + new_security_comment = True new_overview_comment = True + update_old_security_comment = ( security_comment is None or security_comment == "" or (len(comments) != 0 and comments.get("security") is not None) ) + update_old_overview_comment = ( overview_comment is None or overview_comment == "" or (len(comments) != 0 and comments.get("overview") is not None) ) - if len(diff.new_alerts) == 0 or disable_security_issue: + + if len(diff.new_alerts) == 0 or config.disable_security_issue: if not update_old_security_comment: new_security_comment = False log.debug("No new alerts or security issue comment disabled") else: log.debug("Updated security comment with no new alerts") - if (len(diff.new_packages) == 0 and len(diff.removed_packages) == 0) or disable_overview: + + # FIXME: diff.new_packages is never populated, neither is removed_packages + if (len(diff.new_packages) == 0 and len(diff.removed_packages) == 0) or config.disable_overview: if not update_old_overview_comment: new_overview_comment = False log.debug("No new/removed packages or Dependency Overview comment disabled") else: log.debug("Updated overview comment with no dependencies") - log.debug(f"Adding comments for {scm_type}") + + log.debug(f"Adding comments for {config.scm}") + scm.add_socket_comments( security_comment, overview_comment, @@ -428,31 +238,21 @@ def main_code(): ) else: log.info("Starting non-PR/MR flow") - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) - if enable_sarif: - log.debug("Outputting SARIF Results") - output_console_sarif(diff, sbom_file) - elif enable_json: - log.debug("Outputting JSON Results") - output_console_json(diff, sbom_file) - else: - output_console_comments(diff, sbom_file) + diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan) + + output_handler.handle_output(diff, config.sbom_file, config.enable_json) else: log.info("API Mode") - diff: Diff - diff = core.create_new_diff(target_path, params, workspace=target_path, no_change=no_change) - if enable_sarif: - log.debug("Outputting SARIF Results") - output_console_sarif(diff, sbom_file) - elif enable_json: - log.debug("Outputting JSON Results") - output_console_json(diff, sbom_file) + diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan) + if config.enable_json: + output_handler.output_console_json(diff, config.sbom_file) else: - output_console_comments(diff, sbom_file) - if diff is not None and license_mode: + output_handler.output_console_comments(diff, config.sbom_file) + + # Handle license generation + if diff is not None and config.generate_license: all_packages = {} for package_id in diff.packages: - package: Package package = diff.packages[package_id] output = { "id": package_id, @@ -465,8 +265,14 @@ def main_code(): "license_text": package.license_text } all_packages[package_id] = output + license_file = f"{config.repo}" + if config.branch: + license_file += f"_{config.branch}" + license_file += ".json" core.save_file(license_file, json.dumps(all_packages)) + sys.exit(output_handler.return_exit_code(diff)) + if __name__ == '__main__': cli() diff --git a/tests/__init__.py b/tests/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/tests/core/conftest.py b/tests/core/conftest.py new file mode 100644 index 0000000..9fd1049 --- /dev/null +++ b/tests/core/conftest.py @@ -0,0 +1,179 @@ +# tests/conftest.py +import json +from pathlib import Path + +import pytest +from socketdev.fullscans import ( + CreateFullScanResponse, + FullScanStreamResponse, + GetFullScanMetadataResponse, + StreamDiffResponse, +) +from socketdev.repos import GetRepoResponse +from socketdev.settings import OrgSecurityPolicyResponse + + +@pytest.fixture +def data_dir(): + return Path(__file__).parent.parent / "data" + + +@pytest.fixture +def load_json(): + def _load_json(path: Path): + with open(path) as f: + return json.load(f) + + return _load_json + + +# API Response Fixtures +@pytest.fixture +def repo_info_response(data_dir, load_json): + json_data = load_json(data_dir / "repos" / "repo_info_success.json") + return GetRepoResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "data": json_data["data"] + }) + + +@pytest.fixture +def head_scan_metadata(data_dir, load_json): + json_data = load_json(data_dir / "fullscans" / "head_scan" / "metadata.json") + return GetFullScanMetadataResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "data": json_data["data"] + }) + + +@pytest.fixture +def head_scan_stream(data_dir, load_json): + json_data = load_json(data_dir / "fullscans" / "head_scan" / "stream_scan.json") + return FullScanStreamResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "artifacts": json_data["artifacts"] + }) + + +@pytest.fixture +def new_scan_metadata(data_dir, load_json): + json_data = load_json(data_dir / "fullscans" / "new_scan" / "metadata.json") + return GetFullScanMetadataResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "data": json_data["data"] + }) + + +@pytest.fixture +def new_scan_stream(data_dir, load_json): + json_data = load_json(data_dir / "fullscans" / "new_scan" / "stream_scan.json") + return FullScanStreamResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "artifacts": json_data["artifacts"] + }) + + +@pytest.fixture +def stream_diff_response(data_dir, load_json): + json_data = load_json(data_dir / "fullscans" / "diff" / "stream_diff.json") + return StreamDiffResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "data": json_data["data"] + }) + + +@pytest.fixture +def security_policy(data_dir, load_json): + json_data = load_json(data_dir / "settings" / "security-policy.json") + return OrgSecurityPolicyResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "securityPolicyRules": json_data["securityPolicyRules"] + }) + + +@pytest.fixture +def repo_info_error(data_dir, load_json): + json_data = load_json(data_dir / "repos" / "repo_info_error.json") + return GetRepoResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "message": json_data["message"], + }) + + +@pytest.fixture +def repo_info_no_head(data_dir, load_json): + json_data = load_json(data_dir / "repos" / "repo_info_no_head.json") + return GetRepoResponse.from_dict({ + "success": json_data["success"], + "status": json_data["status"], + "data": json_data["data"] + }) + + +@pytest.fixture +def create_full_scan_response(data_dir, load_json): + json_data = load_json(data_dir / "fullscans" / "create_response.json") + return CreateFullScanResponse.from_dict({ + "success": True, + "status": 201, + "data": json_data + }) + + +# Mock SDK Fixtures +@pytest.fixture +def mock_socket_sdk(mocker): + """Creates a mock of the socketdev SDK""" + return mocker.patch("socketdev.socketdev") + + +@pytest.fixture +def mock_sdk_with_responses( + mock_socket_sdk, + repo_info_response, + repo_info_error, + repo_info_no_head, + head_scan_metadata, + head_scan_stream, + new_scan_metadata, + new_scan_stream, + stream_diff_response, + security_policy, + create_full_scan_response, +): + sdk = mock_socket_sdk.return_value + + # Simple returns + sdk.settings.get.return_value = security_policy + sdk.fullscans.post.return_value = create_full_scan_response + + # Argument-based returns + sdk.repos.repo.side_effect = lambda org_slug, repo_slug: { + "test": repo_info_response, + "error": repo_info_error, + "no-head": repo_info_no_head, + }[repo_slug] + + sdk.fullscans.metadata.side_effect = lambda org_slug, scan_id: { + "head": head_scan_metadata, + "new": new_scan_metadata, + }[scan_id] + + sdk.fullscans.stream.side_effect = lambda org_slug, scan_id: { + "head": head_scan_stream, + "new": new_scan_stream, + }[scan_id] + + sdk.fullscans.stream_diff.side_effect = ( + lambda org_slug, head_id, new_id: stream_diff_response + ) + + return sdk diff --git a/tests/core/create_diff_input.json b/tests/core/create_diff_input.json new file mode 100644 index 0000000..0c50f40 --- /dev/null +++ b/tests/core/create_diff_input.json @@ -0,0 +1,442 @@ +{ + "added": { + "dp3": { + "type": "pypi", + "name": "direct_package_3", + "version": "1.20.21", + "release": "tar-gz", + "id": "dp3", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 94, + "end": 118 + } + ], + "author": [ + "faradaysec" + ], + "size": 845137, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "dp3_alert_1", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/ncrack/plugin.py", + "start": null, + "end": null, + "props": { + "envVars": "" + }, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp3_alert_2", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "file": null, + "start": null, + "end": null, + "props": { + "licenseId": "GPL-3.0" + }, + "action": null, + "actionPolicyIndex": null + } + ], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [], + "url": "https://socket.dev/pypi/package/direct_package_3/overview/1.20.21", + "transitives": 3, + "license": "GPL-3.0", + "license_text": "GNU GENERAL PUBLIC LICENSE\nVersion 3, 29 June 2007\n\nCopyright \u00a9 2007 Free Software Foundation, Inc. \n\nEveryone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.\n\nPreamble\n\nThe GNU General Public License is a free, copyleft license for software and other kinds of works.\n\nThe licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users. We, the Free Software Foundation, use the GNU General Public License for most of our software; it applies also to any other work released this way by its authors. You can apply it to your programs, too.\n\nWhen we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.\n\nTo protect your rights, we need to prevent others from denying you these rights or asking you to surrender the rights. Therefore, you have certain responsibilities if you distribute copies of the software, or if you modify it: responsibilities to respect the freedom of others.\n\nFor example, if you distribute copies of such a program, whether gratis or for a fee, you must pass on to the recipients the same freedoms that you received. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights.\n\nDevelopers that use the GNU GPL protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License giving you legal permission to copy, distribute and/or modify it.\n\nFor the developers' and authors' protection, the GPL clearly explains that there is no warranty for this free software. For both users' and authors' sake, the GPL requires that modified versions be marked as changed, so that their problems will not be attributed erroneously to authors of previous versions.\n\nSome devices are designed to deny users access to install or run modified versions of the software inside them, although the manufacturer can do so. This is fundamentally incompatible with the aim of protecting users' freedom to change the software. The systematic pattern of such abuse occurs in the area of products for individuals to use, which is precisely where it is most unacceptable. Therefore, we have designed this version of the GPL to prohibit the practice for those products. If such problems arise substantially in other domains, we stand ready to extend this provision to those domains in future versions of the GPL, as needed to protect the freedom of users.\n\nFinally, every program is threatened constantly by software patents. States should not allow patents to restrict development and use of software on general-purpose computers, but in those that do, we wish to avoid the special danger that patents applied to a free program could make it effectively proprietary. To prevent this, the GPL assures that patents cannot be used to render the program non-free.\n\nThe precise terms and conditions for copying, distribution and modification follow.\n\nTERMS AND CONDITIONS\n\n0. Definitions.\n\n\u201cThis License\u201d refers to version 3 of the GNU General Public License.\n\n\u201cCopyright\u201d also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.\n\n\u201cThe Program\u201d refers to any copyrightable work licensed under this License. Each licensee is addressed as \u201cyou\u201d. \u201cLicensees\u201d and \u201crecipients\u201d may be individuals or organizations.\n\nTo \u201cmodify\u201d a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a \u201cmodified version\u201d of the earlier work or a work \u201cbased on\u201d the earlier work.\n\nA \u201ccovered work\u201d means either the unmodified Program or a work based on the Program.\n\nTo \u201cpropagate\u201d a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.\n\nTo \u201cconvey\u201d a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.\n\nAn interactive user interface displays \u201cAppropriate Legal Notices\u201d to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.\n\n1. Source Code.\nThe \u201csource code\u201d for a work means the preferred form of the work for making modifications to it. \u201cObject code\u201d means any non-source form of a work.\n\nA \u201cStandard Interface\u201d means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.\n\nThe \u201cSystem Libraries\u201d of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A \u201cMajor Component\u201d, in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.\n\nThe \u201cCorresponding Source\u201d for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.\n\nThe Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.\n\nThe Corresponding Source for a work in source code form is that same work.\n\n2. Basic Permissions.\nAll rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.\n\nYou may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.\n\nConveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.\n\n3. Protecting Users' Legal Rights From Anti-Circumvention Law.\nNo covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.\n\nWhen you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.\n\n4. Conveying Verbatim Copies.\nYou may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.\n\nYou may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.\n\n5. Conveying Modified Source Versions.\nYou may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:\n\n\t a) The work must carry prominent notices stating that you modified it, and giving a relevant date.\n\n\t b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to \u201ckeep intact all notices\u201d.\n\n\t c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.\n\n\t d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.\n\nA compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an \u201caggregate\u201d if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.\n\n6. Conveying Non-Source Forms.\nYou may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:\n\n\t a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.\n\n\t b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.\n\n\t c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.\n\n\t d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.\n\n\t e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.\n\nA separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.\n\nA \u201cUser Product\u201d is either (1) a \u201cconsumer product\u201d, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, \u201cnormally used\u201d refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.\n\n\u201cInstallation Information\u201d for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.\n\nIf you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).\n\nThe requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.\n\nCorresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.\n\n7. Additional Terms.\n\u201cAdditional permissions\u201d are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.\n\nWhen you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.\n\nNotwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:\n\n\t a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or\n\n\t b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or\n\n\t c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or\n\n\t d) Limiting the use for publicity purposes of names of licensors or authors of the material; or\n\n\t e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or\n\n\t f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.\n\nAll other non-permissive additional terms are considered \u201cfurther restrictions\u201d within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.\n\nIf you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.\n\nAdditional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.\n\n8. Termination.\nYou may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).\n\nHowever, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.\n\nMoreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.\n\nTermination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.\n\n9. Acceptance Not Required for Having Copies.\nYou are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.\n\n10. Automatic Licensing of Downstream Recipients.\nEach time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.\n\nAn \u201centity transaction\u201d is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.\n\nYou may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.\n\n11. Patents.\nA \u201ccontributor\u201d is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's \u201ccontributor version\u201d.\n\nA contributor's \u201cessential patent claims\u201d are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, \u201ccontrol\u201d includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.\n\nEach contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.\n\nIn the following three paragraphs, a \u201cpatent license\u201d is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To \u201cgrant\u201d such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.\n\nIf you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. \u201cKnowingly relying\u201d means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.\n\nIf, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.\n\nA patent license is \u201cdiscriminatory\u201d if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.\n\nNothing in this License shall be consTrued as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.\n\n12. No Surrender of Others' Freedom.\nIf conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.\n\n13. Use with the GNU Affero General Public License.\nNotwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU Affero General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the special requirements of the GNU Affero General Public License, section 13, concerning interaction through a network will apply to the combination as such.\n\n14. Revised Versions of this License.\nThe Free Software Foundation may publish revised and/or new versions of the GNU General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.\n\nEach version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU General Public License \u201cor any later version\u201d applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU General Public License, you may choose any version ever published by the Free Software Foundation.\n\nIf the Program specifies that a proxy can decide which future versions of the GNU General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.\n\nLater license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.\n\n15. Disclaimer of Warranty.\nTHERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM \u201cAS IS\u201d WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.\n\n16. Limitation of Liability.\nIN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.\n\n17. Interpretation of Sections 15 and 16.\nIf the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.\n\nEND OF TERMS AND CONDITIONS\n\nHow to Apply These Terms to Your New Programs\n\nIf you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.\n\nTo do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the \u201ccopyright\u201d line and a pointer to where the full notice is found.\n\n\t \n\t Copyright (C) \n\n\t This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.\n\n\t This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.\n\n\t You should have received a copy of the GNU General Public License along with this program. If not, see .\n\nAlso add information on how to contact you by electronic and paper mail.\n\nIf the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode:\n\n\t Copyright (C) \n\t This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.\n\t This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details.\n\nThe hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, your program's commands might be different; for a GUI interface, you would use an \u201cabout box\u201d.\n\nYou should also get your employer (if you work as a programmer) or school, if any, to sign a \u201ccopyright disclaimer\u201d for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see .\n\nThe GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read .\n", + "purl": "pkg:pypi/direct_package_3@1.20.21" + }, + "dp3_t1": { + "type": "pypi", + "name": "dp3_transitive_1", + "version": "8.1.7", + "release": "py3-none-any-whl", + "id": "dp3_t1", + "direct": null, + "manifestFiles": null, + "author": null, + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "dp3_t1_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp3_t1_alert_2", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py", + "start": null, + "end": null, + "props": { + "envVars": "" + }, + "action": null, + "actionPolicyIndex": null + } + ], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [ + "dp3" + ], + "url": "https://socket.dev/pypi/package/dp3_transitive_1/overview/8.1.7", + "transitives": 0, + "license": "BSD-3-Clause", + "license_text": "Copyright (c) . \n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\n1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\n\n3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n", + "purl": "pkg:pypi/dp3_transitive_1@8.1.7" + }, + "dp3_t1_release2": { + "type": "pypi", + "name": "dp3_transitive_1", + "version": "8.1.7", + "release": "tar-gz", + "id": "dp3_t1_release2", + "direct": null, + "manifestFiles": null, + "author": null, + "size": 922627, + "score": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "alerts": [ + { + "key": "dp3_t1_r1_alert_1", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/shell_completion.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp3_t1_r1_alert_2", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/formatting.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + } + ], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [ + "dp3" + ], + "url": "https://socket.dev/pypi/package/dp3_transitive_1/overview/8.1.7", + "transitives": 0, + "license": "BSD-3-Clause", + "license_text": "Copyright (c) . \n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\n1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\n\n3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n", + "purl": "pkg:pypi/dp3_transitive_1@8.1.7" + }, + "dp3_t2": { + "type": "pypi", + "name": "dp3_transitive_2", + "version": "4.12.3", + "release": "py3-none-any-whl", + "id": "dp3_t2", + "direct": null, + "manifestFiles": null, + "author": [ + "leonard" + ], + "size": 618628, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "dp3_t2_alert_1", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/__init__.py", + "start": null, + "end": null, + "props": { + "envVars": "" + }, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp3_t2_alert_2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/element.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp3_t2_alert_3", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/css.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + } + ], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [ + "dp3", + "dp4" + ], + "url": "https://socket.dev/pypi/package/dp3_transitive_2/overview/4.12.3", + "transitives": 0, + "license": "MIT", + "license_text": "MIT License\n\nCopyright (c) \n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the \"Software\"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.\n", + "purl": "pkg:pypi/dp3_transitive_2@4.12.3" + }, + "dp4": { + "type": "pypi", + "name": "direct_package_4", + "version": "1.0.1", + "release": "tar-gz", + "id": "dp4", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 14, + "end": 34 + } + ], + "author": [ + "bbc", + "theskumar" + ], + "size": 160044, + "score": { + "supplyChain": 0.8, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8 + }, + "alerts": [ + { + "key": "dp4_alert_1", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/setup.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + } + ], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [], + "url": "https://socket.dev/pypi/package/direct_package_4/overview/1.0.1", + "transitives": 1, + "license": "BSD-3-Clause", + "license_text": "Copyright (c) . \n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\n1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\n\n3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n", + "purl": "pkg:pypi/direct_package_4@1.0.1" + } + }, + "removed": { + "dp2": { + "type": "pypi", + "name": "direct_package_2", + "version": "33.1.0", + "release": "py3-none-any-whl", + "id": "dp2", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt" + } + ], + "author": null, + "size": null, + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [], + "url": "https://socket.dev/pypi/package/direct_package_2/overview/33.1.0", + "transitives": 1, + "license": "BSD-3-Clause", + "license_text": "Copyright (c) . \n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\n1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\n\n3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n", + "purl": "pkg:pypi/direct_package_2@33.1.0" + }, + "dp2_t1": { + "type": "pypi", + "name": "dp2_transitive_1", + "version": "8.1.7", + "release": "tar-gz", + "id": "dp2_t1", + "direct": null, + "manifestFiles": null, + "author": null, + "size": 922627, + "score": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "alerts": [ + { + "key": "dp2_t1_alert_1", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_basic.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp2_t1_alert_2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/parser.py", + "start": null, + "end": null, + "props": null, + "action": null, + "actionPolicyIndex": null + }, + { + "key": "dp2_t1_alert_3", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "file": null, + "start": null, + "end": null, + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "click-8.1.7/src/click.egg-info/PKG-INFO" + }, + "action": null, + "actionPolicyIndex": null + } + ], + "error_alerts": [], + "alert_counts": { + "critical": 0, + "high": 0, + "middle": 0, + "low": 0 + }, + "topLevelAncestors": [ + "dp2" + ], + "url": "https://socket.dev/pypi/package/dp2_transitive_1/overview/8.1.7", + "transitives": 0, + "license": "BSD-3-Clause", + "license_text": "Copyright (c) . \n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:\n\n1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.\n\n2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.\n\n3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.\n\nTHIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n", + "purl": "pkg:pypi/dp2_transitive_1@8.1.7" + } + } +} \ No newline at end of file diff --git a/tests/core/test_diff_generation.py b/tests/core/test_diff_generation.py new file mode 100644 index 0000000..472c901 --- /dev/null +++ b/tests/core/test_diff_generation.py @@ -0,0 +1,283 @@ +import json +from pathlib import Path + +import pytest + +from socketsecurity.core import Core +from socketsecurity.core.classes import Package +from socketsecurity.core.socket_config import SocketConfig + + +@pytest.fixture +def core(mock_sdk_with_responses): + config = SocketConfig(api_key="test_key") + core = Core(config=config, sdk=mock_sdk_with_responses) + return core + +@pytest.fixture +def diff_input() -> tuple[dict[str, Package], dict[str, Package]]: + """Fixture that loads the saved diff input and converts it to Package objects + + Returns: + Tuple of (added_packages, removed_packages) as Package dictionaries + """ + test_dir = Path(__file__).parent + input_file = test_dir / "create_diff_input.json" + + with open(input_file) as f: + data = json.load(f) + + # Convert the dictionaries back to Package objects + added = {k: Package(**v) for k, v in data["added"].items()} + removed = {k: Package(**v) for k, v in data["removed"].items()} + + return added, removed + +def test_create_diff_report(core, diff_input): + """Test creating a diff report""" + added, removed = diff_input + + # Create the diff report + diff = core.create_diff_report(added, removed) + + + + # Debug what alerts we have + # print("\nAdded packages alerts:") + # for pkg_id, pkg in added.items(): + # print(f"{pkg_id}: {pkg.alerts}") + + # print("\nRemoved packages alerts:") + # for pkg_id, pkg in removed.items(): + # print(f"{pkg_id}: {pkg.alerts}") + + # print("\nFinal new alerts:") + # for alert in diff.new_alerts: + # print(f"{alert.pkg_id}: {alert.type} ({alert.severity})") + + # By default direct_only=True, so only direct dependencies should be in new/removed + assert len(diff.new_packages) == 2 # dp3 and dp4 are direct + assert len(diff.removed_packages) == 1 # only dp2 is direct + + # Verify dp3 Purl object's transformed fields + dp3_purl = next(p for p in diff.new_packages if p.id == "dp3") + assert dp3_purl.ecosystem == "pypi" # Transformed from package.type + assert dp3_purl.transitives == 3 # Calculated count of transitive deps + assert dp3_purl.introduced_by == [("direct", "requirements.txt")] # Generated for direct deps + + # Verify dp2 Purl object's transformed fields + dp2_purl = next(p for p in diff.removed_packages if p.id == "dp2") + assert dp2_purl.ecosystem == "pypi" + assert dp2_purl.transitives == 1 # Has one transitive dep (dp2_t1) + assert dp2_purl.introduced_by == [("direct", "requirements.txt")] + + # Verify specific packages + new_pkg_ids = {p.id for p in diff.new_packages} + assert "dp3" in new_pkg_ids # Direct package + assert "dp4" in new_pkg_ids # Direct package + assert "dp3_t1" not in new_pkg_ids # Transitive dependency + + removed_pkg_ids = {p.id for p in diff.removed_packages} + assert "dp2" in removed_pkg_ids # Direct package + assert "dp2_t1" not in removed_pkg_ids # Transitive dependency + + # Verify new alerts + assert len(diff.new_alerts) == 8 + + alert_details = { + (alert.type, alert.severity, alert.pkg_id) + for alert in diff.new_alerts + } + + expected_alerts = { + ("envVars", "low", "dp3"), + ("copyleftLicense", "low", "dp3"), + ("filesystemAccess", "low", "dp3_t1"), + ("envVars", "low", "dp3_t1"), + ("envVars", "low", "dp3_t2"), + ("networkAccess", "middle", "dp3_t2"), + ("usesEval", "middle", "dp3_t2"), + ("usesEval", "middle", "dp4"), + } + + assert alert_details == expected_alerts + + # Verify new capabilities + assert "dp3" in diff.new_capabilities + assert set(diff.new_capabilities["dp3"]) == {"Environment Variables"} + + # Verify capabilities are added to purls + dp3_purl = next(p for p in diff.new_packages if p.id == "dp3") + assert hasattr(dp3_purl, "capabilities") + assert "Environment Variables" in dp3_purl.capabilities + +def create_input(core): + # Get two different scans to compare + head_scan = core.get_full_scan("head") + new_scan = core.get_full_scan("new") + + # Get the differences + added, removed = core.get_added_and_removed_packages(head_scan, new_scan) + + input_to_save = { + "added": {k: v.to_dict() for k, v in added.items()}, + "removed": {k: v.to_dict() for k, v in removed.items()} + } + + # Get the directory of the current test file + test_dir = Path(__file__).parent + output_file = test_dir / "create_diff_input.json" + + with open(output_file, "w") as f: + json.dump(input_to_save, f, indent=4) + +def print_scan_packages(head_scan, new_scan): + print("\n=== HEAD SCAN PACKAGES ===") + for pkg_id, pkg in head_scan.packages.items(): + print(f"\nPackage: {pkg_id}") + pkg_dict = pkg.to_dict() + pkg_dict.pop('license_text', None) # Remove license_text from output + print(json.dumps(pkg_dict, indent=2)) + + print("\n=== NEW SCAN PACKAGES ===") + for pkg_id, pkg in new_scan.packages.items(): + print(f"\nPackage: {pkg_id}") + pkg_dict = pkg.to_dict() + pkg_dict.pop('license_text', None) # Remove license_text from output + print(json.dumps(pkg_dict, indent=2)) + +def print_added_and_removed(added, removed): + print("\n=== ADDED PACKAGES ===") + for pkg_id, pkg in added.items(): + print(f"\nPackage: {pkg_id}") + pkg_dict = pkg.to_dict() + pkg_dict.pop('license_text', None) # Remove license_text from output + print(json.dumps(pkg_dict, indent=2)) + + print("\n=== REMOVED PACKAGES ===") + for pkg_id, pkg in removed.items(): + print(f"\nPackage: {pkg_id}") + pkg_dict = pkg.to_dict() + pkg_dict.pop('license_text', None) # Remove license_text from output + print(json.dumps(pkg_dict, indent=2)) + + # def test_create_diff_report_other(core): + # """Test creating a diff report from added and removed packages""" + # # Setup test package data + # added_packages = { + # "pkg1": Package( + # id="pkg1", + # name="package-1", + # version="1.0.0", + # type="npm", + # direct=True, + # manifestFiles=[{"file": "package.json"}], + # topLevelAncestors=[], + # alerts=[ + # { + # "key": "fs_access", + # "type": "filesystemAccess", + # "severity": "high", + # "props": {}, + # "category": "capability" + # }, + # { + # "key": "net_access", + # "type": "networkAccess", + # "severity": "medium", + # "props": {}, + # "category": "capability" + # } + # ], + # author=["test-author"], + # size=1000, + # transitives=0, + # url="https://socket.dev/npm/package/package-1/overview/1.0.0", + # purl="pkg:npm/package-1@1.0.0" + # ), + # "pkg2": Package( + # id="pkg2", + # name="package-2", + # version="1.0.0", + # type="npm", + # direct=False, # Transitive dependency + # manifestFiles=[], + # topLevelAncestors=["pkg1"], + # alerts=[ + # { + # "key": "shell_access", + # "type": "shellAccess", + # "severity": "high", + # "props": {}, + # "category": "capability" + # } + # ], + # author=["other-author"], + # size=500, + # transitives=0, + # url="https://socket.dev/npm/package/package-2/overview/1.0.0", + # purl="pkg:npm/package-2@1.0.0" + # ) + # } + + # removed_packages = { + # "old_pkg": Package( + # id="old_pkg", + # name="old-package", + # version="0.9.0", + # type="npm", + # direct=True, + # manifestFiles=[{"file": "package.json"}], + # topLevelAncestors=[], + # alerts=[ + # { + # "key": "fs_access", # Same alert type as pkg1 + # "type": "filesystemAccess", + # "severity": "high", + # "props": {}, + # "category": "capability" + # } + # ], + # author=["old-author"], + # size=800, + # transitives=0, + # url="https://socket.dev/npm/package/old-package/overview/0.9.0", + # purl="pkg:npm/old-package@0.9.0" + # ) + # } + + # # Create diff report + # diff = core.create_diff_report(added_packages, removed_packages) + + # # Verify new packages (should only include direct dependencies) + # assert len(diff.new_packages) == 1 + # new_pkg = diff.new_packages[0] + # assert new_pkg.id == "pkg1" + # assert new_pkg.name == "package-1" + # assert new_pkg.version == "1.0.0" + # assert new_pkg.direct is True + + # # Verify removed packages (should only include direct dependencies) + # assert len(diff.removed_packages) == 1 + # removed_pkg = diff.removed_packages[0] + # assert removed_pkg.id == "old_pkg" + # assert removed_pkg.name == "old-package" + # assert removed_pkg.version == "0.9.0" + + # # Verify new alerts (should include alerts from both direct and transitive deps) + # assert len(diff.new_alerts) > 0 + # alert_types = {alert.type for alert in diff.new_alerts} + # assert "networkAccess" in alert_types # New alert type + # assert "shellAccess" in alert_types # New alert type + # # filesystemAccess should not be in new alerts since it existed in removed packages + + # # Verify new capabilities + # assert "pkg1" in diff.new_capabilities + # assert set(diff.new_capabilities["pkg1"]) == {"File System Access", "Network Access"} + # assert "pkg2" in diff.new_capabilities + # assert set(diff.new_capabilities["pkg2"]) == {"Shell Access"} + + # # Verify capabilities are added to purls + # pkg1_purl = next(p for p in diff.new_packages if p.id == "pkg1") + # assert hasattr(pkg1_purl, "capabilities") + # assert set(pkg1_purl.capabilities) == {"File System Access", "Network Access"} \ No newline at end of file diff --git a/tests/core/test_package_and_alerts.py b/tests/core/test_package_and_alerts.py new file mode 100644 index 0000000..29cfa21 --- /dev/null +++ b/tests/core/test_package_and_alerts.py @@ -0,0 +1,230 @@ +import pytest +from unittest.mock import Mock, patch +from dataclasses import dataclass + +from socketsecurity.core import Core +from socketsecurity.core.classes import Package, Issue, Alert +from socketsecurity.core.socket_config import SocketConfig +from socketdev import socketdev + + +@dataclass +class MockArtifact: + id: str + name: str + version: str + type: str + license: str + direct: bool + topLevelAncestors: list + + +class TestPackageAndAlerts: + @pytest.fixture + def mock_sdk(self): + mock = Mock(spec=socketdev) + # Set up org.get() to return expected data + mock.org = Mock() + mock.org.get = Mock(return_value={ + "organizations": { + "test-org-id": { + "slug": "test-org" + } + } + }) + + # Set up settings.get() to return empty security policy + mock.settings = Mock() + settings_response = Mock() + settings_response.success = True + settings_response.security_policy = {} + mock.settings.get = Mock(return_value=settings_response) + + return mock + + @pytest.fixture + def config(self): + config = SocketConfig( + api_key="test-key", + allow_unverified_ssl=False + ) + config.security_policy = {} # Initialize with empty dict + return config + + @pytest.fixture + def core(self, mock_sdk, config): + return Core(config=config, sdk=mock_sdk) + + def test_create_packages_dict_basic(self, core): + """Test basic package dictionary creation with no transitives""" + mock_artifacts = [ + MockArtifact( + id="pkg:npm/test@1.0.0", + name="test", + version="1.0.0", + type="npm", + license="MIT", + direct=True, + topLevelAncestors=[] + ) + ] + + packages = core.create_packages_dict(mock_artifacts) + + assert len(packages) == 1 + pkg = packages["pkg:npm/test@1.0.0"] + assert pkg.name == "test" + assert pkg.version == "1.0.0" + assert pkg.transitives == 0 + + def test_create_packages_dict_with_transitives(self, core): + """Test package dictionary creation with transitive dependencies""" + mock_artifacts = [ + MockArtifact( + id="pkg:npm/parent@1.0.0", + name="parent", + version="1.0.0", + type="npm", + license="MIT", + direct=True, + topLevelAncestors=[] + ), + MockArtifact( + id="pkg:npm/child@1.0.0", + name="child", + version="1.0.0", + type="npm", + license="MIT", + direct=False, + topLevelAncestors=["pkg:npm/parent@1.0.0"] + ) + ] + + packages = core.create_packages_dict(mock_artifacts) + + assert len(packages) == 2 + parent = packages["pkg:npm/parent@1.0.0"] + child = packages["pkg:npm/child@1.0.0"] + assert parent.transitives == 1 + assert not child.direct + assert child.topLevelAncestors == ["pkg:npm/parent@1.0.0"] + + def test_add_package_alerts_basic(self, core): + """Test adding basic alerts to collection""" + package = Package( + id="pkg:npm/test@1.0.0", + name="test", + version="1.0.0", + type="npm", + alerts=[{ + "type": "networkAccess", + "key": "test-alert", + "severity": "high" + }], + topLevelAncestors=[] + ) + + alerts_collection = {} + packages = {package.id: package} + + result = core.add_package_alerts_to_collection(package, alerts_collection, packages) + + assert len(result) == 1 + assert "test-alert" in result + alert = result["test-alert"][0] + assert alert.type == "networkAccess" + assert alert.severity == "high" + + def test_add_package_alerts_with_security_policy(self, core): + """Test alerts are properly tagged based on security policy""" + # Mock security policy in config + core.config.security_policy = { + "networkAccess": {"action": "error"} + } + + package = Package( + id="pkg:npm/test@1.0.0", + name="test", + version="1.0.0", + type="npm", + alerts=[{ + "type": "networkAccess", + "key": "test-alert", + "severity": "high" + }], + topLevelAncestors=[] + ) + + alerts_collection = {} + packages = {package.id: package} + + result = core.add_package_alerts_to_collection(package, alerts_collection, packages) + + assert len(result) == 1 + alert = result["test-alert"][0] + assert alert.error is True + + def test_get_capabilities_for_added_packages(self, core): + """Test capability extraction from package alerts""" + added_packages = { + "pkg:npm/test@1.0.0": Package( + id="pkg:npm/test@1.0.0", + type="npm", + alerts=[{ + "type": "networkAccess", + "key": "test-alert" + }], + topLevelAncestors=[] + ) + } + + capabilities = Core.get_capabilities_for_added_packages(added_packages) + + assert len(capabilities) == 1 + assert "pkg:npm/test@1.0.0" in capabilities + assert "Network Access" in capabilities["pkg:npm/test@1.0.0"] + + def test_get_new_alerts_basic(self): + """Test identification of new alerts""" + added_alerts = { + "test-alert": [Issue( + key="test-alert", + type="networkAccess", + error=True, + pkg_type="npm", + pkg_name="test-package", + pkg_version="1.0.0", + purl="pkg:npm/test-package@1.0.0", + manifests="" # Required by get_new_alerts + )] + } + removed_alerts = {} + + new_alerts = Core.get_new_alerts(added_alerts, removed_alerts) + + assert len(new_alerts) == 1 + assert new_alerts[0].key == "test-alert" + assert new_alerts[0].error is True + + def test_get_new_alerts_with_readded(self): + """Test handling of alerts that were removed and readded""" + alert = Issue( + key="test-alert", + type="networkAccess", + error=True, + pkg_type="npm", + pkg_name="test-package", + pkg_version="1.0.0", + purl="pkg:npm/test-package@1.0.0", + manifests="" # Required by get_new_alerts + ) + added_alerts = {"test-alert": [alert]} + removed_alerts = {"test-alert": [alert]} + + # With ignore_readded=True (default) + new_alerts = Core.get_new_alerts(added_alerts, removed_alerts) + assert len(new_alerts) == 0 + + # With ignore_readded=False + new_alerts = Core.get_new_alerts(added_alerts, removed_alerts, ignore_readded=False) + assert len(new_alerts) == 1 \ No newline at end of file diff --git a/tests/core/test_sdk_methods.py b/tests/core/test_sdk_methods.py new file mode 100644 index 0000000..e07ec31 --- /dev/null +++ b/tests/core/test_sdk_methods.py @@ -0,0 +1,122 @@ +import pytest +from socketdev.fullscans import FullScanParams + +from socketsecurity.core import Core +from socketsecurity.core.socket_config import SocketConfig + + +@pytest.fixture +def core(mock_sdk_with_responses): + config = SocketConfig(api_key="test_key") + return Core(config=config, sdk=mock_sdk_with_responses) + +def test_get_repo_info(core, mock_sdk_with_responses): + """Test getting repository information""" + repo_info = core.get_repo_info("test") + + # Assert SDK called correctly + mock_sdk_with_responses.repos.repo.assert_called_once_with( + core.config.org_slug, + "test" + ) + + # Assert response processed correctly + assert repo_info.id == "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e" + assert repo_info.head_full_scan_id == "head" + +def test_get_head_scan_for_repo(core, mock_sdk_with_responses): + """Test getting head scan ID for a repository""" + head_scan_id = core.get_head_scan_for_repo("test") + + # Assert SDK method called correctly + mock_sdk_with_responses.repos.repo.assert_called_once_with( + core.config.org_slug, + "test" + ) + + # Assert we got the expected head scan ID + assert head_scan_id == "head" + +def test_get_head_scan_for_repo_no_head(core, mock_sdk_with_responses): + """Test getting head scan ID for repo with no head scan""" + head_scan_id = core.get_head_scan_for_repo("no-head") + assert head_scan_id is None + +def test_get_full_scan(core, mock_sdk_with_responses, head_scan_metadata, head_scan_stream): + """Test getting an existing full scan""" + full_scan = core.get_full_scan("head") + + # Assert SDK methods called correctly + mock_sdk_with_responses.fullscans.metadata.assert_called_once_with( + core.config.org_slug, + "head" + ) + mock_sdk_with_responses.fullscans.stream.assert_called_once_with( + core.config.org_slug, + "head" + ) + + # Assert response processed correctly + assert full_scan.id == head_scan_metadata["data"]["id"] + assert len(full_scan.sbom_artifacts) == len(head_scan_stream.artifacts) + assert len(full_scan.packages) == len(head_scan_stream.artifacts) + assert full_scan.packages["dp1"].transitives == 2 + +def test_create_full_scan(core, new_scan_metadata, new_scan_stream): + """Test creating a new full scan""" + # Setup test data + files = ["requirements.txt"] + params = FullScanParams( + repo="test-repo", + branch="main", + commit_hash="abc123", + ) + + # Create the full scan + full_scan = core.create_full_scan(files, params) + + # Verify the response + assert full_scan.id == new_scan_metadata["data"]["id"] + assert len(full_scan.sbom_artifacts) == len(new_scan_stream.artifacts) + assert len(full_scan.packages) == len(new_scan_stream.artifacts) + assert full_scan.packages["dp4"].transitives == 1 + assert full_scan.packages["dp3"].transitives == 3 + +def test_get_added_and_removed_packages(core): + """Test getting added and removed packages between two scans""" + # Get two different scans to compare + head_scan = core.get_full_scan("head") + new_scan = core.get_full_scan("new") + + # Get the differences + added, removed = core.get_added_and_removed_packages(head_scan, new_scan) + + # Verify SDK was called correctly + core.sdk.fullscans.stream_diff.assert_called_once_with( + core.config.org_slug, + "head", + "new" + ) + + # Verify the results + # Added packages + assert len(added) > 0 # We should have some added packages + assert "dp3" in added # Verify specific package we know was added + assert "dp4" in added + + # Removed packages + assert len(removed) > 0 # We should have some removed packages + assert "dp2" in removed # Verify specific package we know was removed + assert "dp2_t1" in removed # Verify transitive dependencies are also tracked + +def test_empty_alerts_preserved(core): + """Test that empty alerts arrays stay as empty arrays and don't become None""" + # Get the scan that contains dp2 (which has empty alerts array) + head_scan = core.get_full_scan("head") + + # Check the raw artifact first + artifacts = core.get_sbom_data("head") + assert artifacts["dp2"].alerts == [] # Should be empty list, not None + + # Check the final package + assert head_scan.packages["dp2"].alerts == [] # Should still be empty list diff --git a/tests/core/test_supporting_methods.py b/tests/core/test_supporting_methods.py new file mode 100644 index 0000000..89c40be --- /dev/null +++ b/tests/core/test_supporting_methods.py @@ -0,0 +1,300 @@ +from socketsecurity.core import Core +from socketsecurity.core.classes import Diff, Issue, Package, Purl + + +def test_create_purl(): + """Test creating a PURL from package data""" + # Setup test package data + pkg_type = "npm" + pkg_name = "test-package" + pkg_version = "1.0.0" + + packages = { + "test_pkg": Package( + id="test_pkg", + name=pkg_name, + version=pkg_version, + type=pkg_type, + direct=True, + manifestFiles=[{"file": "package.json"}], + topLevelAncestors=[], + author=["test-author"], + size=1000, + transitives=0, + purl=f"pkg:{pkg_type}/{pkg_name}@{pkg_version}" + ) + } + + # Create PURL + purl = Core.create_purl("test_pkg", packages) + + # Verify PURL properties + assert purl.id == "test_pkg" + assert purl.name == pkg_name + assert purl.version == pkg_version + assert purl.ecosystem == pkg_type + assert purl.direct is True + assert purl.introduced_by == [("direct", "package.json")] + assert purl.author == ["test-author"] + assert purl.size == 1000 + assert purl.transitives == 0 + assert purl.url == f"https://socket.dev/{pkg_type}/package/{pkg_name}/overview/{pkg_version}" + assert purl.purl == f"pkg:{pkg_type}/{pkg_name}@{pkg_version}" + + +def test_get_source_data(): + """Test getting source data for direct and transitive dependencies""" + # Setup test package data + direct_pkg = Package( + id="direct_pkg", + name="direct-package", + version="1.0.0", + type="npm", + direct=True, + manifestFiles=[ + {"file": "package.json", "start": 10, "end": 20} + ], + topLevelAncestors=[], + author=["test-author"], + size=1000, + transitives=1 + ) + + transitive_pkg = Package( + id="t_pkg", + name="transitive-package", + version="2.0.0", + type="npm", + direct=False, + manifestFiles=[], + topLevelAncestors=["direct_pkg"], + author=["other-author"], + size=500, + transitives=0 + ) + + packages = { + "direct_pkg": direct_pkg, + "t_pkg": transitive_pkg + } + + # Test direct package + direct_source = Core.get_source_data(direct_pkg, packages) + assert direct_source == [("direct", "package.json")] + + # Test transitive package + trans_source = Core.get_source_data(transitive_pkg, packages) + assert trans_source == [("npm/direct-package@1.0.0", "package.json")] + + +def test_get_capabilities_for_added_packages(): + """Test mapping package alerts to capabilities""" + # Setup test packages with various alert types + packages = { + "pkg1": Package( + id="pkg1", + name="package-1", + version="1.0.0", + type="npm", + direct=True, + manifestFiles=[{"file": "package.json"}], + topLevelAncestors=[], + alerts=[ + { + "key": "alert1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "index.js" + }, + { + "key": "alert2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lib.js" + } + ] + ), + "pkg2": Package( + id="pkg2", + name="package-2", + version="2.0.0", + type="npm", + direct=True, + manifestFiles=[{"file": "package.json"}], + topLevelAncestors=[], + alerts=[ + { + "key": "alert3", + "type": "usesEval", + "severity": "high", + "category": "supplyChainRisk", + "file": "main.js" + } + ] + ) + } + + # Get capabilities for these packages + capabilities = Core.get_capabilities_for_added_packages(packages) + + # Verify the returned dictionary structure + assert "pkg1" in capabilities + assert "pkg2" in capabilities + + # Verify capabilities for pkg1 (has both filesystem and network access) + assert "File System Access" in capabilities["pkg1"] + assert "Network Access" in capabilities["pkg1"] + assert len(capabilities["pkg1"]) == 2 + + # Verify capabilities for pkg2 (has eval) + assert "Uses Eval" in capabilities["pkg2"] + assert len(capabilities["pkg2"]) == 1 + + +def test_get_new_alerts(): + """Test finding new alerts between added and removed packages""" + # Setup test data + added_alerts = { + "key1": [ # Completely new alert type + Issue( + pkg_type="npm", + pkg_name="pkg1", + pkg_version="1.0.0", + pkg_id="pkg1", + key="key1", + type="filesystemAccess", + severity="high", + error=True, + purl="pkg:npm/pkg1@1.0.0", + manifests="package.json" + ) + ], + "key2": [ # Existing alert type but new instance + Issue( + pkg_type="npm", + pkg_name="pkg2", + pkg_version="1.0.0", + pkg_id="pkg2", + key="key2", + type="networkAccess", + severity="medium", + warn=True, + purl="pkg:npm/pkg2@1.0.0", + manifests="package.json" + ) + ], + "key3": [ # Alert that should be ignored (no error/warn) + Issue( + pkg_type="npm", + pkg_name="pkg3", + pkg_version="1.0.0", + pkg_id="pkg3", + key="key3", + type="info", + severity="low", + monitor=True, + purl="pkg:npm/pkg3@1.0.0", + manifests="package.json" + ) + ] + } + + removed_alerts = { + "key2": [ # Existing alert with different package + Issue( + pkg_type="npm", + pkg_name="old-pkg", + pkg_version="0.9.0", + pkg_id="old-pkg", + key="key2", + type="networkAccess", + severity="medium", + warn=True, + purl="pkg:npm/old-pkg@0.9.0", + manifests="package.json" + ) + ] + } + + # Test with ignore_readded=True (default) + new_alerts = Core.get_new_alerts(added_alerts, removed_alerts) + + # Verify results + assert len(new_alerts) == 2 # Should only include key1 and key2 alerts + + # Verify the completely new alert (key1) is included + key1_alerts = [a for a in new_alerts if a.key == "key1"] + assert len(key1_alerts) == 1 + assert key1_alerts[0].type == "filesystemAccess" + assert key1_alerts[0].error is True + + # Verify the new instance of existing alert (key2) is included + key2_alerts = [a for a in new_alerts if a.key == "key2"] + assert len(key2_alerts) == 1 + assert key2_alerts[0].type == "networkAccess" + assert key2_alerts[0].warn is True + + # Verify the monitor-only alert (key3) is not included + key3_alerts = [a for a in new_alerts if a.key == "key3"] + assert len(key3_alerts) == 0 + + # Test with ignore_readded=False + all_alerts = Core.get_new_alerts(added_alerts, removed_alerts, ignore_readded=False) + assert len(all_alerts) == 2 # Should still be 2 since key3 is still monitor-only + + +def test_add_purl_capabilities(): + """Test adding capabilities to purls in a diff""" + # Setup test data + diff = Diff( + id="test_diff", + new_packages=[ + Purl( + id="pkg1", + name="package-1", + version="1.0.0", + ecosystem="npm", + direct=True, + introduced_by=[("direct", "package.json")], + author=["test-author"], + size=1000, + transitives=0, + url="https://socket.dev/npm/package/package-1/overview/1.0.0", + purl="pkg:npm/package-1@1.0.0" + ), + Purl( + id="pkg2", + name="package-2", + version="2.0.0", + ecosystem="npm", + direct=True, + introduced_by=[("direct", "package.json")], + author=["other-author"], + size=500, + transitives=0, + url="https://socket.dev/npm/package/package-2/overview/2.0.0", + purl="pkg:npm/package-2@2.0.0" + ) + ], + new_capabilities={ + "pkg1": ["File System Access", "Network Access"], + # pkg2 intentionally has no capabilities + } + ) + + # Add capabilities to purls + Core.add_purl_capabilities(diff) + + # Verify results + assert len(diff.new_packages) == 2 + + # Check package with capabilities + pkg1 = next(p for p in diff.new_packages if p.id == "pkg1") + assert hasattr(pkg1, "capabilities") + assert pkg1.capabilities == ["File System Access", "Network Access"] + + # Check package without capabilities + pkg2 = next(p for p in diff.new_packages if p.id == "pkg2") + assert pkg2.capabilities == [] diff --git a/tests/data/fullscans/create_response.json b/tests/data/fullscans/create_response.json new file mode 100644 index 0000000..edae067 --- /dev/null +++ b/tests/data/fullscans/create_response.json @@ -0,0 +1,13 @@ +{ + "id": "new", + "created_at": "2025-01-06T14:53:45.475Z", + "updated_at": "2025-01-06T14:53:45.475Z", + "organization_id": "164600", + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "committers": [], + "branch": "test/big-diff-pr", + "commit_message": "", + "commit_hash": "", + "pull_request": 0, + "html_report_url": "https://socket.dev/dashboard/org/test_org/sbom/3ea34bd0-358f-4b74-8c0e-673cdcd04745" +} \ No newline at end of file diff --git a/tests/data/fullscans/diff/stream_diff.json b/tests/data/fullscans/diff/stream_diff.json new file mode 100644 index 0000000..b458c45 --- /dev/null +++ b/tests/data/fullscans/diff/stream_diff.json @@ -0,0 +1,556 @@ +{ + "success": true, + "status": 200, + "data": { + "before": { + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "branch": "test/big-diff-pr", + "id": "e2b84cde-d806-43c6-8ac5-150196870f5c", + "commit_message": "added malware sticker-convert to force new_alerts\n", + "commit_hash": "be43c94d75b15a6ad2722f3b7990aeb2d34af964", + "pull_request": 1, + "committers": [ + "Code Author" + ], + "organization_id": "164600" + }, + "after": { + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "branch": "test/big-diff-pr", + "id": "c2d9b98b-bf42-47af-b011-e32613eced13", + "commit_message": "updated pyyaml2", + "commit_hash": "5efacb1a6270c3c446fd54af652599400872c52c", + "pull_request": 1, + "committers": [ + "Code Author" + ], + "organization_id": "164600" + }, + "artifacts": { + "added": [ + { + "diffType": "added", + "type": "pypi", + "name": "direct_package_3", + "version": "1.20.21", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "tar-gz", + "id": "dp3", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 94, + "end": 118 + } + ], + "topLevelAncestors": [], + "license": "GPL-3.0", + "licenseDetails": [], + "author": [ + "faradaysec" + ], + "size": 845137, + "scores": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp3_alert_1", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/ncrack/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "dp3_alert_2", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + } + ] + }, + { + "diffType": "added", + "type": "pypi", + "name": "dp3_transitive_1", + "version": "8.1.7", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "py3-none-any-whl", + "id": "dp3_t1", + "topLevelAncestors": [ + "dp3" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "scores": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp3_t1_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py" + }, + { + "key": "dp3_t1_alert_2", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "diffType": "added", + "type": "pypi", + "name": "dp3_transitive_1", + "version": "8.1.7", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "tar-gz", + "id": "dp3_t1_release2", + "topLevelAncestors": [ + "dp3" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 922627, + "scores": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp3_t1_r1_alert_1", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/shell_completion.py" + }, + { + "key": "dp3_t1_r1_alert_2", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/formatting.py" + } + ] + }, + { + "diffType": "added", + "type": "pypi", + "name": "dp3_transitive_2", + "version": "4.12.3", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "py3-none-any-whl", + "id": "dp3_t2", + "topLevelAncestors": [ + "dp3", + "dp4" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "leonard" + ], + "size": 618628, + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp3_t2_alert_1", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "dp3_t2_alert_2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/element.py" + }, + { + "key": "dp3_t2_alert_3", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/css.py" + } + ] + }, + { + "diffType": "added", + "type": "pypi", + "name": "direct_package_4", + "version": "1.0.1", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "tar-gz", + "id": "dp4", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 14, + "end": 34 + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "bbc", + "theskumar" + ], + "size": 160044, + "scores": { + "supplyChain": 0.8, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp4_alert_1", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/setup.py" + } + ] + } + ], + "removed": [ + { + "diffType": "removed", + "type": "pypi", + "name": "direct_package_2", + "version": "33.1.0", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "py3-none-any-whl", + "id": "dp2", + "direct": true, + "license": "GPL-3.0", + "manifestFiles": [ + { + "file": "requirements.txt" + } + ], + "topLevelAncestors": [], + "licenseDetails": [], + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [] + }, + { + "diffType": "removed", + "type": "pypi", + "name": "dp2_transitive_1", + "version": "8.1.7", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "tar-gz", + "id": "dp2_t1", + "topLevelAncestors": [ + "dp2" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 922627, + "scores": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp2_t1_alert_1", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_basic.py" + }, + { + "key": "dp2_t1_alert_2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/parser.py" + }, + { + "key": "dp2_t1_alert_3", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "click-8.1.7/src/click.egg-info/PKG-INFO" + } + } + ] + } + ], + "unchanged": [ + { + "diffType": "unchanged", + "type": "pypi", + "name": "direct_package_1", + "version": "1.6.0", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "tar-gz", + "id": "dp1", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 119, + "end": 150 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "didix21" + ], + "size": 106479, + "scores": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp1_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/mdutils/fileutils/fileutils.py" + }, + { + "key": "dp1_alert_2", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/setup.py" + } + ] + }, + { + "diffType": "unchanged", + "type": "pypi", + "name": "dp1_transitive_1", + "version": "8.1.7", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "py3-none-any-whl", + "id": "dp1_t1", + "topLevelAncestors": [ + "dp1" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "scores": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp1_t1_alert_1", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/parser.py" + }, + { + "key": "dp1_t1_alert_2", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/shell_completion.py" + }, + { + "key": "dp1_t1_alert_3", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/shell_completion.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "diffType": "unchanged", + "type": "pypi", + "name": "dp1_transitive_2", + "version": "2.0.0", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "release": "py3-none-any-whl", + "id": "dp1_t2", + "topLevelAncestors": [ + "dp1" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "scores": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "alerts": [ + { + "key": "dp1_t2_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py" + } + ] + } + ], + "replaced": [], + "updated": [] + }, + "directDependenciesChanged": true, + "diff_report_url": "https://socket.dev/dashboard/org/test_org/diff/26533913/26533914" + } +} \ No newline at end of file diff --git a/tests/data/fullscans/diff/stream_diff_full.json b/tests/data/fullscans/diff/stream_diff_full.json new file mode 100644 index 0000000..328711a --- /dev/null +++ b/tests/data/fullscans/diff/stream_diff_full.json @@ -0,0 +1,52389 @@ +{ + "success": true, + "status": 200, + "data": { + "before": { + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "branch": "test/big-diff-pr", + "id": "e2b84cde-d806-43c6-8ac5-150196870f5c", + "commit_message": "added malware sticker-convert to force new_alerts\n", + "commit_hash": "be43c94d75b15a6ad2722f3b7990aeb2d34af964", + "pull_request": 1, + "committers": [ + "Code Author" + ], + "organization_id": "164600" + }, + "after": { + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "branch": "test/big-diff-pr", + "id": "c2d9b98b-bf42-47af-b011-e32613eced13", + "commit_message": "updated pyyaml2", + "commit_hash": "5efacb1a6270c3c446fd54af652599400872c52c", + "pull_request": 1, + "committers": [ + "Code Author" + ], + "organization_id": "164600" + }, + "artifacts": { + "added": [ + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590917", + "type": "pypi", + "name": "pyyaml", + "files": "Q3tD_zZCDZOayvV1BG8usCMEaDDSrqDDdu1JG39fF7BU", + "version": "6.0.2", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.3025, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.3025 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "MIT", + "size": 616096, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q20FZeEizZPOF8nvggApuDO3Ms3f6p_hD9d4xBB_2ygQ", + "type": 25, + "props": { + "source": "pyyaml-6.0.2/tests/legacy_tests/data/spec-05-02-utf16be.data" + } + }, + { + "key": "Q73t8QVbf1xlLz7bOI4CHEKWXqmMiTEhNvkU_6eOpn1E", + "type": 25, + "props": { + "source": "pyyaml-6.0.2/tests/legacy_tests/data/invalid-character.loader-error" + } + }, + { + "key": "QSjRz1g5_-1K1FmEODZu3DfY1kpN1hmhXqLDlAjdxo5Q", + "type": 25, + "props": { + "source": "pyyaml-6.0.2/tests/legacy_tests/data/spec-05-02-utf16le.data" + } + }, + { + "key": "QVgw4XJqVMpSVtKxHxpypcLwkxpjj1yIwe4TrXthyASY", + "type": 25, + "props": { + "source": "pyyaml-6.0.2/packaging/__pycache__/_pyyaml_pep517.cpython-312.pyc" + } + }, + { + "key": "QyqQeQPqoxcfQiBSHzIwhvRCOVMV2XovXgVhEnBErsrU", + "type": 25, + "props": { + "source": "pyyaml-6.0.2/tests/legacy_tests/data/invalid-character.stream-error" + } + }, + { + "key": "QVQO-Sw69IHiFAGUHjjGWWu0nPlCz76Zj2I5mrY3L5RY", + "type": 47, + "file": "pyyaml-6.0.2/lib/yaml/scanner.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/lib/yaml/serializer.py" + }, + { + "key": "Q56ZAE6UfOO8t4LfTJKv8_dPLNyv46-qqcAdNo3QUIdo", + "type": 16, + "file": "pyyaml-6.0.2/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q56ZAE6UfOO8t4LfTJKv8_dPLNyv46-qqcAdNo3QUIdo", + "type": 16, + "file": "pyyaml-6.0.2/tests/legacy_tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_appliance.py" + }, + { + "key": "Q56ZAE6UfOO8t4LfTJKv8_dPLNyv46-qqcAdNo3QUIdo", + "type": 16, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_appliance.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_canonical.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_constructor.py" + }, + { + "key": "QiXbjeV_M2ms3-TIm5dp1G5f9_u0u-A73w6IIKAFBu3I", + "type": 81, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_constructor.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_errors.py" + }, + { + "key": "QiXbjeV_M2ms3-TIm5dp1G5f9_u0u-A73w6IIKAFBu3I", + "type": 81, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_errors.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_input_output.py" + }, + { + "key": "QiXbjeV_M2ms3-TIm5dp1G5f9_u0u-A73w6IIKAFBu3I", + "type": 81, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_input_output.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_mark.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_multi_constructor.py" + }, + { + "key": "QiXbjeV_M2ms3-TIm5dp1G5f9_u0u-A73w6IIKAFBu3I", + "type": 81, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_multi_constructor.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_reader.py" + }, + { + "key": "QiXbjeV_M2ms3-TIm5dp1G5f9_u0u-A73w6IIKAFBu3I", + "type": 81, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_recursive.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_representer.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_resolver.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_schema.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_structure.py" + }, + { + "key": "QiXbjeV_M2ms3-TIm5dp1G5f9_u0u-A73w6IIKAFBu3I", + "type": 81, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_structure.py" + }, + { + "key": "QZg8k44B-9zmm3X2Jn93gsybnE9EamgyrAOQABCheflE", + "type": 19, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_yaml_ext.py" + }, + { + "key": "Q56ZAE6UfOO8t4LfTJKv8_dPLNyv46-qqcAdNo3QUIdo", + "type": 16, + "file": "pyyaml-6.0.2/tests/legacy_tests/test_yaml_ext.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590918", + "type": "pypi", + "name": "pyyaml", + "files": "QD-D6gQMMb7YDMipk3T2y8yRMaf5xe7GPyx5BvwN9ASc", + "version": "6.0.2", + "artifact_id": "cp310-cp310-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 620954, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QDS4S99eNAGQ1gApkSckambkjhItp8ozbvgHCitKf8fg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-darwin.so" + } + }, + { + "key": "QQe0Lrrb0UcNiuINZwaQyvYLyjKonn6DMWvjAefDQOmQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QYr_PvVLmDQErT2o8DfAAl9X2_JpDeqEClbN49weXPIA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590919", + "type": "pypi", + "name": "pyyaml", + "files": "Q9BVu_SMFV4sMoqQwTnOp4mUREOiTvy1OPBAPNDRYJy4", + "version": "6.0.2", + "artifact_id": "cp310-cp310-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 583105, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QDS4S99eNAGQ1gApkSckambkjhItp8ozbvgHCitKf8fg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-darwin.so" + } + }, + { + "key": "QwOC6yTIAuCKzw19jvi4C3jdQpu67g5H-2FqWU3R18S8", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QI7GwVV7-7qGGVWr-eVa-REk_fLAaLlw1EWKJ4Yv5QZ8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590920", + "type": "pypi", + "name": "pyyaml", + "files": "QJyYgas1g4_7Diu8FgnGO_TLah75PbSIXdcQmzGVGrIw", + "version": "6.0.2", + "artifact_id": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2608441, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QlYCTyWwJAKur2-qUEsyp1QrM0NGA-OztU6035VRTnC4", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q6Wn-AKWDqiAZzQP96yPBKMQxv5lajHxi8pSxw_Uy5Bw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QA1L4UQV3KBLnp6eu9QCrhZ-ofZTTeFF2oxLdHwQOQzY", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590921", + "type": "pypi", + "name": "pyyaml", + "files": "Qxg6meOG0UkPeG3klfG5JcnmmfKFO5Rdfezp0LFLGMN4", + "version": "6.0.2", + "artifact_id": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2488283, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QpxLO_ammTMGr17E95tVe3XlgyxqxRNHlVe_nlVhqq8Q", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QVBh6AH1zchW7zcOBHu_cuA0S16PhZJhZrqRU4qDqY54", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q2CCByU4B9dGRsNuGbq0JPsjS7vTYRNBkItsiZa_djHE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590922", + "type": "pypi", + "name": "pyyaml", + "files": "QEQ6XlPPRumsDOshZ7FGtk45xMVZ5ryQ8bna7QB2qXwU", + "version": "6.0.2", + "artifact_id": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2607710, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qr4rOVcMp49OGxIx8RNbTDJfntqpuQzhG0mivNQLbEoI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0lXXLH5nA6FsuZa1uUvWQOyoQG-3T69W7GuHfAdoumI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QfBfeGj_KX6IS8w85Oy8xxRLnxTNBFyt1fWHOB2wbVNQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590923", + "type": "pypi", + "name": "pyyaml", + "files": "QTueHTgGitXFXWEzbdnkD-KclQo9Qqgrxk9kiZS4E1kM", + "version": "6.0.2", + "artifact_id": "cp310-cp310-musllinux-1-1-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2486761, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QlYCTyWwJAKur2-qUEsyp1QrM0NGA-OztU6035VRTnC4", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QoL_MiDVHNER0bmySYKweIAA_4bS_ua-wqL6ZqjEkiMk", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QYO_NHc-wMSDUkCk-JH4VMmik_k8rUkNrW07eybVuI-M", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590924", + "type": "pypi", + "name": "pyyaml", + "files": "Qf3ESzdXVR2JlVuIt54NaHDv9i-dBmy6hDv4JPGMQXVk", + "version": "6.0.2", + "artifact_id": "cp310-cp310-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2520375, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qr4rOVcMp49OGxIx8RNbTDJfntqpuQzhG0mivNQLbEoI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_RbDW4TLdL2uWpFD_2fGQXOObP_xE1fizgduq5lWOzk", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QvsokBIVkXn-w0rxlhKsHHL4DV4vQDoGe8sGikYmRpgo", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590925", + "type": "pypi", + "name": "pyyaml", + "files": "QrmFfZqja7FDnP6DkBl7BTnBDfroLllDRFiBz8PHq58A", + "version": "6.0.2", + "artifact_id": "cp310-cp310-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 495877, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QDd58VZj3VZmIDbtyRCkc9eAL9Oy0xI-rqaGJNnOzWVw", + "type": 25, + "props": { + "source": "yaml/_yaml.cp310-win_amd64.pyd" + } + }, + { + "key": "QC34rAA_pNb9r-iPGulXSQ5urQtf0L2KIF3aWvgX-HtI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qgtjk6D-R2axUUyeedhHo5eh2xNpy1QogYUBj3VlGNCo", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590926", + "type": "pypi", + "name": "pyyaml", + "files": "QMADK2XZWaPs5G3dSpvFaRgqePuR9rpk2UczPOup84fY", + "version": "6.0.2", + "artifact_id": "cp310-cp310-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 454908, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qw7C-oz5rQ02tk8xrBwooI3EQkJqUol6u4zZ4Hwpag1A", + "type": 25, + "props": { + "source": "yaml/_yaml.cp310-win32.pyd" + } + }, + { + "key": "QYQ8CEMUdWcYC9Ha_1zQjBqXhGFVbsbzfTpOCegdqe1g", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q7soBBGrNVPoRVO5iFLr7bc1RaNz9u8iYsb1Q6F7Nikw", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590927", + "type": "pypi", + "name": "pyyaml", + "files": "QtdpQROwhZSN_75C6fpj1UeUO1kiq351iel5iWCPoWcE", + "version": "6.0.2", + "artifact_id": "cp311-cp311-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 621098, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q6QvHQWYiZC2JKDigAFumy5R66KOJLdGrqgZm7JFhI4c", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-darwin.so" + } + }, + { + "key": "QhbWtWJr5pI7yyufNJW-6-ROm96qLGRY6grU0FiWjxq4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q2iqCfCmEIObERWkGkNgq3i3iqGLvNaFdh0Q46Jc_8PY", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590928", + "type": "pypi", + "name": "pyyaml", + "files": "QCZLnaJ0N_9_tDzi8AFg1eOZ6oDOU5cgnZn0DPP2KAu4", + "version": "6.0.2", + "artifact_id": "cp311-cp311-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 583265, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q6QvHQWYiZC2JKDigAFumy5R66KOJLdGrqgZm7JFhI4c", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-darwin.so" + } + }, + { + "key": "Q1L7Ns-znb7OuYgDA-00SCd_zRlTFkbuc9WVkCcfkfN0", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QDMoWMD56si_OsLQhGn8SABzmZoU6dSWidClmLLbJ1SQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590929", + "type": "pypi", + "name": "pyyaml", + "files": "Qdb3owU8EsKmCwj2VJZBinopx9_29e1IZConcuC2NiiM", + "version": "6.0.2", + "artifact_id": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2666689, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QEGPIancHo6YTOeLKQIBGUJuI33965LTjk5q7nXfPQUA", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QSg1NAFe37qIrDwH4fevYQOcn2HYFPr-oaBDLAbJHtig", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QM1gEc4EEw0w_DTyjhJ56Cfc7bm7Bg_lN9Apwmeem4Iw", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590930", + "type": "pypi", + "name": "pyyaml", + "files": "QKz3U1f57Zy58V_IMPgiUbAId3Cacn3h1FprN-_RrS8I", + "version": "6.0.2", + "artifact_id": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2714883, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q_8DfotRO1Yd_dmm9x1bbEun8GaMbiNndIYpqgzzJpN0", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QzbYpNII9wjl_wIbXN6thRTj9fAOdlInaEqYK-hnMWrs", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qc7eoInqEkNQF2eW8otUGi7Uki7ws197GEpuaTkQMe4k", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590931", + "type": "pypi", + "name": "pyyaml", + "files": "QPwq9tqvwUqzeI7brKS-Hos4k1zC0LGCXdcXHvUn5oEI", + "version": "6.0.2", + "artifact_id": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2690166, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QmC8PqcqeYnZE1uu0sIOMicOxM8PlYkySUKH2R2lWkeQ", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Ql7lLF7hhBGArzMr8Cxspf6e3lGU2QgrmOW_ZUWEwSxQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QFvLoSbigyNC_erjXrp_djMTwkcEsNoFgK0D8auo0KnA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590932", + "type": "pypi", + "name": "pyyaml", + "files": "QCnufPD1uh0gPAf5HCXCg7PqSrc5Y5VU-4dvMdJd7uDk", + "version": "6.0.2", + "artifact_id": "cp311-cp311-musllinux-1-1-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2685450, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QPDESETooSq9o1FW0K2nCNDqNQk2DL74UwVKFUjdvaq4", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QmUTvAsT0z0PiNZdMZAxhRpQJW-PC8uIhVER7NnbEeBo", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q-EEno1UA2xYyvpJu37cMx3luFwce0e9wErqkMTM1Zj8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590933", + "type": "pypi", + "name": "pyyaml", + "files": "QepPFGc7ZyrEe6XRhN259-3R1kOdZ1kt8vM06xQV0t6E", + "version": "6.0.2", + "artifact_id": "cp311-cp311-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2695000, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QONqRskzn1vJMMYsbyLvL98FpLOMiEldrS2mJQMDAajI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qmycf2ItKuLVh76Ns6BrlW14CctgAfG6srwoL9KaGl_Q", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QtQ_8ggtBVNrqd7CcENgWMgExzlFe2fwd7-4PtBHf2V8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590934", + "type": "pypi", + "name": "pyyaml", + "files": "Q5-MoDaz4bwWDuOmrhNr12KWkxOT4A65BjcrRfra-6UM", + "version": "6.0.2", + "artifact_id": "cp311-cp311-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 496389, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q3dgXO-TUWsJV7zV4Nqk4wQDJtYdRVMhisiNq1EIsOfE", + "type": 25, + "props": { + "source": "yaml/_yaml.cp311-win_amd64.pyd" + } + }, + { + "key": "Q5HUvY-Wdos5AZ78ZuvobzDPDROWo-srIqcwncobg8Mc", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QaZjV32DfVBRbz9SOqrCr2KdGL3qdC0kpEPWZVV8-wfk", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590935", + "type": "pypi", + "name": "pyyaml", + "files": "Q3ZoD8Ty_ppvBKW-nSu7ir_6KWDCDhtJqtyLL_kqRwsI", + "version": "6.0.2", + "artifact_id": "cp311-cp311-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 454396, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QFtRVw154w6A3xrYwfkGqkv6R8-F8oi-21pDS36WdTpU", + "type": 25, + "props": { + "source": "yaml/_yaml.cp311-win32.pyd" + } + }, + { + "key": "QXXkAJKRjnplZOmx7OUcKCQOhKS5Jx9Q43KNXzSP9TG0", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QAkGc1IoeS8oGvnk0JwePMz3jXY8ON3osuSgoMM89NPA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590936", + "type": "pypi", + "name": "pyyaml", + "files": "Q5a8FJzS13yXq5ITUuNvsgEnycPwT8mlv5Szkfrn0bXY", + "version": "6.0.2", + "artifact_id": "cp312-cp312-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 615898, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qarvron1Ilvv3tPX1k0ZM3-79P9y99JkOSr8rPiv1hEM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-darwin.so" + } + }, + { + "key": "QiA86X0SjIO-QRmgOw-1mt1wW7Wvi0A9ZC1flQt_m7-w", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QS42TSUWQFQqLZfS0DiDRKaekSClzd0xoTzvBU8g5734", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590937", + "type": "pypi", + "name": "pyyaml", + "files": "QzZvmGBSGdBSbPHqmzZ6tB5RahkdmDNTW8uBa-jcguHM", + "version": "6.0.2", + "artifact_id": "cp312-cp312-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 599649, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qarvron1Ilvv3tPX1k0ZM3-79P9y99JkOSr8rPiv1hEM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-darwin.so" + } + }, + { + "key": "QEvKoW_eeRcDCbAnsybpvcmvFrcMzAC40SKHtOu3pPzk", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QcAGJLcXarR_MyavY8trMJLByPnbmQjAYdI02aD0VoyA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590938", + "type": "pypi", + "name": "pyyaml", + "files": "QuZdY4WzKqykZznn3Ed_Itq-Ob_YOOQcwrE9i9NYahe8", + "version": "6.0.2", + "artifact_id": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2681017, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q2Yn-GhR51srj3A_UHahZOTCwc5Jm4riyudJQPUUb3UA", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q4wwGci0WLQrw5i3bpVHfHVBKrws_oYMJJ874oxyBhnk", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QysLTa71kQxgBP4iIsZiNsT1hfr3KB2neGvBHps0aLKE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590939", + "type": "pypi", + "name": "pyyaml", + "files": "QmsJ-B4tI-oW4939su0CCdCY-h5VZUa5kbjOOZO8xV6k", + "version": "6.0.2", + "artifact_id": "cp312-cp312-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2714691, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QHYwTxy8SM8hfwC9WVfyL3V0t_NiahUSkRu5M-EztE7M", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QoeCcu_YfXy0N8mj9h-m16e97-934fm-iQrRTXXXkKug", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QRjyUns6Hb6U_DkTR0Ws4lHkIXNvjGMdYPVMUU75WuD4", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590940", + "type": "pypi", + "name": "pyyaml", + "files": "QUTW_A44ghF1Sbmyln1skbw-1NTv9X_7auwrUi8l7jSI", + "version": "6.0.2", + "artifact_id": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2705830, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QYUgKTaqnZrupAgvv-ayUWrZ4D7wuuxfmQde8JzxVHac", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QSWYW7IRruGkLcchYWG_VLnkqRZywQCnM3L7A3e8Fi8E", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q4aajiBfVDyD8WWT9HRtFVEMH0TWTUpep72CSFlWDswY", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590941", + "type": "pypi", + "name": "pyyaml", + "files": "QEGGf2i0LfaRPbtaQ8Vb9MGVcHmzPpBKNzsopiuov3xE", + "version": "6.0.2", + "artifact_id": "cp312-cp312-musllinux-1-1-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2640258, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QASWhUu6-zwC66vlfTGZ13dbDqakZNN0czb9nB0AXm7Y", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Qj402lIABg9RZiNuMbXeKOoeXmhJ12BYxEep4Fhp_wrE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QJXNiV7qvg43skB7eFgyVmDf9Zv1sRUT7J8bVUfD6Hek", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590942", + "type": "pypi", + "name": "pyyaml", + "files": "QM-rz9jMxM4JBC06gaIjDrIFAtvSe6XzoiPWK0ftuaoE", + "version": "6.0.2", + "artifact_id": "cp312-cp312-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2678760, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q4H8eQ0jzasAoUBrPOl0_LtUP9pcFgRsz6G1yInrWRws", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qdo5nnLZzXv_RBPsVHoZP08F3qq3SmigHYj8ZDEXRbDU", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QpEMxEHL7XZWH2fCq4f4p5v_ToXob-w8oCUudpJXX66o", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590943", + "type": "pypi", + "name": "pyyaml", + "files": "QHit747266mijytDb2gHFdIHhhIZMtSVErLlohl5pf04", + "version": "6.0.2", + "artifact_id": "cp312-cp312-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 487685, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QyCbnT3dUp2L2N-aJb5C-nB6fn4xmX1DGz2MccEpkIX4", + "type": 25, + "props": { + "source": "yaml/_yaml.cp312-win_amd64.pyd" + } + }, + { + "key": "QQo_v-yr7nODLU9lkHN_L1jctWPjyeRoZZGH0uwb6uRw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QVFNNS6QieQ8QqwP_kvj614rLSyy9owGYXga1KZyJVt0", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590944", + "type": "pypi", + "name": "pyyaml", + "files": "Qh6L9jw8-Znj-kkftV_RLEndZrZCewtv6jyXrRjNydi0", + "version": "6.0.2", + "artifact_id": "cp312-cp312-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 461052, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q-ZFpaqCc1i2a4WDWBenaNgCAO-92xDBOPPzJzheimh4", + "type": 25, + "props": { + "source": "yaml/_yaml.cp312-win32.pyd" + } + }, + { + "key": "QoRRkftXvvb4rTi30QEuSUC83Lpye5tCXKkBVxY9vC3E", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qhlgn3MCsYpPAX7JHVAZSmfLs3D_iHK_-2Xw_qRLprZw", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590945", + "type": "pypi", + "name": "pyyaml", + "files": "Q7jfcjHWJnmpTc8HvK5PoU2jxDPkJSNCKO0mGKT2EYbg", + "version": "6.0.2", + "artifact_id": "cp313-cp313-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 599091, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q9KP_1pY0B34ohMP-lKNDu5LcKM8rNXj9XTA576TC7lE", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-darwin.so" + } + }, + { + "key": "Qu-xnDG_7pRRkVRNtgAV51coYX4maIWJmCQjm9J5uzk4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QzPXAc6QBmVISrSHZL1v6q1Ggwb81i-Wvyb06ZPEH5ZI", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590946", + "type": "pypi", + "name": "pyyaml", + "files": "Q-qnJWoizfJOPYsCOImrdcMTco0Cgb-_lwreGf5LD0eQ", + "version": "6.0.2", + "artifact_id": "cp313-cp313-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 582721, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q9KP_1pY0B34ohMP-lKNDu5LcKM8rNXj9XTA576TC7lE", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-darwin.so" + } + }, + { + "key": "Q7VHtTr8B4il97Dx2NC3-s8MxpoJiYfsVuZiowu-mExo", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QdFJykH8g9pV5tzGfnjM_bHEZIYSFGfNnxi5TF8HP3y8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590947", + "type": "pypi", + "name": "pyyaml", + "files": "QR-knZUnJtJboTthbHvzpPS0k4X4hSReYXIz0s5MEaOE", + "version": "6.0.2", + "artifact_id": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2656769, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QLXnQ2MObNmDfbGhSmSvyKe6A3fR7NelgHbnNjygn0A8", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qg32ohHR3DWBiyVqE2NTWnvpGTW72h2XtJpIQMSdynqw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QUyprmMUa8ISxFG6erUKaWf1aHo_O49sHTEU9sp2kbgI", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590948", + "type": "pypi", + "name": "pyyaml", + "files": "QGoVjKw8jvST7bBKCkF-w57rPo4sZtfHwTDtT01ND0E0", + "version": "6.0.2", + "artifact_id": "cp313-cp313-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2705211, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q3tdoB5q4PBmUbtFYRVledWDleP4Y65jsJHUI4-ZqaZo", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QID3dncZGnsHRYwVmzVuXPEzYYL26uJPMr3hAY7NsuRs", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QWwix-8mDkqjC1MnaSGk1IkyfgQPFJtHlFM0hKHBGzh4", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590949", + "type": "pypi", + "name": "pyyaml", + "files": "QghQy1QS0CsB753smfhWg_lbydqFAwYbbUftE5838Zw8", + "version": "6.0.2", + "artifact_id": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2672518, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q1GsMdZQpn9800pb-tyrWM5ypj7QjspTfcMssS90m_JY", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QpIzVi8R0gHBONBr_m31adSDOJyoLG1a83_QXUV2o8i8", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QFGPW1afVIa7f9BEC7xb4OEiYSzRHl2IQMZSomVspS_w", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590950", + "type": "pypi", + "name": "pyyaml", + "files": "Qri2prT7AxYvp3QqL7FHE3qZyg-amP8LbaVHy7kzowdo", + "version": "6.0.2", + "artifact_id": "cp313-cp313-musllinux-1-1-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2623178, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QfUFYkG7j-m7DYSaEefVqexcC2nDu3_wFB7EqiHkk9eA", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QiRa6DHsMe3xRZE7PVEbM8i8ADkInretg019PFteAo3M", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QQZmNJuBZ82y1CVbsOuhm59DyjK2vrg2yW7nWj7Ee64Y", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590951", + "type": "pypi", + "name": "pyyaml", + "files": "QRfAydSPcSgU1zimCaoKABegvoV66KfVfAUhNOxVAQW0", + "version": "6.0.2", + "artifact_id": "cp313-cp313-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2660144, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QJQsmWpLtEPMARYROatBWWhxSoscLhSwcGA5rDpYmkjI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q9U88LJvigL1fcjZBlUIt8Ylukjsqcnnk24QArPfIJMQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QAS1Ke5ovOn-gC3gyL668FB7PL60Uc86RRuFM4pvhmbI", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590952", + "type": "pypi", + "name": "pyyaml", + "files": "Q41yqruEJBTNTWA4d3DaFEkQHnkXnYq3UdF_GmbeAhSc", + "version": "6.0.2", + "artifact_id": "cp313-cp313-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 487685, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QOE7LKct9ZYh0iwQ3Cnx9q1ZRAZOmxtiyIGqOd_u8yUA", + "type": 25, + "props": { + "source": "yaml/_yaml.cp313-win_amd64.pyd" + } + }, + { + "key": "QqIIfMdTKgIz31rqgLf-tYsTkV7ZjBfKCTbtyMBgW01Y", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QoFq0PEzgKt_hSHIKCjlx10bM-q0GH28S2F-E2qaxV7g", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590953", + "type": "pypi", + "name": "pyyaml", + "files": "QJfGkDcOrjTT-3iuPd0Cx5BUtmnObwrEMqrCyKzPKiZA", + "version": "6.0.2", + "artifact_id": "cp313-cp313-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 461052, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q_XUshf1v2EYETcN2Tl-FMYkXZGBSvO7Yri-M7dA5YbA", + "type": 25, + "props": { + "source": "yaml/_yaml.cp313-win32.pyd" + } + }, + { + "key": "Q44MlXBwnOz8_e8o5DWWyae-7mDLMfZh3dmidOWU2UVs", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QZ8Bu6QPttXogRIiwdl3uvoeMz7JP4uLvuvlvH2Kd__0", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590954", + "type": "pypi", + "name": "pyyaml", + "files": "QljC-Bu10Bv2T6ZbGEr34uKFabHYQhM8VFSL7Bz1IZbI", + "version": "6.0.2", + "artifact_id": "cp38-cp38-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 604647, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QBZx98GrjNUj87g_CIr_CW_IUSFmhkR9NrxRHu-OciVk", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-darwin.so" + } + }, + { + "key": "QbswxZpOBk0OFl1CPh2t0kT9rjxqyrtsgvOgjdqA89YA", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QmB7RBGF2yhsM9RmGquw-3RpCqu_H5osLSN3hdKKC6jg", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590955", + "type": "pypi", + "name": "pyyaml", + "files": "Q75LDhIKOVFNACMW0gxQLhxYx6WrBYk1R6Gp79jWoubE", + "version": "6.0.2", + "artifact_id": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2622740, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QnOMnyUdA4lp3wy__22o_tncKFJP1D5BKpaT5uRNKvYI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Q9RlrLuoDAaJS4IiH8sMOaI9CI7pzOEc9_4K9Nc8lOkw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q5Hcr290qHUcdjdy2llD_-Q5f65_MDh_7n5MdKKWxtLM", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590956", + "type": "pypi", + "name": "pyyaml", + "files": "QnNM9wAqtCxE2jJ9KNQ2-JvZxDfwmC8hme3eqDBok5d8", + "version": "6.0.2", + "artifact_id": "cp38-cp38-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2680670, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QObUhJUB6U1qVvLey4aqEPGSo0jCO3YfHlJBZzToCHXE", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-s390x-linux-gnu.so" + } + }, + { + "key": "QtpO3wIge5elDVNAjo_i9-6j7Q-UtTwPv3SWHQOyaJbs", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QQH15AYmNmCgErs4aGOV4GDJzQMPZCKdMsBnR2e90Z3M", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590957", + "type": "pypi", + "name": "pyyaml", + "files": "QBtWbq-LwlIV47oaUMpFs9QBhVtL5tULshVIPXqPHr2g", + "version": "6.0.2", + "artifact_id": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2649977, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QqYWrs5XAjfKTI3OHJLL1TVF3m4f-v0MlS3a6uqTq8J8", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_qCnhFcJD7qdomNTQhbQQC7_5QyaYrpX9LfW_BNIe1Y", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q47p8hs3Qq26jb1_YZnQAf4yk0_p8otBt35LiEYtxmLU", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590958", + "type": "pypi", + "name": "pyyaml", + "files": "QiQBVtEzB7pFJ8VNWuBKg3R_NvpTVGJSPfcP-qrLwZGE", + "version": "6.0.2", + "artifact_id": "cp38-cp38-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 3674796, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QqYWrs5XAjfKTI3OHJLL1TVF3m4f-v0MlS3a6uqTq8J8", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q59w9myqaE6N1Os0cNCD3_K8d77idHgpAptfBYG6Wdm4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QCos6Wud-V71SDkMyKSeBOE2oMEgahaXeyuD-hiIWYss", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590959", + "type": "pypi", + "name": "pyyaml", + "files": "QgNb2PzTmv7trh8-U2FRPWjfmuFDdyz1ZG8aiqtVct8U", + "version": "6.0.2", + "artifact_id": "cp38-cp38-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 495362, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QtfuB7EUlW_dTFCPqDEzx2EkIs73gia9z4ftyOIsRXhQ", + "type": 25, + "props": { + "source": "yaml/_yaml.cp38-win_amd64.pyd" + } + }, + { + "key": "QCDZzQLPhkjubKr3DZ_S2q9DVv6htyMBskj-fDxY5c74", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QTPwMzmCLcKLl_bSRvnThFVJ4E1Oh8sZDDWmvd4766XA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590960", + "type": "pypi", + "name": "pyyaml", + "files": "Qv-P6C1x-qyVt1fIa7N31cIp6xpImtROObbJKeXhcXpE", + "version": "6.0.2", + "artifact_id": "cp38-cp38-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 458489, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QOWAUxMn4LKpK0KCKqWFLa_FMO8ZuzBNLl2GV8UMgzyw", + "type": 25, + "props": { + "source": "yaml/_yaml.cp38-win32.pyd" + } + }, + { + "key": "QhPejTQX-e0Vjl7i7h83qjno6CmpUpKlgoVwJAKRqkgw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QrXuHFJgBMTIS4-7r6H8r-ztmUzesBufSG27KhRZccgo", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590961", + "type": "pypi", + "name": "pyyaml", + "files": "QP9mfjH2nCb-eirvBIXb96LRC6uiwGhI-r5Upl_zqkt4", + "version": "6.0.2", + "artifact_id": "cp39-cp39-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 621007, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q31L4S0TMRpKd-Bif7qpZe7pcQ4cO-bfI_NRdKxD736E", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-darwin.so" + } + }, + { + "key": "QOxtAVuZZlET_FVlru11mg8Jw9CE_Hy11nMaupTxulfg", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QjYj2lHzS-DlMwD2fjz8guEOWlU4yKvvldxAKI_DR-lQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590962", + "type": "pypi", + "name": "pyyaml", + "files": "QqiWvwSwUmOzkkX7l1jCC1aMPWCjxzOeypdLLZTedy4o", + "version": "6.0.2", + "artifact_id": "cp39-cp39-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 583166, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q31L4S0TMRpKd-Bif7qpZe7pcQ4cO-bfI_NRdKxD736E", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-darwin.so" + } + }, + { + "key": "QXXLmBhotpgx3f93CtBcV0KaVzBMr44stsjfzzZnDuOY", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q3oeuK_tDvdt_Y7b8eLtoela56twIrH-94YH3raqaMD4", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590963", + "type": "pypi", + "name": "pyyaml", + "files": "QhUNgu6-PkZlSCiDktwnnQwZNGxeTmxJ-RLVqw6XfV2k", + "version": "6.0.2", + "artifact_id": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2615388, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QB7uo-P6vgWiYCGp6zwRniVH9_wI7e-C9fE49OpBlMro", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIm-cAQ409IMBnmqKECxlsMDqGa3X3sK8w_T7OfMu_jQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QT5ggxIb6bjF_gFh5WC7JE_bRT5fAQODTo_IEgFEaEf0", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590964", + "type": "pypi", + "name": "pyyaml", + "files": "QVWKaqzQIJ1oc-SO7GsNU_0KsGnFiyf4EqmNhXxJzE_c", + "version": "6.0.2", + "artifact_id": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2495574, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QdIApTkmhRW1I5VqTsQ-76RofYj29tfOrDBCoqCk2qxM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Qj6MLGIqo0MnhwrowUZ-kFJtlT3xbEF_jblyzAEuhAjY", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QZ4maIInM1_icE3SlhGDp_EGKAcrzLLnOgWQNU-5kxCk", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590965", + "type": "pypi", + "name": "pyyaml", + "files": "QMqsiEYzJbJv0URHawF6X6EfSUzPyvnBqWxbflNHKI_c", + "version": "6.0.2", + "artifact_id": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2571817, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QSzZubtcORtOCb-rIugOEv0Wvg2W1wOLOCLfU3MI-Qtg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnj26cKxv1O5hXZKmAW26Mo3y0Jfo94SKxoZnFVndfQI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QOLwM5PSPwLD6zAu6HzWmg8tvR4xpoV5uYImAIN32vEE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590966", + "type": "pypi", + "name": "pyyaml", + "files": "QAnkGlY0sDN7uEn11Psq1CLhZD-36ARoa99GZKxm4z1s", + "version": "6.0.2", + "artifact_id": "cp39-cp39-musllinux-1-1-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2494238, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QB7uo-P6vgWiYCGp6zwRniVH9_wI7e-C9fE49OpBlMro", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QBX_oEMIn_MXWKIl62BuVU2eANBlKh6wAB2eoNgz6xJg", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q01KSq6bJsUr-gmezaqvgBni9QDzyi_nGdSUN2aOGUGk", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590967", + "type": "pypi", + "name": "pyyaml", + "files": "Qc2PmPk5GG86rye2K7PP8Ll1ovRzK-r5eLkuqe9JQr0c", + "version": "6.0.2", + "artifact_id": "cp39-cp39-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2527172, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QSzZubtcORtOCb-rIugOEv0Wvg2W1wOLOCLfU3MI-Qtg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QCLvZmlkS7TdUFnnt3PNZdrcXoQBjKp7F9PmlAJReMg0", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QqTp6YvvC1nLW6_0Llo69x3LUf-O3vdCF8g7WsG4TlFc", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590968", + "type": "pypi", + "name": "pyyaml", + "files": "QO-WCDdMlP2Phq-alUsU3nF9pKspERbeAqwxfIAwv794", + "version": "6.0.2", + "artifact_id": "cp39-cp39-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 496898, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QlLyPbJLTHUcRpvwGgbKl0XxEqcNW_DWd8_3bcoJOUaI", + "type": 25, + "props": { + "source": "yaml/_yaml.cp39-win_amd64.pyd" + } + }, + { + "key": "Q1EwEc5jhf8fuyTYg6PCFku4bPaKcd7-d984FqJ2AGp4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QALgwgXDasR37nAGnDYCbOoZOijLIhIGzlORxon936Y8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "added", + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15847590969", + "type": "pypi", + "name": "pyyaml", + "files": "QnsJWri-ysoCbiI8SgLK4UWwb67WRz7mzUM7P8Jc87JI", + "version": "6.0.2", + "artifact_id": "cp39-cp39-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 455929, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QoFmATbSxRToQiXZIUDlXF9wj2lBLby6NfK75Sbgkokc", + "type": 25, + "props": { + "source": "yaml/_yaml.cp39-win32.pyd" + } + }, + { + "key": "QhyM8GcY-oGV-0OmaOKnFXEU0OjdgoXPNDCQjY7tIuwE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QZu26xU93g7aJV1eMArJY7mdPcDOiNy4xXBKTblgk-Q4", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + } + ], + "removed": [ + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26356", + "type": "pypi", + "name": "pyyaml", + "files": "QjR-joFBiYKxD2f3JeDMra-15ITwi7yP705DdRatvSVs", + "version": "6.0.1", + "artifact_id": "cp310-cp310-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 652736, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QDS4S99eNAGQ1gApkSckambkjhItp8ozbvgHCitKf8fg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-darwin.so" + } + }, + { + "key": "QJd-qUquaZxlEzl_oTHCCxdwA2GFZiwLZ-XESP9kYegE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QHzuPXtQt6EtGaQqxrkiXEVgWdWFCwFDOvlm4trRcj-M", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26357", + "type": "pypi", + "name": "pyyaml", + "files": "Q_rs_MpuVaAC3jW1gbr678fEHO2Un6_CxlY8AVVymG18", + "version": "6.0.1", + "artifact_id": "cp310-cp310-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 585823, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QDS4S99eNAGQ1gApkSckambkjhItp8ozbvgHCitKf8fg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-darwin.so" + } + }, + { + "key": "QpJGj6OSrQtaGWed7HQSgJJBrPBT0ICbYsN_fV-9GsVQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QidZYIVZDZoEwPQY0JyhSx7KSu6Dzq-mEtGshHoCPRHs", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26358", + "type": "pypi", + "name": "pyyaml", + "files": "QsquC0LDPl2KI5ZS0ul7Q1zL0MIC0OWn2NgK534l1vYo", + "version": "6.0.1", + "artifact_id": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2454839, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QlYCTyWwJAKur2-qUEsyp1QrM0NGA-OztU6035VRTnC4", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q0bsId-6DebFl3zljRMUQ4EyPyR3ceuw16_Djqr90a8g", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QPCoRciwZLyfdd93yVB_1HvWAZpSsYYvuH0ELqrZWaSQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26359", + "type": "pypi", + "name": "pyyaml", + "files": "QPudKu65G4sSmLXmTjmbJL3Nvpap4Qv8vYoksfuMRcPo", + "version": "6.0.1", + "artifact_id": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2425153, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QpxLO_ammTMGr17E95tVe3XlgyxqxRNHlVe_nlVhqq8Q", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QsrpVbwpUfpJ_hstfuO2YThQySvB0YVP_BpknI6wsYAQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q01ii5ggMX8QALQnG0rpqWuR0pl3_0Ql8lj7JWKSz8vk", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26360", + "type": "pypi", + "name": "pyyaml", + "files": "QGluIQteOFNWiUd9U8iBbo7fDONeGd3TYjBeU9VuSitI", + "version": "6.0.1", + "artifact_id": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2450044, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qr4rOVcMp49OGxIx8RNbTDJfntqpuQzhG0mivNQLbEoI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDbb213lFKb7Zt27R2Ysx46Y1E_VEJhGz2virEcL4Seg", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QYzzn3C9Gd78wmTqKUqw21HJsLbgtSLt5wWZIDOdxXqE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26361", + "type": "pypi", + "name": "pyyaml", + "files": "Q5Aq-p5PHsy2aDkMgk5ba4nnuGrgc_Ch6RwLcTkQAB1c", + "version": "6.0.1", + "artifact_id": "cp310-cp310-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2526973, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qr4rOVcMp49OGxIx8RNbTDJfntqpuQzhG0mivNQLbEoI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7BVGVHd7j0GLwFdJJNsI9k1Dw2cMocJP5I8s-nVeyDM", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qyvmj4IdeFQ8H0WeuLTmfvd_98JsticdiQswOD0gJDJw", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26362", + "type": "pypi", + "name": "pyyaml", + "files": "Qycbzindt2nBynwGc41zkd6mpCOaxT5B92phCffuxg9A", + "version": "6.0.1", + "artifact_id": "cp310-cp310-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 459011, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QDd58VZj3VZmIDbtyRCkc9eAL9Oy0xI-rqaGJNnOzWVw", + "type": 25, + "props": { + "source": "yaml/_yaml.cp310-win_amd64.pyd" + } + }, + { + "key": "QfA7DE1XNej7wwy8a4BSY3_N8kVOwfkmlqiwpAi5u0_A", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QIQzHRj4sYq8vHaQGov7-S9BpGulWTl4WW3ckV542czA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26363", + "type": "pypi", + "name": "pyyaml", + "files": "QDkme4gjnuEKdKFalcTE1zIvtfzDFmzM5X58TuSXBlqs", + "version": "6.0.1", + "artifact_id": "cp310-cp310-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 421626, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qw7C-oz5rQ02tk8xrBwooI3EQkJqUol6u4zZ4Hwpag1A", + "type": 25, + "props": { + "source": "yaml/_yaml.cp310-win32.pyd" + } + }, + { + "key": "Q9NRSmVdBpAl6gHdpBcCIKYMhr4XVIUn4IG5twX_kLk4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QqG8CjQ6cb117GpWFhFO3Eool7t8MMmwb-jjan7NeOR8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26364", + "type": "pypi", + "name": "pyyaml", + "files": "Q0XUmA3SPCx-bNU3MInUKTNkIqSjwiLN6DBYw22wY8eY", + "version": "6.0.1", + "artifact_id": "cp311-cp311-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 653456, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q6QvHQWYiZC2JKDigAFumy5R66KOJLdGrqgZm7JFhI4c", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-darwin.so" + } + }, + { + "key": "QMvXmkl8b2_Xs1phkr0as5oxWd6VNlmhTjqknLkRI5g4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QfwdwWug5OzOIBwN4G_l2hYwvEcKWxAWxuN_wGNCqQhE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26365", + "type": "pypi", + "name": "pyyaml", + "files": "QCKkR-Ctl_Lk3OfaXMmS8qSS7bGQH6qwLS6MCm-zQqwI", + "version": "6.0.1", + "artifact_id": "cp311-cp311-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 585999, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q6QvHQWYiZC2JKDigAFumy5R66KOJLdGrqgZm7JFhI4c", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-darwin.so" + } + }, + { + "key": "QW1OuAbSJCqjcg_ic89mYy75DQ_Imt-GNE3Qz_ehk96s", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qy1q9nPrn-gO8gq75MIb5vsJ-eLiD1hc2IN45cVnKKA8", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26366", + "type": "pypi", + "name": "pyyaml", + "files": "QjBIool3EdtJxvI9LgRfzr0K791t8yOhCIr2t9JlVXVI", + "version": "6.0.1", + "artifact_id": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2743879, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QEGPIancHo6YTOeLKQIBGUJuI33965LTjk5q7nXfPQUA", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QoNHoScLkGNE6U5PqkvhpyLzY1-pL2lDSjTSIixaQFwM", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QrDXrwxSNPtoLzvb8DJW6CdnXYUZ-5oEJg9GZbtN3J8U", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26367", + "type": "pypi", + "name": "pyyaml", + "files": "QY6ZDmD_yzQgFNWcgZk_-5G4U5FZI2NK5SnKVRov571Q", + "version": "6.0.1", + "artifact_id": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2712345, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q_8DfotRO1Yd_dmm9x1bbEun8GaMbiNndIYpqgzzJpN0", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "Q-5Gtz-LN5BSkPHkXotMbE3earS5dIL3tNvaWfJDecmI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QKHNIOsOqnDDquWnRj46nGNkhhZvd1AnUO-A2ZgaSVmM", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26368", + "type": "pypi", + "name": "pyyaml", + "files": "QQvTk7m5ppcCEj9-6nVUnBQJg69-Vihdh6PhTgn_UCv0", + "version": "6.0.1", + "artifact_id": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2728164, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QmC8PqcqeYnZE1uu0sIOMicOxM8PlYkySUKH2R2lWkeQ", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QfohRG7tLmwmaDr02-sHv0TzuQ_ptnAtMQdr4QkhAJ0E", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QbngRhttznIzshbNnoEklliJYH4YLTWwssjNf7UALjfE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26369", + "type": "pypi", + "name": "pyyaml", + "files": "QB3Ii2_pYwO9SFZ7M2RehWY-RYisq4mVC9AwplU1pPEU", + "version": "6.0.1", + "artifact_id": "cp311-cp311-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2747662, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QONqRskzn1vJMMYsbyLvL98FpLOMiEldrS2mJQMDAajI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qw6fEQVE5jqzrqMtVuGEs5EOytxZUG5lFlL_1ucgWuD4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QZ6-LXvjbsTLj3r5vwHiUxZt91JQY4qsoyiMqWF5Ufnk", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26370", + "type": "pypi", + "name": "pyyaml", + "files": "Qqh5kBpo_pqSmORcdcDES94qT0SzhaDDWurH-BS-IssU", + "version": "6.0.1", + "artifact_id": "cp311-cp311-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 457987, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q3dgXO-TUWsJV7zV4Nqk4wQDJtYdRVMhisiNq1EIsOfE", + "type": 25, + "props": { + "source": "yaml/_yaml.cp311-win_amd64.pyd" + } + }, + { + "key": "Q74AWyhJ0aAfzAkAcaWxs58RyW-0EJJU58HRD33EstXg", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QU6G2p6sW9DGVSUjeYZ4nFl_2OZKT4DRjKSuLv7T-KWE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26371", + "type": "pypi", + "name": "pyyaml", + "files": "QZ4duB1AjDm3ZVBCZd7HfAIphPkp_ZlK8Zj6Cyv4j7HY", + "version": "6.0.1", + "artifact_id": "cp311-cp311-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 422138, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QFtRVw154w6A3xrYwfkGqkv6R8-F8oi-21pDS36WdTpU", + "type": 25, + "props": { + "source": "yaml/_yaml.cp311-win32.pyd" + } + }, + { + "key": "Q3XQ1QXUqry609SCpouomXmqlLCLo-j-cIvZF9Q1_CWE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QbhkMQi1i4KUn9S4_VSu1HjmmIDCUTvejAaerXgHqn80", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26372", + "type": "pypi", + "name": "pyyaml", + "files": "QY5Avmkc1nfwDdipv87Itb0fqS-eoqmR2bbif7n21VeY", + "version": "6.0.1", + "artifact_id": "cp312-cp312-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 601272, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qarvron1Ilvv3tPX1k0ZM3-79P9y99JkOSr8rPiv1hEM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-darwin.so" + } + }, + { + "key": "QlPPQ7EhaX4td3DWb0CltsFcKFMz0ivfLzM4x__LSYU0", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qiss9MUKiqM9X3efF--FdK5r0mJw44QJ6vvAuwnpdDh4", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26373", + "type": "pypi", + "name": "pyyaml", + "files": "QYg2lRUJrD0DnuIadQH-Z0TkrRGaPlQ4epAqNbaq6vu8", + "version": "6.0.1", + "artifact_id": "cp312-cp312-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 585919, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qarvron1Ilvv3tPX1k0ZM3-79P9y99JkOSr8rPiv1hEM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-darwin.so" + } + }, + { + "key": "Qf8cI8pmbaPjj2n0D5-oMN6xrZR-4XhoknK_SXhHdEXI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QQ5gKZ9B49Y4bbJlimWStv1v5Yq5LlZc3xhVG6ddpo68", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26374", + "type": "pypi", + "name": "pyyaml", + "files": "Q9QlzPLqWeSPB1Nx5Wzthm99xngJYSW2RVLI0ABkMKdY", + "version": "6.0.1", + "artifact_id": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2591236, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QYUgKTaqnZrupAgvv-ayUWrZ4D7wuuxfmQde8JzxVHac", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QW707RAOvW_HzAjj-bQgzPrZZnqSVKsJspBKr2hA-5NM", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qqg_WuUeDbi0oZC_pkDzAxgj7Z_Gp3Cn0wbdBR2F7LQM", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26375", + "type": "pypi", + "name": "pyyaml", + "files": "QBC7ZstGT85E7EJ_Nxebm_7GU-83bUmMPnkbqwnp0esQ", + "version": "6.0.1", + "artifact_id": "cp312-cp312-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2558006, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q4H8eQ0jzasAoUBrPOl0_LtUP9pcFgRsz6G1yInrWRws", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QpJPbFfesp4sm3_OgCsES8HiJnVJgBZhJLuaM5_Fd6QU", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QRJrdbdGEynE42gYXx67QDTMGNX7f1Mmq1mWztE6dRJE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26376", + "type": "pypi", + "name": "pyyaml", + "files": "Qj0loxLeAT2D2Bdxsh1xW86FpwK7lf-TKA5cLbN1TL6g", + "version": "6.0.1", + "artifact_id": "cp312-cp312-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 446723, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QyCbnT3dUp2L2N-aJb5C-nB6fn4xmX1DGz2MccEpkIX4", + "type": 25, + "props": { + "source": "yaml/_yaml.cp312-win_amd64.pyd" + } + }, + { + "key": "QSI7YKrEAaUfA_NjTT5jsSDvyqwDanvBiYj9jZcZhExA", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QVkMCUnsXwINDq_mIVePzhRIMWQDqvb6D9rRe6wWWZjY", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26377", + "type": "pypi", + "name": "pyyaml", + "files": "QsuyRaZsPyMv74iOIxmQSELf8al-JUeaTv8TMScqAg3M", + "version": "6.0.1", + "artifact_id": "cp312-cp312-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 422138, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q-ZFpaqCc1i2a4WDWBenaNgCAO-92xDBOPPzJzheimh4", + "type": 25, + "props": { + "source": "yaml/_yaml.cp312-win32.pyd" + } + }, + { + "key": "Q1SKz-Db2Xri_Bp-YcybveA8Mt0-C9OK5NB2g8nvcZUY", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q_l3zkF1tjvKRx3FudyheNkBMBwY06tXKU4NxEnoWP9A", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26378", + "type": "pypi", + "name": "pyyaml", + "files": "QU2BJe_-T6NS2WbF3FKz0w_RohoYoxIL1aY9KyRmU4GI", + "version": "6.0.1", + "artifact_id": "cp36-cp36m-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 669400, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QGeFYVemOK6lae7C6wfC1viW9F_H0-8Yq-rZRDXOacSM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-36m-darwin.so" + } + }, + { + "key": "QarcrDzSFIauJCEeYOp7NDKw2kT8YgEhasx1vz3l4thE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q6KfpB_MISVabMGyrjfrKFZlYg3Ynm2NMbtSDOv1LrkQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26379", + "type": "pypi", + "name": "pyyaml", + "files": "QpOm5VFZAfghvfw6h6qLfkzq1Bl1-Kk8vBLtlTp6OJDc", + "version": "6.0.1", + "artifact_id": "cp36-cp36m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2467982, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QijFSaQ9LvHDjWfarikf6MyjsC0ubHcjeSHsu-t67660", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-36m-aarch64-linux-gnu.so" + } + }, + { + "key": "QlhVc2YEjaujsCeZquskejAL3Rwb7RzLJ6y9Z7Ar4mk0", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QzYTrIgkx3L3ZM03dnWB1ZpBh_XmHZTlb142VxdKZ3bQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26380", + "type": "pypi", + "name": "pyyaml", + "files": "QcxmYzxvizpzYSsCP_bVW4Yji2E5Pfev17Z40Qw2OEfI", + "version": "6.0.1", + "artifact_id": "cp36-cp36m-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2439008, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q8VtudDETaAjWVh4F9YXiWuO87PLEXrlTWtMtl0SUnM0", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-36m-s390x-linux-gnu.so" + } + }, + { + "key": "Qxf6sjujH9w_6q-oiVOign42N8RTK4AacGBQqkvR-zgo", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QvTNaAFUEHcf08gM19oCuedHyb6f3AnQGPhYiX5F8PvU", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26381", + "type": "pypi", + "name": "pyyaml", + "files": "QfyLmP6A3ZznInMI6SlTLpDLNq-0fsiHks9F_rUFEX-M", + "version": "6.0.1", + "artifact_id": "cp36-cp36m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2379467, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QYiwxDefW89x5MAgRAU9xukd85ol92fxSTIGjzzSsLtg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq0U636G_6_RNUMGgmue7RXSbLBf_YcOCYX1QHGbAkv0", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QpQ5mReJrp-9T3PoZwfecfTG2fOXVqSGIgOsPE7sNM0o", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26382", + "type": "pypi", + "name": "pyyaml", + "files": "QZ9l5K2hbzNGE02I2Mp6p_9k9RPsMK9SDW2sXtde4YCM", + "version": "6.0.1", + "artifact_id": "cp36-cp36m-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 485566, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QyQ2ESCnXvusPUsGye57hYgc9Xz3pHVH78YGJICMR9YY", + "type": 25, + "props": { + "source": "yaml/_yaml.cp36-win_amd64.pyd" + } + }, + { + "key": "Q61ZCckC96VAqZQd0l0vekqfU1aNK2FDY0CqPyQEqF9A", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QVaYM-bJ-ub5y3Bq9n8Mu0HePX32ynwG-Yq7BGzhSwWM", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26383", + "type": "pypi", + "name": "pyyaml", + "files": "QAlszj__JVDwq0FcxKOZULn4PwEzNFX56arF0Dfkm77o", + "version": "6.0.1", + "artifact_id": "cp36-cp36m-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 448181, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Qe7CCs3hTXY_TBdlwjrrUZqZNuem3mplOc_PpmgY2-Uw", + "type": 25, + "props": { + "source": "yaml/_yaml.cp36-win32.pyd" + } + }, + { + "key": "Q3ByZIOcgTHlJjwHr3BIC1yyixBemUTW0INWEmaLwGFI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QuaUORQRxK9lBhQIplKayY9Wmohwb3qZ_0hRLwZ5S6Qs", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26384", + "type": "pypi", + "name": "pyyaml", + "files": "QlfIxEd2EkWaB5RGdylYJDrM4ziQEXN6Iu4ZRHVt6p8E", + "version": "6.0.1", + "artifact_id": "cp37-cp37m-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 669543, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QmwoMKYjsLaufWblU3-b9nM41wTdrCsT9kev0u0hAOYQ", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-37m-darwin.so" + } + }, + { + "key": "Q0lVm_f6zBuRTL0r4Jjke0bFOHnrUuUbPqzEhMWOBdP8", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QSH8KXPEyPLDswko0NlMpVBtSr4OabZGIOuwdTslvtWM", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26385", + "type": "pypi", + "name": "pyyaml", + "files": "Q4delWGrwrWoarijpMws5zInBfDQt3y_upkvETdvyy1M", + "version": "6.0.1", + "artifact_id": "cp37-cp37m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2429069, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QTtxYLj4nKjA2TKGZrXzRngPTr-iatV2P9hzdl8oSEzM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Q1APDOeSOtlNMoDpeRW8wKv_TCWDX7WM6v7cnZ16jkfA", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q3j_9Clhb8vTSe6mYO42lnIOXqXUwtgfyKlpXuq2wTZc", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26386", + "type": "pypi", + "name": "pyyaml", + "files": "QSnI0Lhu647Mr1TjGZVrYdPf7c6zeYmwmkWfTMfPegco", + "version": "6.0.1", + "artifact_id": "cp37-cp37m-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2386103, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QP5Nm368DzNTbXzHu4Kbn0FRk7Z_sO1_2puzVZcWH9nA", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-37m-s390x-linux-gnu.so" + } + }, + { + "key": "QkEg3K9zsDMDuNGY2PVsuSVn6wPaCFi0FtraeUbCBLeU", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QWixnZIt-OhUc-yfMewmXq4Mi_O-0hmAsmSTGkohmi04", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26387", + "type": "pypi", + "name": "pyyaml", + "files": "QThoD9hdEyg9eOEaFXZGn3A__3l70zA1f9dZiobcWDdk", + "version": "6.0.1", + "artifact_id": "cp37-cp37m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2353442, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q5OvDKYBSBVVTnLRWTiW8_xeRP8xbHUR3T9DJtDYw5pI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QbCphTs_Hc2QLgzFnkEc7-Z-mrZbpOhhGiVzGTP1tjmQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QO2D5BPLkix5f1aqttoKCCAxdIZ81mDEM2kxzlzRaOdE", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26388", + "type": "pypi", + "name": "pyyaml", + "files": "Q_LkuxmogCF4rVDOpGNWpb-lQXUoCWRXf51Sn3jOJ_fQ", + "version": "6.0.1", + "artifact_id": "cp37-cp37m-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 485612, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QNuWQNjm9WeAITHkwHgB9L3YP3KLBHBfVTfr81-z0aVM", + "type": 25, + "props": { + "source": "yaml/_yaml.cp37-win_amd64.pyd" + } + }, + { + "key": "QTV43TGxrtYAtk2kN12lShYPiu5O6hjcKsxGIy6RKSF8", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QzaRRBdgSSIGG6RbvnmbwRfQ0q561QRxqGt64h3uVeBA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26389", + "type": "pypi", + "name": "pyyaml", + "files": "Qrt5NFGO6-OOy8VzH14inwDMvxzjZs3wBI868DQEHTIg", + "version": "6.0.1", + "artifact_id": "cp37-cp37m-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 448227, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QLxmLxFkiO3ve35gWldCu6-ubKxZVKnSUJq96VeZfmjs", + "type": 25, + "props": { + "source": "yaml/_yaml.cp37-win32.pyd" + } + }, + { + "key": "Q4_M7twWJPzT9318mIkoZjvXkz9CwCwz16G2IE9nZidc", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QxHM_vNOGLY9wbIOSqIxp_XAnjkDvBaWY0sIkDiJeKYQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26390", + "type": "pypi", + "name": "pyyaml", + "files": "QpA1s6QqMXygWXJkBjX8v2_D5d7yGXlHlYnXOckVuLQA", + "version": "6.0.1", + "artifact_id": "cp38-cp38-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 669693, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QBZx98GrjNUj87g_CIr_CW_IUSFmhkR9NrxRHu-OciVk", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-darwin.so" + } + }, + { + "key": "QBETGUBBVgkTNsNGT3frv48MvFqwXkTSnwJNnNifl0T4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QZDNPCBEbO2NJSHoPhpNchyV1wrzuEned8XPZl8ibG9Q", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26391", + "type": "pypi", + "name": "pyyaml", + "files": "QGYpFwTbQcY_uGiFzziXnmRUHRa5j6YjupOYgZZ63pmQ", + "version": "6.0.1", + "artifact_id": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2706250, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QnOMnyUdA4lp3wy__22o_tncKFJP1D5BKpaT5uRNKvYI", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QfeQ3Kumhqq4APFL9y0HrWr3wjaIY6Cwz0O_BtlumWIQ", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q_TcSIGKzLtusqezy9O9WCS5s5M2Vtp6e9EhiJOz0g3Q", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26392", + "type": "pypi", + "name": "pyyaml", + "files": "QnHOnKoWHkRlcKLm0-e6Jaym1gvjTV4MXZw79TWJ_pQI", + "version": "6.0.1", + "artifact_id": "cp38-cp38-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2652756, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QObUhJUB6U1qVvLey4aqEPGSo0jCO3YfHlJBZzToCHXE", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-s390x-linux-gnu.so" + } + }, + { + "key": "QqYIuFRJKS9-od5jhzzxTmwvNsMzXFf7B_aNjapK8y0E", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QeOh_mnakMgO-uDJ_JLmP8AHWGaPWMPgR3v5P0KQlh2Q", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26393", + "type": "pypi", + "name": "pyyaml", + "files": "QRD2VL-Yw1qN1wx6riuhzPqnJQ8qYyshiKjg2u22hU7s", + "version": "6.0.1", + "artifact_id": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2621503, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QqYWrs5XAjfKTI3OHJLL1TVF3m4f-v0MlS3a6uqTq8J8", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRr_jDMDfwfOSwnhlbQTQc11rU8T4w8gJ0Vt5mwhzjiw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QkSS77nUlEoeJuvgPJbSGAIzumAKSR54I_UVp-JVm3qU", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26394", + "type": "pypi", + "name": "pyyaml", + "files": "Q4AoRlh0MQjGMqMeJZixwdokOsAl4U7yHmXEj_jHNiNw", + "version": "6.0.1", + "artifact_id": "cp38-cp38-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 3401834, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QqYWrs5XAjfKTI3OHJLL1TVF3m4f-v0MlS3a6uqTq8J8", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2UtUKdiNV0lGXs5JuA1U0UDuZECXeOtAWoCs7B0Z3c4", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Qn1NdDUH5n2pBqqjQz-G13aDXvHFHf0z6l8wl__gAYLY", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26395", + "type": "pypi", + "name": "pyyaml", + "files": "Q7blOL5bZ1RP4DbV1J4mNM5xKJJJqrjX9Vydugr1F3PU", + "version": "6.0.1", + "artifact_id": "cp38-cp38-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 489707, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QtfuB7EUlW_dTFCPqDEzx2EkIs73gia9z4ftyOIsRXhQ", + "type": 25, + "props": { + "source": "yaml/_yaml.cp38-win_amd64.pyd" + } + }, + { + "key": "QQ92xzEe0TljkWC9ys2PaNqaqr94t4w0R3R2kECrPL-U", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q5saypQT0mATgxtX2hdPBaOsfWR35KWa224r3LONwxpA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26396", + "type": "pypi", + "name": "pyyaml", + "files": "Qaxzju_7kUqpcV8M_qeHL01RMJ66t_Ypti3SIszjvQcc", + "version": "6.0.1", + "artifact_id": "cp38-cp38-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 447714, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QOWAUxMn4LKpK0KCKqWFLa_FMO8ZuzBNLl2GV8UMgzyw", + "type": 25, + "props": { + "source": "yaml/_yaml.cp38-win32.pyd" + } + }, + { + "key": "Q38nMT7JDXHfdMckR__6c-3jvunf5kl6T3Euquqlk46Q", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Ql9iR_9L4C_UjzEZIjp8iAtGS0Eu7fpnVegni5HzHQ2o", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26397", + "type": "pypi", + "name": "pyyaml", + "files": "QcBPcC0CSBytAwur3hHE9zZtUPmbdbP-ZC5JKE0dPWuU", + "version": "6.0.1", + "artifact_id": "cp39-cp39-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 686125, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q31L4S0TMRpKd-Bif7qpZe7pcQ4cO-bfI_NRdKxD736E", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-darwin.so" + } + }, + { + "key": "QZ23tCzxWtgwHu53EQ1k3DLFTNKrqhyftVRfddZ2lH4Y", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QWp8Vf1IL0T8fmnJkAD3p4JUJ4kE_qYFzizVLu5nXKrA", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26398", + "type": "pypi", + "name": "pyyaml", + "files": "QDOXGTlkcxXzu0fWS11mhuTCqS8zPjyC8dv-gSqh8zzc", + "version": "6.0.1", + "artifact_id": "cp39-cp39-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 602843, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q31L4S0TMRpKd-Bif7qpZe7pcQ4cO-bfI_NRdKxD736E", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-darwin.so" + } + }, + { + "key": "QiI4LKnq_ak5AuRJ2QuQL-2S3J0x8bzSeGWMEjZ44HxU", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QJej4ExlCKNvFRgjQTIfIqRid2amS4TMvqahCP5kBPf0", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26399", + "type": "pypi", + "name": "pyyaml", + "files": "Q1HLUoNzBvLFPwlKI1k6wizOjCU_jQlceDlgLt6nqcWY", + "version": "6.0.1", + "artifact_id": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2696034, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QB7uo-P6vgWiYCGp6zwRniVH9_wI7e-C9fE49OpBlMro", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5NAHvY94fg1kEP07plDH-MmJQIBqwgnH_jDLcBNvrAw", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QSPSW1xfWjIt8sCfXe9nSDGKh54fuP5zg8GQaqh9BDT0", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26400", + "type": "pypi", + "name": "pyyaml", + "files": "Qqx3tibuBzqH5BXSZnVba9uoo2k5fiR3cbCGLRQvDg8Q", + "version": "6.0.1", + "artifact_id": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2632852, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QdIApTkmhRW1I5VqTsQ-76RofYj29tfOrDBCoqCk2qxM", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QM7LqRdy8PrXtJBimydetdkX1LK-yy4c-Yq1AKspLU2c", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q5l0gr98FsDQ9Au2NoNYVPOThXObFvdFpqZrXG22p8cQ", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26401", + "type": "pypi", + "name": "pyyaml", + "files": "Qix9XQtyr6EbfGYXQTQy4OQr77C3ApowyN8Xo9eils4M", + "version": "6.0.1", + "artifact_id": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2595095, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QSzZubtcORtOCb-rIugOEv0Wvg2W1wOLOCLfU3MI-Qtg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2MXP83QMrKgh_Y7TtdaxL774HkNUONksHW3pziJO6FE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q-tJaCco9yGJn7lyIDiaUPwm5zaO210col0gaxCUk8dI", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26402", + "type": "pypi", + "name": "pyyaml", + "files": "QAFwXH3w2SAOZo97S25X1-dYLcT4baY2zwS2bBLmcwGM", + "version": "6.0.1", + "artifact_id": "cp39-cp39-musllinux-1-1-x86-64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2689626, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QSzZubtcORtOCb-rIugOEv0Wvg2W1wOLOCLfU3MI-Qtg", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QGU_GjVfFOHup54fzM3vmANU2WsH7ornzQmJEJeyvAFE", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q0AtQXkg5xlapP9d9LenNQR5K8oZ5QC5HmLm3QMSesAo", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26403", + "type": "pypi", + "name": "pyyaml", + "files": "QNRJPW-Ddb4UgkjNzVNhn-kX94KrOn0twd2Xv2fJAdPo", + "version": "6.0.1", + "artifact_id": "cp39-cp39-win-amd64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 475906, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QlLyPbJLTHUcRpvwGgbKl0XxEqcNW_DWd8_3bcoJOUaI", + "type": 25, + "props": { + "source": "yaml/_yaml.cp39-win_amd64.pyd" + } + }, + { + "key": "Qd_ldUkGlnDleuNU2_OvHHePWGGPVEFBj81a6_BnJEA8", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q3h2JnFHnhYtpGFO6hQxuSlR6Ve82YT7CAi-910UOIjM", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26404", + "type": "pypi", + "name": "pyyaml", + "files": "Qv6IOvTZXEFTWe0lZ4bLQst75QyIl4NO5XXeEkTyww8Q", + "version": "6.0.1", + "artifact_id": "cp39-cp39-win32-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 438009, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QoFmATbSxRToQiXZIUDlXF9wj2lBLby6NfK75Sbgkokc", + "type": 25, + "props": { + "source": "yaml/_yaml.cp39-win32.pyd" + } + }, + { + "key": "Qhmxg5zV6aUJFxqs_dBG8IM4v6PF09PlbaQHAlmlsuyI", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "Q0g5_PVV-KLFFCk2-V1l7V3SBQH2XRGz3j7_8GX3LtaU", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "26405", + "type": "pypi", + "name": "pyyaml", + "files": "Q-uTiMdOXGUab4x6QG52r2UuM8Ug_NzVVSQlMqfJ-pVI", + "version": "6.0.1", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.36, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.36 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "MIT", + "size": 596328, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "QCn3a8M7gWvUhhgC1mxe6d6gOgIZ4c6U79cAeARgdc_k", + "type": 25, + "props": { + "source": "PyYAML-6.0.1/tests/data/invalid-character.stream-error" + } + }, + { + "key": "QEYwrm14JDOl_TdnsDuQC-qerOtV3zupjtaCIb-Q8Rpo", + "type": 25, + "props": { + "source": "PyYAML-6.0.1/tests/data/spec-05-02-utf16le.data" + } + }, + { + "key": "QL4U5HGCv4RvOM_5YP1t1rp8wFuakgFsro6yzhX8nowA", + "type": 25, + "props": { + "source": "PyYAML-6.0.1/tests/data/invalid-character.loader-error" + } + }, + { + "key": "Qm_tbpR88XJvLLgK7tDvKCD6hhvdXDI8F1VMJkcFnOJo", + "type": 25, + "props": { + "source": "PyYAML-6.0.1/tests/data/spec-05-02-utf16be.data" + } + }, + { + "key": "Q_xsm_ssn0bg-8juqAnV4lBu_64Q-f0EmDNLrXAVOx0s", + "type": 47, + "file": "PyYAML-6.0.1/lib/yaml/scanner.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/lib/yaml/serializer.py" + }, + { + "key": "QmvwXb2083iz2SxMnFIg2DJyKiYq3uurTimeJbEN7WeA", + "type": 16, + "file": "PyYAML-6.0.1/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_appliance.py" + }, + { + "key": "QmvwXb2083iz2SxMnFIg2DJyKiYq3uurTimeJbEN7WeA", + "type": 16, + "file": "PyYAML-6.0.1/tests/lib/test_appliance.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_canonical.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_constructor.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": 81, + "file": "PyYAML-6.0.1/tests/lib/test_constructor.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_emitter.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_errors.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": 81, + "file": "PyYAML-6.0.1/tests/lib/test_errors.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": 81, + "file": "PyYAML-6.0.1/tests/lib/test_input_output.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_mark.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_multi_constructor.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": 81, + "file": "PyYAML-6.0.1/tests/lib/test_multi_constructor.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_reader.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": 81, + "file": "PyYAML-6.0.1/tests/lib/test_recursive.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_representer.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_resolver.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_schema.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_structure.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": 81, + "file": "PyYAML-6.0.1/tests/lib/test_structure.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_tokens.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": 19, + "file": "PyYAML-6.0.1/tests/lib/test_yaml_ext.py" + }, + { + "key": "QmvwXb2083iz2SxMnFIg2DJyKiYq3uurTimeJbEN7WeA", + "type": 16, + "file": "PyYAML-6.0.1/tests/lib/test_yaml_ext.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "removed", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "5352608745", + "type": "pypi", + "name": "pyyaml", + "files": "Q_yX0RQqIJAGDzeM4xIXKjI5fAnjwp7YzOPrUDZdVzmg", + "version": "6.0.1", + "artifact_id": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.9349934, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9349934 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 2626487, + "author": "ingy, nitzmahone, tinita", + "state": "revalidate", + "alerts": [ + { + "key": "Q2Yn-GhR51srj3A_UHahZOTCwc5Jm4riyudJQPUUb3UA", + "type": 25, + "props": { + "source": "yaml/_yaml.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QFmdQI2E_eHxAWMoB9EqZaACmB5BytEnWgjgtgqfOBcA", + "type": 47, + "file": "yaml/scanner.py" + }, + { + "key": "QXQEP51-ahODxQ_TX0JZ_Fd-15H2Cz_l9TVMeoIKTxss", + "type": 19, + "file": "yaml/serializer.py" + } + ], + "licenseDetails": [] + } + ], + "unchanged": [ + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "69439", + "type": "pypi", + "name": "colorama", + "files": "Qhy1Lh0ta9UGdevkuH8n-tCSxV3O-YhLe7CAlhsDept8", + "version": "0.4.6", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96375656 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 77669, + "author": "tartley, wiggin15", + "state": "revalidate", + "alerts": [ + { + "key": "Q1O4uX2QNXOqAMOWJ6ifXEMKijEy4A0BlyHPOwgUQvco", + "type": 16, + "file": "colorama/tests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1O4uX2QNXOqAMOWJ6ifXEMKijEy4A0BlyHPOwgUQvco", + "type": 16, + "file": "colorama/ansitowin32.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2MhoCFyzsb1I1poFpR5wz3FfH7nCetTyFsrYnI_uE1E", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "colorama-0.4.6.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "69440", + "type": "pypi", + "name": "colorama", + "files": "QPNLk1ZWc_BwCU7DwRLdXXuV3VoEBkyH1PNwz4hJA5z8", + "version": "0.4.6", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96375656 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 115698, + "author": "tartley, wiggin15", + "state": "revalidate", + "alerts": [ + { + "key": "QrI556vIFUiV9G8i_BlbG4qi4FtqFIcJvm1dDY1Wa9ME", + "type": 16, + "file": "colorama-0.4.6/colorama/ansitowin32.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrI556vIFUiV9G8i_BlbG4qi4FtqFIcJvm1dDY1Wa9ME", + "type": 16, + "file": "colorama-0.4.6/colorama/tests/utils.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "70739", + "type": "pypi", + "name": "iniconfig", + "files": "Q3LCXseVD1C86mgkEZWRT8Idwy8zehtgde-5susyrcSA", + "version": "2.0.0", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98156816 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 13010, + "author": "hpk, ronny", + "state": "revalidate", + "alerts": [ + { + "key": "QCDudgmy428ANlL7AJMjnU5CfgDc8N1KOFAQAxb4bYCo", + "type": 19, + "file": "iniconfig/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "70740", + "type": "pypi", + "name": "iniconfig", + "files": "QoZf8-zYeosu0HyMjHi4r7mRjCXUPUq39J-q3JAtrrcg", + "version": "2.0.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98156816 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 15435, + "author": "hpk, ronny", + "state": "revalidate", + "alerts": [ + { + "key": "QC--Em3J1dn9_0bfnTGuR0K5lWYjRIWnVWv6tXZ657vI", + "type": 19, + "file": "iniconfig-2.0.0/src/iniconfig/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "75379", + "type": "pypi", + "name": "requests-toolbelt", + "files": "Q_MEy1nz7UcDNAnOpuqLZslHyV_zhtFItLpE3QPEseYo", + "version": "1.0.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "Apache-2.0 AND MIT", + "size": 504179, + "author": "graffatcolmingov, quentinp", + "state": "revalidate", + "alerts": [ + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/http_proxy_digest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": 19, + "file": "requests-toolbelt-1.0.0/tests/test_multipart_encoder.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_multipart_decoder.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_dump.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_downloadutils.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": 19, + "file": "requests-toolbelt-1.0.0/tests/test_downloadutils.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_auth_handler.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/tests/test_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_auth.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/utils/dump.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/utils/deprecated.py" + }, + { + "key": "Q7Oex74POJaLRRRiAaUhH3lleAVKn8S4xzAgq89rNCOo", + "type": 63, + "file": "requests-toolbelt-1.0.0/setup.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": 19, + "file": "requests-toolbelt-1.0.0/setup.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/sessions.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/multipart/encoder.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/threaded/pool.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": 19, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/downloadutils/stream.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": 19, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/downloadutils/tee.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/cookies/forgetful.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/x509.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/x509.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/ssl.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/guess.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/guess.py" + }, + { + "key": "QSM4ucs4hA1it7jhEpxeoTfDCkuiWEa2-wMkGZWmr2tE", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "requests-toolbelt-1.0.0/requests_toolbelt.egg-info/PKG-INFO" + } + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/_compat.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/socket_options.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/_digest_auth_compat.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/http_proxy_digest.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/tests/test_x509_adapter.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_x509_adapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_ssladapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_socket_options_adapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_sessions.py" + }, + { + "key": "QB4RRr2G4Yy4ia6-IdPi0STLfEpYk3YOPWRqAJ1zxx7E", + "type": 81, + "file": "requests-toolbelt-1.0.0/tests/test_formdata.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/tests/test_forgetfulcookiejar.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_forgetfulcookiejar.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_host_header_ssl_adapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_fingerprintadapter.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": 16, + "file": "requests-toolbelt-1.0.0/tests/test_proxy_digest_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_proxy_digest_auth.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": 47, + "file": "requests-toolbelt-1.0.0/tests/test_multipart_encoder.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "75380", + "type": "pypi", + "name": "requests-toolbelt", + "files": "QAbKS0W4nAbqL9r2EAdRtcpus2xlO_cwFAmvKhsO5fd0", + "version": "1.0.0", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "Apache-2.0 AND MIT", + "size": 145899, + "author": "graffatcolmingov, quentinp", + "state": "revalidate", + "alerts": [ + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/sessions.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/auth/http_proxy_digest.py" + }, + { + "key": "Q3gNpdJAvG8qVyy0BpVff7RasyjYqpQHtk9okjXorEyA", + "type": 19, + "file": "requests_toolbelt/downloadutils/tee.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": 16, + "file": "requests_toolbelt/auth/guess.py", + "props": { + "envVars": "" + } + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/auth/guess.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": 16, + "file": "requests_toolbelt/cookies/forgetful.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q3gNpdJAvG8qVyy0BpVff7RasyjYqpQHtk9okjXorEyA", + "type": 19, + "file": "requests_toolbelt/downloadutils/stream.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": 16, + "file": "requests_toolbelt/adapters/x509.py", + "props": { + "envVars": "" + } + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/threaded/pool.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/utils/deprecated.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/utils/dump.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/adapters/x509.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/multipart/encoder.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": 16, + "file": "requests_toolbelt/auth/http_proxy_digest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/auth/_digest_auth_compat.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/_compat.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/adapters/appengine.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/adapters/ssl.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": 47, + "file": "requests_toolbelt/adapters/socket_options.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "76055", + "type": "pypi", + "name": "tabulate", + "files": "QxJQgwJz5q2U-TJpqdgKUM_JOCAJB7UiyY-CE5T5d8C0", + "version": "0.9.0", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.9907412, + "overall": 0.96375656 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 131468, + "author": "Sergey", + "state": "revalidate", + "alerts": [ + { + "key": "Qumwfec7PkuvE_7jjx7rUuwXel6uRc1A38lFGkAI-eG8", + "type": 19 + }, + { + "key": "QDLvC9a1uQ6PApeOOrJ7G6HsaqPpQYENjXMn0dTWc7Tg", + "type": 16, + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "76056", + "type": "pypi", + "name": "tabulate", + "files": "QkbtShfiLnYVS3wVB4kK451q-G15ksgL0PjuAZuvZfjU", + "version": "0.9.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.9008158, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.9907412, + "overall": 0.9008158 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "MIT", + "size": 379878, + "author": "Sergey", + "state": "revalidate", + "alerts": [ + { + "key": "QCkYU3fan9fjjzVOD5jiB500siGwh4IfpicnpqdGquys", + "type": 23, + "props": { + "risk": "medium", + "notes": "The code contains multiple potential security risks, including unauthorized file writes, command injection, information leakage, and code injection. It should be reviewed and modified to ensure proper input validation, sanitization, and secure handling of user input. The presence of 'eval' raises concerns about the safety and security of the code.", + "severity": 0.7, + "confidence": 0.8 + } + }, + { + "key": "QZDfyAwumQB4vs1ixHPhmB5rTo01go47BuaAzBjqq-pk", + "type": 63 + }, + { + "key": "QmAxptwpfnmFgTPQ9ioK3BX7NgGk-00ytC-UczF1YlVY", + "type": 16, + "props": { + "envVars": "" + } + }, + { + "key": "QXckfoAM4xgrzz0hem-Js9twuXixkfWNZouj-Ozsp2a4", + "type": 19 + }, + { + "key": "QYFXRm58f6115_0xXUOD59cUMF3d6mIDzoP2VGSISXb8", + "type": 81 + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "3692731902", + "type": "pypi", + "name": "polib", + "files": "QqKNOxSLQT0VgVkhzWD6rG1CpITWM8a34qv-e8rXSwO4", + "version": "1.2.0", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98156816 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 78958, + "author": "izi", + "state": "revalidate", + "alerts": [ + { + "key": "QNNYnYEq3apRNml2wLbN5vgp9tlfyQpHo0qpzHhyHfIU", + "type": 19, + "file": "polib.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "3692731903", + "type": "pypi", + "name": "polib", + "files": "QCq0q31ogcBOPvHMKb_pUj2-S2sGHzywv8jhTnOryxdY", + "version": "1.2.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.64, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.64 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "MIT", + "size": 553071, + "author": "izi", + "state": "revalidate", + "alerts": [ + { + "key": "QiMOQlY_N1y_pMZrXVSuRvYX40xqvZpciTHS_YyH5pt8", + "type": 19, + "file": "polib-1.2.0/polib.py" + }, + { + "key": "QyLE-sHSB6a4sIJT2xPV9HQy2BF7T4-tjXaH6YgUcjvk", + "type": 25, + "props": { + "source": "polib-1.2.0/tests/test_msgctxt.mo" + } + }, + { + "key": "Qnld52pwcGfE4OEAWYWjxupACxSlwqkjPtU7KyE2ATGM", + "type": 25, + "props": { + "source": "polib-1.2.0/tests/test_iso-8859-15.mo" + } + }, + { + "key": "QgOh4V_RJCMXZ5BfLxr9WGFd_E_D0YmhQIsLsnvdpt1E", + "type": 25, + "props": { + "source": "polib-1.2.0/tests/test_no_header.mo" + } + }, + { + "key": "QfU2ooNCCx40J0AVoSphv-McSMhFhTT9D8d80u7YaVLQ", + "type": 25, + "props": { + "source": "polib-1.2.0/tests/test_version_1.1.mo" + } + }, + { + "key": "QdPhblTQspPcJ8aHP9Auqgq5cOiNPEt3nvvKgtMaCPmQ", + "type": 25, + "props": { + "source": "polib-1.2.0/tests/test_invalid_version.mo" + } + }, + { + "key": "Q2iwiUaEdZfBhbfBvuLgnm2Z--XDrJw-VbruXEpKqviE", + "type": 25, + "props": { + "source": "polib-1.2.0/tests/test_utf8.mo" + } + }, + { + "key": "QX6HWD-sfa11tRffvUi_wPTs23ppjIv_lIImuhdfkCwo", + "type": 63, + "file": "polib-1.2.0/tests/tests.py" + }, + { + "key": "QiMOQlY_N1y_pMZrXVSuRvYX40xqvZpciTHS_YyH5pt8", + "type": 19, + "file": "polib-1.2.0/tests/tests.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "4451705018", + "type": "pypi", + "name": "wcwidth", + "files": "QwcuNDSd7_4w_MU4QBODyFat0YjN86Nlvkl_LERurmUU", + "version": "0.2.13", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.9, + "overall": 0.98156816 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "HPND-Markus-Kuhn AND MIT", + "size": 501027, + "author": "jquast", + "state": "revalidate", + "alerts": [ + { + "key": "QIu1bCRZdVyKlNEE70lVV4inFMAkiwkfCjfIMkAgFVPw", + "type": 16, + "file": "wcwidth/wcwidth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qxife_KCTgDGNe6wZanDMArnsMdHRkflEKbUCPmLN5-E", + "type": 15586174, + "props": { + "licenseId": "HPND-Markus-Kuhn" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "4451705019", + "type": "pypi", + "name": "wcwidth", + "files": "QrG1WzfzZvEeGH-AhJDWKGboPxZwXr0FgKVZz-v7knuY", + "version": "0.2.13", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.8799956, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.9, + "overall": 0.8799956 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "HPND-Markus-Kuhn AND MIT", + "size": 952091, + "author": "jquast", + "state": "revalidate", + "alerts": [ + { + "key": "Qxife_KCTgDGNe6wZanDMArnsMdHRkflEKbUCPmLN5-E", + "type": 15586174, + "props": { + "licenseId": "HPND-Markus-Kuhn" + } + }, + { + "key": "QjW3xc6f5JUyayynquLyG26amlYQFsLlc7g0I-KWjrkA", + "type": 19, + "file": "wcwidth-0.2.13/bin/update-tables.py" + }, + { + "key": "QLHfwp5XeCjfwG6BCskPgoiu2eSxVS99gRs_mZMB8p_4", + "type": 47, + "file": "wcwidth-0.2.13/bin/update-tables.py" + }, + { + "key": "Qcfj_ABrO9EIyMzoweq6DFFSctqmpYhssMPMpEx4naAY", + "type": 16, + "file": "wcwidth-0.2.13/bin/update-tables.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpJXEjX34MXP08GJZ6SM5IbR8pst149DQudh1V4_fv6I", + "type": 63, + "file": "wcwidth-0.2.13/tests/test_table_integrity.py" + }, + { + "key": "QpJXEjX34MXP08GJZ6SM5IbR8pst149DQudh1V4_fv6I", + "type": 63, + "file": "wcwidth-0.2.13/setup.py" + }, + { + "key": "Qcfj_ABrO9EIyMzoweq6DFFSctqmpYhssMPMpEx4naAY", + "type": 16, + "file": "wcwidth-0.2.13/wcwidth/wcwidth.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15835012723", + "15921473454", + "15921496871" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15835012723", + "15921473454", + "15921496871" + ] + }, + "id": "5238328965", + "type": "pypi", + "name": "beautifulsoup4", + "files": "QmZDsMdjzSvfELObsnLRln1-F4mD3Rs4rzsQ8zMenVGo", + "version": "4.12.3", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "MIT", + "size": 618628, + "author": "leonard", + "state": "revalidate", + "alerts": [ + { + "key": "Qz34J4qUB6ev-zxfKJ3Rei_88XkmkfMaAIXHzRZ2AZC8", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5000587759190016.testcase" + } + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": 81, + "file": "bs4/tests/test_htmlparser.py" + }, + { + "key": "QksrErBjwXLshdhrt-qTwcJE8fjl4eG3KXsmFkxmtOjE", + "type": 19, + "file": "bs4/tests/test_soup.py" + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": 81, + "file": "bs4/tests/test_soup.py" + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": 16, + "file": "bs4/tests/test_soup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": 16, + "file": "bs4/tests/test_tree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": 16, + "file": "bs4/diagnose.py", + "props": { + "envVars": "" + } + }, + { + "key": "QksrErBjwXLshdhrt-qTwcJE8fjl4eG3KXsmFkxmtOjE", + "type": 19, + "file": "bs4/diagnose.py" + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": 81, + "file": "bs4/css.py" + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": 16, + "file": "bs4/builder/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": 16, + "file": "bs4/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QksrErBjwXLshdhrt-qTwcJE8fjl4eG3KXsmFkxmtOjE", + "type": 19, + "file": "bs4/tests/test_fuzz.py" + }, + { + "key": "QXXFBXGUpv95IWV-f9QU5H_WEq5DMX6kzb5Fhxfsep3A", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6450958476902400.testcase" + } + }, + { + "key": "QPoTMi6kcq4_gyALR2SLUiAM53Ua6NFsSyK4PfMsFZJQ", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5270998950477824.testcase" + } + }, + { + "key": "QPHistkLbSv74d7J9xzNaWmEmam4Uwcb3PhcpZedvyR0", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5984173902397440.testcase" + } + }, + { + "key": "QMHNCGXNlwHA2kuI7KW7p582yRkOfoZfPwmrd7g3DzzU", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5167584867909632.testcase" + } + }, + { + "key": "QkgqQ4kAVMoGFGqQ-G85AbuqZtDoiVSFDmJCOQegtYVU", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/crash-ffbdfa8a2b26f13537b68d3794b0478a4090ee4a.testcase" + } + }, + { + "key": "QJS3I-DeFeZFMpjdYlDhbGYbIVxIDGJqeXDmQ38rMqJo", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5492400320282624.testcase" + } + }, + { + "key": "Qjcb8hRj_P-sPmE6LweA8vL51hE78J5YAYO2-C1QGC5E", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/crash-0d306a50c8ed8bcd0785b67000fcd5dea1d33f08.testcase" + } + }, + { + "key": "QCHx8XTXAWW2VleYCejDdhMutIjWW-Z-1i7uZ5TYytCM", + "type": 25, + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6600557255327744.testcase" + } + }, + { + "key": "QEgT_OnYA63eF_UJeGFtib8rEi_RPCw9WQ7W0IpOVyFY", + "type": 47, + "file": "bs4/element.py" + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": 16, + "file": "bs4/tests/test_builder_registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": 81, + "file": "bs4/tests/test_dammit.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15835012723", + "15921473454", + "15921496871" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15835012723", + "15921473454", + "15921496871" + ] + }, + "id": "5238328966", + "type": "pypi", + "name": "beautifulsoup4", + "files": "QTs0DTSfLqauMYPNgPqsS5h7W1mInzHBD6VeXnNkxAfY", + "version": "4.12.3", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "MIT", + "size": 2100439, + "author": "leonard", + "state": "revalidate", + "alerts": [ + { + "key": "QPZgNhL4bGSPvhcaZfGmCS1J4QFIVx4nfcY9PisZKXX0", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5167584867909632.testcase" + } + }, + { + "key": "Q8xeh2pvifHIcb7qQUKht6qwLRFwp5x3ZVHr1ww622a4", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5270998950477824.testcase" + } + }, + { + "key": "Q6nd6WpGL8y4MVZ-kYxtl1GrsWiTVrTuvG257b3SUpyo", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5984173902397440.testcase" + } + }, + { + "key": "Q4uQTdRk_IR7XvOfmB6mHBtqqjufD1WxpaDYg2VIK9cQ", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/crash-0d306a50c8ed8bcd0785b67000fcd5dea1d33f08.testcase" + } + }, + { + "key": "Q1PdKV8Aron8XiU0PlKNXBPHd4kSJy34htMYcxna9CWE", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5000587759190016.testcase" + } + }, + { + "key": "Q0ryhISrKyyeKvbmEwNvtXADoWR9Q6t0n12Ty5W3HmtU", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/crash-ffbdfa8a2b26f13537b68d3794b0478a4090ee4a.testcase" + } + }, + { + "key": "QvN7ZrgYcR16sjKlb5W0tZ6X0kPaDLRwqPe4PUWHEhJQ", + "type": 19, + "file": "beautifulsoup4-4.12.3/bs4/diagnose.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": 16, + "file": "beautifulsoup4-4.12.3/bs4/diagnose.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsE4beu9TiYhetDl-t9Ad1BH4jIAiZZb6FKvl-hWpSXw", + "type": 47, + "file": "beautifulsoup4-4.12.3/bs4/element.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": 16, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_builder_registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": 81, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_dammit.py" + }, + { + "key": "QvN7ZrgYcR16sjKlb5W0tZ6X0kPaDLRwqPe4PUWHEhJQ", + "type": 19, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_fuzz.py" + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": 81, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_htmlparser.py" + }, + { + "key": "QvN7ZrgYcR16sjKlb5W0tZ6X0kPaDLRwqPe4PUWHEhJQ", + "type": 19, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_soup.py" + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": 81, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_soup.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": 16, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_soup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": 16, + "file": "beautifulsoup4-4.12.3/bs4/tests/test_tree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": 81, + "file": "beautifulsoup4-4.12.3/bs4/css.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": 16, + "file": "beautifulsoup4-4.12.3/bs4/builder/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": 16, + "file": "beautifulsoup4-4.12.3/bs4/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qyzw_J1k10-MOI7YTnQ4DO3pEvRSh6uiNhfkjEZZc4Gw", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6600557255327744.testcase" + } + }, + { + "key": "QxpkLYDJr2nBtAzk_p2KHHvHmRwHUvPwOK7h_q46nmDU", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6450958476902400.testcase" + } + }, + { + "key": "QVB5qGQQ3MnRr2HFhkTGs1QNDVE91UNv6SaJuns32NpE", + "type": 25, + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5492400320282624.testcase" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "6381179125", + "type": "pypi", + "name": "python-dotenv", + "files": "QBiWqCeFjQ7KotDcOPhNzLfStviLJFlme_hm-xXEPvFQ", + "version": "1.0.1", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.90653515, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.90653515 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 54258, + "author": "bbc, theskumar", + "state": "revalidate", + "alerts": [ + { + "key": "Q85b05Bf77lzSzVqzDcMha_VXdzE67p5CjM3tWxd_3AM", + "type": 16, + "file": "dotenv/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q85b05Bf77lzSzVqzDcMha_VXdzE67p5CjM3tWxd_3AM", + "type": 16, + "file": "dotenv/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmzvRivT8zXKLdWP2g2uAMmxqJARRdnR_cDQ6JhSwH9U", + "type": 19, + "file": "dotenv/main.py" + }, + { + "key": "QmzvRivT8zXKLdWP2g2uAMmxqJARRdnR_cDQ6JhSwH9U", + "type": 19, + "file": "dotenv/cli.py" + }, + { + "key": "Q515KD_Q3GEfxBsbQP4h3Z28Vr1oF_Ftb5fU_IgxPLrg", + "type": 63, + "file": "dotenv/cli.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "6381179126", + "type": "pypi", + "name": "python-dotenv", + "files": "QZzxGx5zOLrVajmGJ2CFtCzoz9ghTBkuNZprdYvQgTHc", + "version": "1.0.1", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.7979128, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.7979128 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 160044, + "author": "bbc, theskumar", + "state": "revalidate", + "alerts": [ + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/tests/test_cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/src/dotenv/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIsmf_-O8jCpdkAaoTjritaoKJJbcG6edA3Mfqxp9-fs", + "type": 19, + "file": "python-dotenv-1.0.1/src/dotenv/main.py" + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/src/dotenv/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/tests/test_main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/tests/test_ipython.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/tests/test_zip_imports.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": 16, + "file": "python-dotenv-1.0.1/tests/test_utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIsmf_-O8jCpdkAaoTjritaoKJJbcG6edA3Mfqxp9-fs", + "type": 19, + "file": "python-dotenv-1.0.1/src/dotenv/cli.py" + }, + { + "key": "Qq4cR7p7yDDg75HHk9sNlMVCPXgNttPWKyTkGVfALK9Y", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "python-dotenv-1.0.1/src/python_dotenv.egg-info/PKG-INFO" + } + }, + { + "key": "Q1gqCnXMOL2YDTvOzd5Khj-Dxyn1xn36Soo6_dH8eQ00", + "type": 81, + "file": "python-dotenv-1.0.1/setup.py" + }, + { + "key": "QOx-bAdQcdC3CL5kvcQgJa3TTiAhIudkVjyiyHMB04DE", + "type": 63, + "file": "python-dotenv-1.0.1/src/dotenv/cli.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "9191613312", + "type": "pypi", + "name": "mdutils", + "files": "QURQORLVfO3KWrOfU9GISX0Bk8LPMNGU0zdMiS3eV66A", + "version": "1.6.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96375656 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 106479, + "author": "didix21", + "state": "revalidate", + "alerts": [ + { + "key": "QHRcl3Pk__3G-oxUrJnw_YWWqhTicRvDstEJMqTydOi0", + "type": 19, + "file": "mdutils-1.6.0/mdutils/fileutils/fileutils.py" + }, + { + "key": "QHRcl3Pk__3G-oxUrJnw_YWWqhTicRvDstEJMqTydOi0", + "type": 19, + "file": "mdutils-1.6.0/setup.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "10731537839", + "type": "pypi", + "name": "html2text", + "files": "QYvx6fU8MSyCZnoXo4zDsvo-u8BVDYqw4Ovwtg52zvwo", + "version": "2024.2.26", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.9399659, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.9399659 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND GPL-3.0", + "size": 189283, + "author": "Alir3z4, jdufresne", + "state": "revalidate", + "alerts": [ + { + "key": "QOvALb4ibRa0TUB8bqjCMOaYKzegZZ3XSubkpCeW-V4U", + "type": 19, + "file": "html2text-2024.2.26/html2text/cli.py" + }, + { + "key": "QS0fhDaCodelAimvChXQx04UF8CpOamyNayB2lndQrUc", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: GNU General Public License (GPL)", + "filepathOrProvenance": "html2text-2024.2.26/html2text.egg-info/PKG-INFO" + } + }, + { + "key": "Q85i8SCCSAdXkKH-GUfcw-jToxPqO4cODHsSZ5idoGC4", + "type": 15586118, + "props": { + "licenseId": "License :: OSI Approved :: GNU General Public License (GPL)" + } + }, + { + "key": "QzLlvu-vv2bUOAXV3bfrmS8hUpZwT9yPdqQoWGjbUvuM", + "type": 15586118, + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "Qd3vPTVQWjUUlcWGW4CdLdD5mkt1-KU12wPNcf6vN9T0", + "type": 15586174, + "props": { + "licenseId": "License :: OSI Approved :: GNU General Public License (GPL)" + } + }, + { + "key": "QiLSIKwnPwWdM-yiG0it02kJLrXuofwZni9dY6U1Wnac", + "type": 15586174, + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QOvALb4ibRa0TUB8bqjCMOaYKzegZZ3XSubkpCeW-V4U", + "type": 19, + "file": "html2text-2024.2.26/test/test_html2text.py" + }, + { + "key": "Q7qHoRX9v0plzEHHBEJKsg5s1heivQ9B15AIdpLQAzU4", + "type": 63, + "file": "html2text-2024.2.26/test/test_html2text.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "id": "11011800073", + "type": "pypi", + "name": "python-dateutil", + "files": "QF1wb4O4OaWXcxRgJ-BbE6MuK1T4qNdecIdtPck7MQBY", + "version": "2.9.0", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.9008158, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9008158 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "Apache-2.0 AND BSD-3-Clause", + "size": 441767, + "author": "dateutilbot, jarondl, pganssle, tpievila", + "state": "revalidate", + "alerts": [ + { + "key": "QnryEU01rqi36YwGr5h6LJ_hG-Hy0jExv3Q4jyIuK1bk", + "type": 63, + "file": "dateutil/zoneinfo/rebuild.py" + }, + { + "key": "QT0iJF9hqLmiVUiN-WjKFp0pxnngLlpdga20Wp7ViWkM", + "type": 19, + "file": "dateutil/zoneinfo/rebuild.py" + }, + { + "key": "Qps-_inP44SPpJqZ2RHHQ-BDArFSOjp0y7aJrPRL0LgU", + "type": 16, + "file": "dateutil/tz/tz.py", + "props": { + "envVars": "" + } + }, + { + "key": "QT0iJF9hqLmiVUiN-WjKFp0pxnngLlpdga20Wp7ViWkM", + "type": 19, + "file": "dateutil/tz/tz.py" + }, + { + "key": "Q5SH_5Bs7NbMwEa8TEAQzvbKMVhBUPlS2hoMu4ekVIuo", + "type": 25, + "props": { + "source": "dateutil/zoneinfo/dateutil-zoneinfo.tar.gz" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "id": "11012426660", + "type": "pypi", + "name": "python-dateutil", + "files": "QHiwhKwWMlpJ-mClomlmqixF26RuR_lxpX0RNmxq_7yc", + "version": "2.9.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.772863, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.772863 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": true + }, + "license": "Apache-2.0 AND BSD-3-Clause", + "size": 1078120, + "author": "dateutilbot, jarondl, pganssle, tpievila", + "state": "revalidate", + "alerts": [ + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": 16, + "file": "python-dateutil-2.9.0/src/dateutil/tz/tz.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": 19, + "file": "python-dateutil-2.9.0/src/dateutil/zoneinfo/rebuild.py" + }, + { + "key": "Q3Oq9rHV7ehytRxKWt5zi94ldIA-GDh7a3Jsc1Qo2pkM", + "type": 63, + "file": "python-dateutil-2.9.0/src/dateutil/zoneinfo/rebuild.py" + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": 19, + "file": "python-dateutil-2.9.0/tests/_common.py" + }, + { + "key": "Q3Oq9rHV7ehytRxKWt5zi94ldIA-GDh7a3Jsc1Qo2pkM", + "type": 63, + "file": "python-dateutil-2.9.0/tests/_common.py" + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": 16, + "file": "python-dateutil-2.9.0/tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2ltejAg4L0obMoIdFu_d5AbzIkyyYh8wUB-kG095QYw", + "type": 81, + "file": "python-dateutil-2.9.0/tests/test_parser.py" + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": 16, + "file": "python-dateutil-2.9.0/tests/test_tz.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": 19, + "file": "python-dateutil-2.9.0/updatezinfo.py" + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": 16, + "file": "python-dateutil-2.9.0/tests/_common.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYb3cO711L7WHkzRtN2-IGRoIhw2KsxR3FmzzFgVjdnw", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "python-dateutil-2.9.0/src/python_dateutil.egg-info/PKG-INFO" + } + }, + { + "key": "Q5zVBT5cDVKilR4dnKe-ahAY2liSulRMjOLC-FGSZCEY", + "type": 25, + "props": { + "source": "python-dateutil-2.9.0/src/dateutil/zoneinfo/dateutil-zoneinfo.tar.gz" + } + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": 19, + "file": "python-dateutil-2.9.0/ci_tools/make_zonefile_metadata.py" + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": 19, + "file": "python-dateutil-2.9.0/src/dateutil/tz/tz.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "75379", + "6381179126", + "15835012723", + "15917547152", + "15921473454", + "15921496871" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "75379", + "6381179126", + "15835012723", + "15917547152", + "15921473454", + "15921496871" + ] + }, + "id": "15590656246", + "type": "pypi", + "name": "requests", + "files": "QQE7BeEdyJSx0aM2naO9H6Gz47VqqzMl4bCHwGMOtR1Y", + "version": "2.32.3", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": true + }, + "license": "AFL-1.1 AND Apache-2.0", + "size": 476710, + "author": "graffatcolmingov, Lukasa, nateprewitt", + "state": "revalidate", + "alerts": [ + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/tests/test_requests.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/test_testserver.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": 19, + "file": "requests-2.32.3/tests/test_utils.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/test_utils.py" + }, + { + "key": "QOs2JZ8Wh51IIUwAh8K3429g3rbe-xXRlOaBRSr-9L7o", + "type": 81, + "file": "requests-2.32.3/tests/test_requests.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/test_requests.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": 19, + "file": "requests-2.32.3/tests/test_requests.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/test_packages.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/tests/test_lowlevel.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/test_lowlevel.py" + }, + { + "key": "QLvfHwpxw67nu-wnQOr5Wpb4moXzJEbItYlG-yDEze10", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "requests-2.32.3/src/requests.egg-info/PKG-INFO" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/tests/test_utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/testserver/server.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/tests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/tests/test_hooks.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/src/requests/utils.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": 19, + "file": "requests-2.32.3/src/requests/utils.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/sessions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/models.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/cookies.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/compat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/src/requests/compat.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": 16, + "file": "requests-2.32.3/src/requests/adapters.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": 47, + "file": "requests-2.32.3/src/requests/adapters.py" + }, + { + "key": "QOs2JZ8Wh51IIUwAh8K3429g3rbe-xXRlOaBRSr-9L7o", + "type": 81, + "file": "requests-2.32.3/setup.py" + }, + { + "key": "QhwQcKIJRvkUFPXGkl7GR5dEGQlF7HRNld91xjzVhWBo", + "type": 63, + "file": "requests-2.32.3/setup.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": 19, + "file": "requests-2.32.3/setup.py" + }, + { + "key": "Qsb9yskiepbEU3uUJsc7No81i4UlX9Tnj5tACFl7kfsY", + "type": 15586191, + "props": { + "location": "requests-2.32.3/NOTICE" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "75379", + "6381179126", + "15835012723", + "15917547152", + "15921473454", + "15921496871" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "75379", + "6381179126", + "15835012723", + "15917547152", + "15921473454", + "15921496871" + ] + }, + "id": "15590656247", + "type": "pypi", + "name": "requests", + "files": "QxPR3KauIYocrFwDIpjycLRiI4JuJGmAMMRhtUXvQRvQ", + "version": "2.32.3", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.80496967, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.80496967 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "Apache-2.0", + "size": 205090, + "author": "graffatcolmingov, Lukasa, nateprewitt", + "state": "revalidate", + "alerts": [ + { + "key": "QeZYgC3WvS-YVlAZiv817MzaEhbuF63uwbwrwoW5FbKQ", + "type": 47, + "file": "requests/utils.py" + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QglOZ0ggpOPZhpGXQI1JU7GUx--gENCeopcdCQn9Gp2I", + "type": 19, + "file": "requests/utils.py" + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/sessions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/models.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/cookies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/compat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeZYgC3WvS-YVlAZiv817MzaEhbuF63uwbwrwoW5FbKQ", + "type": 47, + "file": "requests/compat.py" + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": 16, + "file": "requests/adapters.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeZYgC3WvS-YVlAZiv817MzaEhbuF63uwbwrwoW5FbKQ", + "type": 47, + "file": "requests/adapters.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15917547152" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15917547152" + ] + }, + "id": "15596422234", + "type": "pypi", + "name": "typing-extensions", + "files": "Q8CbtgJzUUOwSa57OuSux2R4nRCdUs1Gq5ryo1kLQG6M", + "version": "4.12.2", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.9008158, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9008158 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": true + }, + "license": "0BSD AND PSF-2.0 AND Python-2.0", + "size": 422371, + "author": "guido, hauntsaninja, ilevkivskyi, JelleZijlstra, jukkal, srittau", + "state": "revalidate", + "alerts": [ + { + "key": "QZl9rzyoaohvuPoXRslwO0KUY6pA0O4BykHo9Dv3A4vU", + "type": 19, + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py" + }, + { + "key": "Q_PjpX_pemSbReEkwNhWauOEc8ryJMt7CCLx-ZkdOTm4", + "type": 63, + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py" + }, + { + "key": "Qm5Bx7H68ptFVcDI2xHjBvjVOuol5O63ptjFIKTtOR4c", + "type": 81, + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py" + }, + { + "key": "QT1sAoYM4EK_J2kXIiMBAQ9QQ7oz6bVdmszZZujOFDKU", + "type": 16, + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QT1sAoYM4EK_J2kXIiMBAQ9QQ7oz6bVdmszZZujOFDKU", + "type": 16, + "file": "typing_extensions-4.12.2/src/typing_extensions.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15917547152" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15917547152" + ] + }, + "id": "15596422235", + "type": "pypi", + "name": "typing-extensions", + "files": "QfIEEOfhc_0YTcUktn06r093KbQweOBs6IszF70aDqvo", + "version": "4.12.2", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98156816 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "0BSD AND PSF-2.0 AND Python-2.0", + "size": 151904, + "author": "guido, hauntsaninja, ilevkivskyi, JelleZijlstra, jukkal, srittau", + "state": "revalidate", + "alerts": [ + { + "key": "QrDZOeUTQbFuth1KQrcKnyJMI-00l2ERdysiZQ4TLPS0", + "type": 16, + "file": "typing_extensions.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15835012723", + "type": "pypi", + "name": "django-filter", + "files": "Q9yXzm6lRSf6SfNEE8ZWW_a1PTuTxXPjKiNsphfthOaw", + "version": "24.3", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 640861, + "author": "alexgaynor, carltongibson", + "state": "revalidate", + "alerts": [ + { + "key": "QmKh-SHwYIC1fcMhAD3geBRF95EaVZQfs0oLvGXX97aA", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/cs/LC_MESSAGES/django.mo" + } + }, + { + "key": "QnsH5ITmd2PjindKY8pjsWAHpo-5Xzzeu7XBAPcksTZ4", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/zh_CN/LC_MESSAGES/django.mo" + } + }, + { + "key": "QpZZOq4VyE4kguTGhMd5RXHN8RrE4RBnxTHld3rmFFsY", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/de/LC_MESSAGES/django.mo" + } + }, + { + "key": "QSRv8POdNm5_Z8xZj3fBKgYEtfyvqGPy16FKNWY-gj0k", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/sk/LC_MESSAGES/django.mo" + } + }, + { + "key": "QytnfjWgr6ckpN3yP4hfzZkuN4XgxHxW_HF3NycxkFGA", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/ru/LC_MESSAGES/django.mo" + } + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": 16, + "file": "django_filter-24.3/django_filters/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": 16, + "file": "django_filter-24.3/runtests.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": 16, + "file": "django_filter-24.3/runshell.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1YFfS6Vp1YO5b76UkGrGSjC2JsenP_58z43eM42INUk", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/el/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q5lH_HMx8NLesk9GmX9f_F58S9pLFMI-WPQiHHmFunJo", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/ar/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q8cOX37NL42FvU1QyJty3U1M8vd-MCYeE2fIceOT1BzI", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/pl/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q9s_Bgdn1vGQ68GpnwIisr9gqPfYuiZws-ki1ai0oX_Q", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/it/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qbb6OU4MoyswfShTkIlpACMPOhg62T0DUaqGyCb0jpYI", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/es_AR/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qd03NB64Lfut8GMj-16Y_LSl8L-OipL132Jm_ABEV918", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/be/LC_MESSAGES/django.mo" + } + }, + { + "key": "QDgVJcpqdsmsOPlWo1fcBhlFzN13s5fwjz3ewY-ZYr6Q", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/bg/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qg5KBYLFgCIjhv-xqTIm8mxY3aZbtVawGLm2kn7TwoF8", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/nl/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qke1y-811BfSWKD3eBgP76i63QMc534grHIS0C2ClN0A", + "type": 25, + "props": { + "source": "django_filter-24.3/django_filters/locale/es/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qq2FEL03r3eznNGKrdHY5pSinOhAGQNHvsYyw-3r_6uQ", + "type": 81, + "file": "django_filter-24.3/tests/test_fields.py" + }, + { + "key": "Qq2FEL03r3eznNGKrdHY5pSinOhAGQNHvsYyw-3r_6uQ", + "type": 81, + "file": "django_filter-24.3/tests/test_filtering.py" + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": 16, + "file": "django_filter-24.3/tests/test_utils.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15835012724", + "type": "pypi", + "name": "django-filter", + "files": "Qm5A4U4kvURI9qBvcMcKE2aNvvRKeNZkHC3BieeLAH2A", + "version": "24.3", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 220500, + "author": "alexgaynor, carltongibson", + "state": "revalidate", + "alerts": [ + { + "key": "QZ7-6RCkzVafS4gMbHB9XYNzNFBGc-EwaXUzXtiLVmIs", + "type": 25, + "props": { + "source": "django_filters/locale/it/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q6u4SqCYhK7xlVjBY35OCKyOlFaWcJn1CIu5uXfn3f5s", + "type": 25, + "props": { + "source": "django_filters/locale/ar/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q8Ubvd4nvG-Gy0y0yP93dZVR4ZuOkpf0I40idjKjAKRM", + "type": 25, + "props": { + "source": "django_filters/locale/bg/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q9gsE1XyGC4MX7AnSOtsre3Luv1ECUEwMsmMPGjBHCgU", + "type": 25, + "props": { + "source": "django_filters/locale/nl/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qacz2P24BIynfqOFZLquDaaf0QnDf7a3fh-JhTFbWpD0", + "type": 25, + "props": { + "source": "django_filters/locale/ru/LC_MESSAGES/django.mo" + } + }, + { + "key": "QCaXgevdwhnggfmm48lApWMuhgOCaZ-xSyWO1xCbtdss", + "type": 25, + "props": { + "source": "django_filters/locale/sk/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q422RnVP4KBGprXwwk06k76ZvIoHAclFlj-r2eCJ6_g0", + "type": 16, + "file": "django_filters/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QirhIZwFYb1_R_4YfyVrOzCU0mMf4W75KfzpMl79xkmk", + "type": 25, + "props": { + "source": "django_filters/locale/es/LC_MESSAGES/django.mo" + } + }, + { + "key": "QKGvR9k4Y6GiBXYsy9BMMjrR6vT7sDDApY6b9nAO1x3k", + "type": 25, + "props": { + "source": "django_filters/locale/cs/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qn5DJ8hXj51l5TwQrkwBpFsrXV7IVYOj7yQSBalHZdiY", + "type": 25, + "props": { + "source": "django_filters/locale/el/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qo_kRqCOt1JHWuWy3AiUKaqrdE6UHd-UBDIVcR1PjYVg", + "type": 25, + "props": { + "source": "django_filters/locale/zh_CN/LC_MESSAGES/django.mo" + } + }, + { + "key": "QOWew6TBhp1eTrWJXClieb8fenUGyjYjPbDg8rOgv1qQ", + "type": 25, + "props": { + "source": "django_filters/locale/be/LC_MESSAGES/django.mo" + } + }, + { + "key": "QRKaGOsiPY75gdL_loc8F9YROPZO3RbVunjy2Jo4NdCk", + "type": 25, + "props": { + "source": "django_filters/locale/de/LC_MESSAGES/django.mo" + } + }, + { + "key": "QxdHIkdD4ZeLWVYVFsS2rmRaNBBHLCTgEU5yNgZgmGoE", + "type": 25, + "props": { + "source": "django_filters/locale/es_AR/LC_MESSAGES/django.mo" + } + }, + { + "key": "QYHN7rIbG467lGvzpOBnsFu6SPQQLnDxVooyQc-rUdTU", + "type": 25, + "props": { + "source": "django_filters/locale/pl/LC_MESSAGES/django.mo" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15841982955", + "type": "pypi", + "name": "flake8", + "files": "Q8ad_1ARlsKSxrzcHguBTdl-D-5EiBVxBwqLjC3_VNVU", + "version": "7.1.1", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96375656 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 174570, + "author": "asottile, graffatcolmingov", + "state": "revalidate", + "alerts": [ + { + "key": "QDcuo4-5Rdq2P0tLV9tbWXEXdccTt4ds_0slTZWMQ55g", + "type": 19, + "file": "flake8-7.1.1/src/flake8/processor.py" + }, + { + "key": "QDcuo4-5Rdq2P0tLV9tbWXEXdccTt4ds_0slTZWMQ55g", + "type": 19, + "file": "flake8-7.1.1/src/flake8/formatting/base.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15841982956", + "type": "pypi", + "name": "flake8", + "files": "Qd9CpxsY9vhmMyUwnl7deMk6QoQrb4Sfp-tCavLK9WNE", + "version": "7.1.1", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96375656 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 168129, + "author": "asottile, graffatcolmingov", + "state": "revalidate", + "alerts": [ + { + "key": "QNEbSfWQK40sd1U6ALxjUcfYzIcAkRHCcMxexx07RDxQ", + "type": 19, + "file": "flake8/processor.py" + }, + { + "key": "QNEbSfWQK40sd1U6ALxjUcfYzIcAkRHCcMxexx07RDxQ", + "type": 19, + "file": "flake8/formatting/base.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15835012723" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15835012723" + ] + }, + "id": "15846969774", + "type": "pypi", + "name": "furo", + "files": "Q3OXqG3puXg1pgGUGl-w_2hESFNFkgmo-Tc4zFCOXFKA", + "version": "2024.8.6", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.8639536, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.6, + "overall": 0.8639536 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND CC-BY-SA-4.0 AND MIT", + "size": 2142194, + "author": "pradyunsg", + "state": "revalidate", + "alerts": [ + { + "key": "QwSMuYAt5uqLeFwizP7owGZiK6rswuCnVrhGUFowKGvA", + "type": 47, + "file": "furo-2024.8.6/src/furo/assets/scripts/furo.js" + }, + { + "key": "QnIi5FORDFrKB65XrQVs_FtTNQiQCtdb80y0HtLPn7HA", + "type": 16, + "file": "furo-2024.8.6/src/furo/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0wgwo1gHpd1o7TRd0I5mOVelfBfyyP3nldb5R0Udb6s", + "type": 19, + "file": "furo-2024.8.6/src/furo/__init__.py" + }, + { + "key": "QnIi5FORDFrKB65XrQVs_FtTNQiQCtdb80y0HtLPn7HA", + "type": 16, + "file": "furo-2024.8.6/noxfile.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnIi5FORDFrKB65XrQVs_FtTNQiQCtdb80y0HtLPn7HA", + "type": 16, + "file": "furo-2024.8.6/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw6lmosi4VKZOblEsX85SoYhW3BYje72uQc1nxAU6Ycw", + "type": 15586191, + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/generic.rst" + } + }, + { + "key": "Qq_Kcuvt9DV220z5hbM1teIe_Y8WBHfvp-UDIWEc4ve0", + "type": 15586191, + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/admonitions.rst" + } + }, + { + "key": "QMdWr6deYH6MR0_AyIhI_OoCvln3NyEZQnExabC6OSg8", + "type": 15586191, + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/api.rst" + } + }, + { + "key": "QKoBc99gmeqbmzMS3gMRqPMnPAwjFUlaui1THdXKRFkc", + "type": 15586191, + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/images.rst" + } + }, + { + "key": "QJATmwMZgTHxfQ0HSKQwShy56Fl4kkPNWH18u4PydEmk", + "type": 15586191, + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/blocks.rst" + } + }, + { + "key": "Q1N1DlhM9O_b0JDL1w_FgpWwI4pInuGk00bGqLwP2B-g", + "type": 15586191, + "props": { + "location": "furo-2024.8.6/docs/license.rst" + } + }, + { + "key": "Q2HSkFonqGtcRMwzsJKXIM76Z8ACn-mw_s_DHFvfn2BA", + "type": 15586174, + "props": { + "licenseId": "CC-BY-SA-4.0" + } + }, + { + "key": "QdAgJqpgHnrF0ckRL-OFMPY40XIkLtMKikAKRYNTJLWY", + "type": 63, + "file": "furo-2024.8.6/tests/workflow/test_sphinx_versions.py" + }, + { + "key": "QwSMuYAt5uqLeFwizP7owGZiK6rswuCnVrhGUFowKGvA", + "type": 47, + "file": "furo-2024.8.6/src/furo/assets/scripts/gumshoe-patched.js" + }, + { + "key": "QMxZwK-106w3hB1kqM9_jcIYQxDadiTMrZSj4UU299zs", + "type": 15586118, + "props": { + "licenseId": "CC-BY-SA-4.0" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15835012723" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15835012723" + ] + }, + "id": "15846969775", + "type": "pypi", + "name": "furo", + "files": "Q7fD9VfCURPg92QLs4Xxseg7vUAxT0DRjJTNv3UTCIiw", + "version": "2024.8.6", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.8768332, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.8768332 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "AFL-1.1 AND MIT", + "size": 328417, + "author": "pradyunsg", + "state": "revalidate", + "alerts": [ + { + "key": "QYVXpVIKvsfWg_VTDEdLEG0KYRMGRcWaUM8xsbytz6J4", + "type": 47, + "file": "furo/assets/scripts/gumshoe-patched.js" + }, + { + "key": "QYVXpVIKvsfWg_VTDEdLEG0KYRMGRcWaUM8xsbytz6J4", + "type": 47, + "file": "furo/assets/scripts/furo.js" + }, + { + "key": "Q6GyTYqE8KYDqr0n_bfAzGFzJt8l3u2clPy-CeqHDK54", + "type": 16, + "file": "furo/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrrVgkuTZvT0XITvGyFRBkge2s1UfgV0fAHK7kO2HGVk", + "type": 19, + "file": "furo/__init__.py" + }, + { + "key": "QTkXjzclJ20b5IutAmOD9l9xdJpPBrZTCH_vpoXxpLEw", + "type": 15586191, + "props": { + "location": "furo/theme/furo/static/scripts/furo.js.LICENSE.txt" + } + }, + { + "key": "Q8QUBthxDIK30kFCUsZzUX6IIiX-9pAla-i0lRGcxK6o", + "type": 81, + "file": "furo/theme/furo/static/scripts/furo.js" + }, + { + "key": "QYVXpVIKvsfWg_VTDEdLEG0KYRMGRcWaUM8xsbytz6J4", + "type": 47, + "file": "furo/theme/furo/static/scripts/furo.js" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544293", + "type": "pypi", + "name": "lxml", + "files": "QZY0ihct1LWP-BZAxQZaY9sOWYaPguzuMhiuK73_ENbs", + "version": "5.3.0", + "artifact_id": "cp310-cp310-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 18313156, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q6srGqMMTsZpb4leZuOcBVG6N92QLoncN68ITYp_iIH0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qa6w9rh5rjIuj3ggiVWLWgPf-0xPUbYGV6XzlfdQdknI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-darwin.so" + } + }, + { + "key": "QBOVD--_78M2_4wMBNnJe35MYmxCBkO4knR6WIKQgvlY", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-darwin.so" + } + }, + { + "key": "Qmp0SPwcPwTbXaPxrGWMrcvUc87dNHVuGThGCQkjQFmo", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-darwin.so" + } + }, + { + "key": "QnHsJWWa1byY0bDR-D93MGos7KRsQSeXRhE9oxyTKKSo", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-darwin.so" + } + }, + { + "key": "QnIDMZjRLTU110oR_wPD6YaKG1b2zG6Q_YTNdYHRVwSY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-darwin.so" + } + }, + { + "key": "QY9wr041B6NOXqOgPEIApxjVuGec8nlfpWo4HKjQCgto", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qni3qkjanD90nZe_y4h3oNmY-OR3TPPOSvKpYYAsnOrM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6srGqMMTsZpb4leZuOcBVG6N92QLoncN68ITYp_iIH0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6srGqMMTsZpb4leZuOcBVG6N92QLoncN68ITYp_iIH0", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544294", + "type": "pypi", + "name": "lxml", + "files": "QfweiG2OlRbMNjY-TweyKXXlyztusbndndwfFvkDtujA", + "version": "5.3.0", + "artifact_id": "cp310-cp310-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10156880, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QBOVD--_78M2_4wMBNnJe35MYmxCBkO4knR6WIKQgvlY", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-darwin.so" + } + }, + { + "key": "Qmp0SPwcPwTbXaPxrGWMrcvUc87dNHVuGThGCQkjQFmo", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-darwin.so" + } + }, + { + "key": "QnHsJWWa1byY0bDR-D93MGos7KRsQSeXRhE9oxyTKKSo", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-darwin.so" + } + }, + { + "key": "QnIDMZjRLTU110oR_wPD6YaKG1b2zG6Q_YTNdYHRVwSY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-darwin.so" + } + }, + { + "key": "QY9wr041B6NOXqOgPEIApxjVuGec8nlfpWo4HKjQCgto", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QCpvUNgMbiRJVUmwBbS6Ml698D7_0Gt7bFEHZGsoofXo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QCpvUNgMbiRJVUmwBbS6Ml698D7_0Gt7bFEHZGsoofXo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QCpvUNgMbiRJVUmwBbS6Ml698D7_0Gt7bFEHZGsoofXo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpahF63pEphu_XVLjn6VVROwlpZhHA0xRvo0U_JmESQ0", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qa6w9rh5rjIuj3ggiVWLWgPf-0xPUbYGV6XzlfdQdknI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544295", + "type": "pypi", + "name": "lxml", + "files": "QE8tmH-RG1uHDkFBVBX92rt7hw5LV8F9r6DXOJbjDhjY", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12058914, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q4awh5MbhD3dk4uX7_yWHzmBcrEzWNFy93P9dkzDGuS4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QINsGyg4y53jGzRtdgINC54H8TsizJhH6zkNPSUQev54", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QPOg2AIgsao0FpdaU97_6fZwVR558NK-iA_Wk01OaxR4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QYaJ5PL78GjtH4RjzPC7zEWVkvymQb3w-f5m0p-9uRvI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QOZiaeF5yc-ESu8q0Q1hPx27JxUhfWi_BabPP0JPVfiA", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QOZiaeF5yc-ESu8q0Q1hPx27JxUhfWi_BabPP0JPVfiA", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QOZiaeF5yc-ESu8q0Q1hPx27JxUhfWi_BabPP0JPVfiA", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRs1TqEcwHdzvyv6buocSuwKDVKx44M9wSAsT_Y2ecj4", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QCIjxSzYuTNI7ffzYqgpe0emiwuxBM4aRB2gyQExTscY", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QbHPF_Mvp4Or-bo9VvxrzQ8_gJCURLTpxruXtXRx8NtE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544296", + "type": "pypi", + "name": "lxml", + "files": "Q7T5b5zICG7eikHtfDdeo713l-PitrSdyECAjynTL-ec", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11110313, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q9nue1L-BO5e6iKDZeCthjK48_7wOtFdVA1nfInhp8nQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFnSOOL0vjFPCzqJeLvC5UFeKxYHlDN36Q3rtaCdRHQY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2IC03-976hJb4If_pEEkQnLKPn6u9ro6KnlBYP_WYnQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QIJ2rw27g_-5QHNgjPyD_Q-KvjnzbpY1F6BdnXfOx14M", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QlurtVzbUNJ-Pf-l_cLlI_ctBX79XMadr3hwefXz3WOk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QLZ5m45nq0vLRXNJIb1WuEWwwIJ030ZJb57GZHMcS0BI", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QovqStE-zjHEYLxJMYdCSo6viiE0p526hVYintMe3XqE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QUnBL4Z3mxM69aMkxchw1BkKVRLplVcxiLVIuPUxlhaE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q9nue1L-BO5e6iKDZeCthjK48_7wOtFdVA1nfInhp8nQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q9nue1L-BO5e6iKDZeCthjK48_7wOtFdVA1nfInhp8nQ", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544297", + "type": "pypi", + "name": "lxml", + "files": "QhJQKzBRhzCTvsu7w9VF-MuLR6hnQhyl8jOgc0Rpx2Ak", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13469705, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QYWC1Pdk6VN6G6kRt7vRn1i3Rb0HfGQmTsqzt7vmsrss", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qg8XXlyvLh26X4YFmGnUlM4XjUJ_i2ehQkYklLA5zt3g", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q4ApqHMCmm1yXZ9OR5ePLEpUjnvJZ3VbVwYEX7weXMAg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q-xvtYeoV97DxspGG_HeHG6QWTEEv7gc5iUaJ5KWdGmU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QGrph2C9GXQRq_IC0F0nveQW4E-iDyriqylQPs1zN0m4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QHBosHm0akaYSPKzhFIN4g7vVlQmfptV1rP2CsX25IwE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qo5oGIU9ubs_zQOXj836S0C2Kw5zQ0cAeKhZ9yoiyr6A", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QAdu2dgPuyxcoV4LYop5CCn9myNAKDKBRCwyxqczC50o", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QAdu2dgPuyxcoV4LYop5CCn9myNAKDKBRCwyxqczC50o", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QAdu2dgPuyxcoV4LYop5CCn9myNAKDKBRCwyxqczC50o", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": 19, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544298", + "type": "pypi", + "name": "lxml", + "files": "QBuW3L82OSBtgHXK0IkYWVv7zsDFYgzJ_-GLvVLIKHjk", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11781921, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_PBexyhIqBR0yFbimbJgnaeKqTBESXniWgGJX9z73nY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_PBexyhIqBR0yFbimbJgnaeKqTBESXniWgGJX9z73nY", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q7PSrjH6KbE8YvXmZ_LIWDkzcjzpkQTDwpLsy8TbCyeg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q_PBexyhIqBR0yFbimbJgnaeKqTBESXniWgGJX9z73nY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QTtjhrQTCW5ZWKM5ew__agwWfaKqpZbnmcXiHUmpg9DA", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QMf7WeqkQhC5WZF-DdagQZBhysayanejyFXI2npHF0Hk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qm3NHkyWCWk1nmyr4GYFkEgm0AsywTC_tjuia_1MbqBA", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QD64cOGc1z_jm9plQ-oLcXboyDA-Y-OjBGsQ8kUf9Bno", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qbi4triD4-HeFXq0QkowiWdIH6-gNfc19j4hn7dtpHq4", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qb6-5vIfhyu0eF3cXWBIyBD5MDAw1sICN2wFfLyzfHF8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-s390x-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544299", + "type": "pypi", + "name": "lxml", + "files": "QZRSYl1HVePtZXReXmh2GK7K6hOFybxpPsmMqg5IhXUY", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11413089, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QkMvDuqGQ7CZGj4_06jgYTGlSRN-kZ9hN6wj_PeSLiOQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qq93lIDVH1peiFsFPloMoVNDMxpEgKGjj_Ffirbb50dk", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qq93lIDVH1peiFsFPloMoVNDMxpEgKGjj_Ffirbb50dk", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qq93lIDVH1peiFsFPloMoVNDMxpEgKGjj_Ffirbb50dk", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQ_n2L-q3Aan5BTh8zFOBFt6Zi0mreNSVe4ujcsbDzlQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlEhETAav7e7Ed9eukWSs4b-zw_R1IJ8o11-g5msgPkI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgI97dqYubBoRGNiaZk4Zz_NfXKBSjnwHKLmi8kXfF9g", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdE3JWaHrTR5uvPbvuTSAPVJ-CJrt27LiOmS-lzEjc58", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCylX92p2p3vT1jhHXnX9WMLUmSDOxVjPmUH_CzGok5o", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBMmIzwvC9cBDdsODjD6FhYEfr-R1YRsuNaqZR-43QRc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544300", + "type": "pypi", + "name": "lxml", + "files": "QO7uERhKafs0A8wPFGyu5m8cvtdVLpB_gv86BwC76iJ4", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11045570, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QSp7-VtGf2lQwkXN0oo-LPnXyhCQhFJ0iJjbN_dTnOl0", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QUYd9tCDrBgkvaRGgElG5lNKVfAt4fEX4NQPfPA-eakM", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QUYd9tCDrBgkvaRGgElG5lNKVfAt4fEX4NQPfPA-eakM", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QUYd9tCDrBgkvaRGgElG5lNKVfAt4fEX4NQPfPA-eakM", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QLZ5m45nq0vLRXNJIb1WuEWwwIJ030ZJb57GZHMcS0BI", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QlurtVzbUNJ-Pf-l_cLlI_ctBX79XMadr3hwefXz3WOk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QIJ2rw27g_-5QHNgjPyD_Q-KvjnzbpY1F6BdnXfOx14M", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QovqStE-zjHEYLxJMYdCSo6viiE0p526hVYintMe3XqE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2IC03-976hJb4If_pEEkQnLKPn6u9ro6KnlBYP_WYnQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QUnBL4Z3mxM69aMkxchw1BkKVRLplVcxiLVIuPUxlhaE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544301", + "type": "pypi", + "name": "lxml", + "files": "Q6mS-r_fT66DcV4F5Ih47l6cUw4zOw75P0I9D4mA2r7o", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-28-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 14060194, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q-xvtYeoV97DxspGG_HeHG6QWTEEv7gc5iUaJ5KWdGmU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QuJcUstq2xSqslA-84SIf8oARrOdIw0r3pHSUKeuZgf0", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q4Q9fOwvebqWhiPh9LbbEMb7Y2d9EJy5GHQdiP2xz3kQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4Q9fOwvebqWhiPh9LbbEMb7Y2d9EJy5GHQdiP2xz3kQ", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4Q9fOwvebqWhiPh9LbbEMb7Y2d9EJy5GHQdiP2xz3kQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYWC1Pdk6VN6G6kRt7vRn1i3Rb0HfGQmTsqzt7vmsrss", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qo5oGIU9ubs_zQOXj836S0C2Kw5zQ0cAeKhZ9yoiyr6A", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QHBosHm0akaYSPKzhFIN4g7vVlQmfptV1rP2CsX25IwE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QGrph2C9GXQRq_IC0F0nveQW4E-iDyriqylQPs1zN0m4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4ApqHMCmm1yXZ9OR5ePLEpUjnvJZ3VbVwYEX7weXMAg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544302", + "type": "pypi", + "name": "lxml", + "files": "Q6D4aefhMsvZTGZfcpEI1CeJIIzod-d7yaLXvWvUDIdY", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-28-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11999628, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QMf7WeqkQhC5WZF-DdagQZBhysayanejyFXI2npHF0Hk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qm3NHkyWCWk1nmyr4GYFkEgm0AsywTC_tjuia_1MbqBA", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QD64cOGc1z_jm9plQ-oLcXboyDA-Y-OjBGsQ8kUf9Bno", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qbi4triD4-HeFXq0QkowiWdIH6-gNfc19j4hn7dtpHq4", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qb6-5vIfhyu0eF3cXWBIyBD5MDAw1sICN2wFfLyzfHF8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qzhcv7bdfXlmZECOssJ2Rx5UFpmacDhSjd-E7GnNWbq8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qzhcv7bdfXlmZECOssJ2Rx5UFpmacDhSjd-E7GnNWbq8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qzhcv7bdfXlmZECOssJ2Rx5UFpmacDhSjd-E7GnNWbq8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QV_4qHoZ7QrcW_pLaWCRffxkMHuewrch0rgGpx8zkwIU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QTtjhrQTCW5ZWKM5ew__agwWfaKqpZbnmcXiHUmpg9DA", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-s390x-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544303", + "type": "pypi", + "name": "lxml", + "files": "QKc-vIwNNTanb-8stNlUHBI5Fms-Pp1ya0HXcqPzEgiE", + "version": "5.3.0", + "artifact_id": "cp310-cp310-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11323451, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q01PWc03XfVkYwM7DA4Tc8gevVFx6Yzq4qrr-NiuORA0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q01PWc03XfVkYwM7DA4Tc8gevVFx6Yzq4qrr-NiuORA0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQ_n2L-q3Aan5BTh8zFOBFt6Zi0mreNSVe4ujcsbDzlQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlEhETAav7e7Ed9eukWSs4b-zw_R1IJ8o11-g5msgPkI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgI97dqYubBoRGNiaZk4Zz_NfXKBSjnwHKLmi8kXfF9g", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdE3JWaHrTR5uvPbvuTSAPVJ-CJrt27LiOmS-lzEjc58", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCylX92p2p3vT1jhHXnX9WMLUmSDOxVjPmUH_CzGok5o", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBMmIzwvC9cBDdsODjD6FhYEfr-R1YRsuNaqZR-43QRc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QGr_GaSA2U-27eObO4YYWha-P2CLh2IstM34MYllZtqU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q01PWc03XfVkYwM7DA4Tc8gevVFx6Yzq4qrr-NiuORA0", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544304", + "type": "pypi", + "name": "lxml", + "files": "QvPoGK6APojRgTfhsSg_9HehnY5cd7XoAWzKV_Da6zVY", + "version": "5.3.0", + "artifact_id": "cp310-cp310-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11216177, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QlurtVzbUNJ-Pf-l_cLlI_ctBX79XMadr3hwefXz3WOk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QNxYznsx88nY0HrAtp4Z99YsCn8IgfO-MBV-vqR7pm6g", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QmYAFXzKgQsY2z01Z29cPOHAbnOTTQMO6ypu8s_LAdIE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QIJ2rw27g_-5QHNgjPyD_Q-KvjnzbpY1F6BdnXfOx14M", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QmYAFXzKgQsY2z01Z29cPOHAbnOTTQMO6ypu8s_LAdIE", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QmYAFXzKgQsY2z01Z29cPOHAbnOTTQMO6ypu8s_LAdIE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2IC03-976hJb4If_pEEkQnLKPn6u9ro6KnlBYP_WYnQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QUnBL4Z3mxM69aMkxchw1BkKVRLplVcxiLVIuPUxlhaE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QovqStE-zjHEYLxJMYdCSo6viiE0p526hVYintMe3XqE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QLZ5m45nq0vLRXNJIb1WuEWwwIJ030ZJb57GZHMcS0BI", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544305", + "type": "pypi", + "name": "lxml", + "files": "QM-63lnRFLB8FiHdA-dG9dqPLm9hp-WhU2D8h_QmXVnk", + "version": "5.3.0", + "artifact_id": "cp310-cp310-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13838049, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYWC1Pdk6VN6G6kRt7vRn1i3Rb0HfGQmTsqzt7vmsrss", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qo5oGIU9ubs_zQOXj836S0C2Kw5zQ0cAeKhZ9yoiyr6A", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QHBosHm0akaYSPKzhFIN4g7vVlQmfptV1rP2CsX25IwE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QGrph2C9GXQRq_IC0F0nveQW4E-iDyriqylQPs1zN0m4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4ApqHMCmm1yXZ9OR5ePLEpUjnvJZ3VbVwYEX7weXMAg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q-xvtYeoV97DxspGG_HeHG6QWTEEv7gc5iUaJ5KWdGmU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QmGCQx1d4jJ50uyRx0hLH3L_XhnjYCSBL4WLRnbdKzB8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qkkf_Zago8KHRKzKVjGQnEWfL93vEntcvCwLzvy-PeQg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QmGCQx1d4jJ50uyRx0hLH3L_XhnjYCSBL4WLRnbdKzB8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QmGCQx1d4jJ50uyRx0hLH3L_XhnjYCSBL4WLRnbdKzB8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544306", + "type": "pypi", + "name": "lxml", + "files": "QP3QMOC9CTmg3l18y180KkiJHkYmBudFWNdK6SqZZ14E", + "version": "5.3.0", + "artifact_id": "cp310-cp310-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12264739, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QXKWZRHO-AGMCG_zgPuhJ4DwSS85t02mme_jFxhryb0Q", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qm3NHkyWCWk1nmyr4GYFkEgm0AsywTC_tjuia_1MbqBA", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QMf7WeqkQhC5WZF-DdagQZBhysayanejyFXI2npHF0Hk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QTtjhrQTCW5ZWKM5ew__agwWfaKqpZbnmcXiHUmpg9DA", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q_KP01TF-tOp6MDFUVUsGtUf1ivzaO0QDzMVXAcYytv8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_KP01TF-tOp6MDFUVUsGtUf1ivzaO0QDzMVXAcYytv8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qb6-5vIfhyu0eF3cXWBIyBD5MDAw1sICN2wFfLyzfHF8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QD64cOGc1z_jm9plQ-oLcXboyDA-Y-OjBGsQ8kUf9Bno", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Q_KP01TF-tOp6MDFUVUsGtUf1ivzaO0QDzMVXAcYytv8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qbi4triD4-HeFXq0QkowiWdIH6-gNfc19j4hn7dtpHq4", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-s390x-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544307", + "type": "pypi", + "name": "lxml", + "files": "QpKY6JraoGI4f4Ap_cnq07kQar1PKrdK40NcBUaLGJFQ", + "version": "5.3.0", + "artifact_id": "cp310-cp310-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11449794, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QgI97dqYubBoRGNiaZk4Zz_NfXKBSjnwHKLmi8kXfF9g", + "type": 25, + "props": { + "source": "lxml/sax.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QpIZg67snFJTkVtGucUi09nVw6580nGcK1mXIoa1xDTE", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QacS4q_89S64NrGZWGZO7YQxy2Ia3AuM21p3WZYpQ5Eo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QacS4q_89S64NrGZWGZO7YQxy2Ia3AuM21p3WZYpQ5Eo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QacS4q_89S64NrGZWGZO7YQxy2Ia3AuM21p3WZYpQ5Eo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQ_n2L-q3Aan5BTh8zFOBFt6Zi0mreNSVe4ujcsbDzlQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlEhETAav7e7Ed9eukWSs4b-zw_R1IJ8o11-g5msgPkI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdE3JWaHrTR5uvPbvuTSAPVJ-CJrt27LiOmS-lzEjc58", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCylX92p2p3vT1jhHXnX9WMLUmSDOxVjPmUH_CzGok5o", + "type": 25, + "props": { + "source": "lxml/etree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBMmIzwvC9cBDdsODjD6FhYEfr-R1YRsuNaqZR-43QRc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544308", + "type": "pypi", + "name": "lxml", + "files": "Q0WC1NSVM5oci00G-_sdSuC9EzJB0THHEr9R7NxCL49s", + "version": "5.3.0", + "artifact_id": "cp310-cp310-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8499678, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QFv-DYQQ1VA_u2mb9zsLMZK9sjsT0BCoMGHM9Gg4_9IA", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFv-DYQQ1VA_u2mb9zsLMZK9sjsT0BCoMGHM9Gg4_9IA", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QFv-DYQQ1VA_u2mb9zsLMZK9sjsT0BCoMGHM9Gg4_9IA", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QaVw32JfQ2kGhEpVOwk3muofUv657F0vKp95yKoIf9gU", + "type": 25, + "props": { + "source": "lxml/etree.cp310-win_amd64.pyd" + } + }, + { + "key": "Qg1kcTBmnYxW6St9GZ-YQJYItS8jfSMY9PV-oN9pi-lE", + "type": 25, + "props": { + "source": "lxml/html/diff.cp310-win_amd64.pyd" + } + }, + { + "key": "Qit93gBonekrLOBN_CbqfZdwVp4NWOSLaVPtLQEunNXU", + "type": 25, + "props": { + "source": "lxml/builder.cp310-win_amd64.pyd" + } + }, + { + "key": "QM9TB85IsEmrwPlJyHnxCmVBYZcJ2sgdVc8WdbNItQHw", + "type": 25, + "props": { + "source": "lxml/sax.cp310-win_amd64.pyd" + } + }, + { + "key": "QRw9PCGih6letVq9atTjg9vvBj92ifmPEm0YgM76G-hU", + "type": 25, + "props": { + "source": "lxml/objectify.cp310-win_amd64.pyd" + } + }, + { + "key": "Qxgw69AZYdqHKQKR7kg2O3kohDVNHikR7FEDOkBy3co0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp310-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qvmk1Aq0hZhGpwg0ULp0-7ctJD9aLH57m9GwhuQAM12c", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544309", + "type": "pypi", + "name": "lxml", + "files": "QuO9quHp4-fqBN4tNbzvqR8pAIuvDTr0knDhwMxAfvWA", + "version": "5.3.0", + "artifact_id": "cp310-cp310-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7665137, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QdyvFn9GT_m-y6nEnBPKjooclRwjxweRTiA3g69DJv00", + "type": 25, + "props": { + "source": "lxml/builder.cp310-win32.pyd" + } + }, + { + "key": "QIBwJv9oON11oVDyCQM3uZ06MTE_0xAotkOexZwNljo4", + "type": 25, + "props": { + "source": "lxml/html/diff.cp310-win32.pyd" + } + }, + { + "key": "QKIGEDz94qtpcjpq2T37JtWRjK70j8Sz1j5oR6vRrEQs", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp310-win32.pyd" + } + }, + { + "key": "QlHfj-Xlpraopu0gBpMfThGB_wcmG4uQC0esGicmHlYc", + "type": 25, + "props": { + "source": "lxml/sax.cp310-win32.pyd" + } + }, + { + "key": "Qw5UNQjQoeFWbAvJqR0CGrcBlwhXsXHmE2RRhfOZar-0", + "type": 25, + "props": { + "source": "lxml/objectify.cp310-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QxMQOxLoM3b2S5q0YkuyCtXV5RUiLWmZwpPAwNr78vJo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QxMQOxLoM3b2S5q0YkuyCtXV5RUiLWmZwpPAwNr78vJo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QAV5dHkYyW9Lg4-kk6uG5DOv-lzyIInooWoeTaglbVvw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QxMQOxLoM3b2S5q0YkuyCtXV5RUiLWmZwpPAwNr78vJo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QIBEaYQJpLV3ay_rT_E6Zkedamu2yZNReFzsHbhei1HQ", + "type": 25, + "props": { + "source": "lxml/etree.cp310-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544310", + "type": "pypi", + "name": "lxml", + "files": "QaHutXZsa3AneYN_XV3LjVvP6eEPk4MdOzZ8Q1xGgCLg", + "version": "5.3.0", + "artifact_id": "cp311-cp311-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 18362900, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QMGml6Nt0RQv850n-kYmHcCAJIZtG-qO3X43kZn9EYtw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMGml6Nt0RQv850n-kYmHcCAJIZtG-qO3X43kZn9EYtw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_MDOcx2P1i5UlTJ3SM1pY8UA1PioI6ajxOPunZARET8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-darwin.so" + } + }, + { + "key": "Q1rtNnzQn0XjrmkgqNZE_0OMs0fMxH1t092q2mej6nmE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-darwin.so" + } + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMGml6Nt0RQv850n-kYmHcCAJIZtG-qO3X43kZn9EYtw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvoEAi3Rf0RkOqNAmht3dPaaroaxj_4lAeJbAl56DoX0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-darwin.so" + } + }, + { + "key": "QUaqy6YEFJFwZ0YkgGOoCtN-Kngj35UMlyPwToNTZC_I", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-darwin.so" + } + }, + { + "key": "QLG10tNDI0eHQpSgLPaWnGxVtSyvgcAjJIoDd0rSHIPA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-darwin.so" + } + }, + { + "key": "Qb9fcqC2xEyuSyNt1YiyZqSp-nebXIWkvfYnn6RNjrxM", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-darwin.so" + } + }, + { + "key": "QXQ1fC9ZzfxCRBIueRk4aTjbwMoIJv6EhYZBYCiDTM_A", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544311", + "type": "pypi", + "name": "lxml", + "files": "QtaZ7Gadc42xzK0NJnOXLn0kyifXFYKqbEdFVVDQXbSQ", + "version": "5.3.0", + "artifact_id": "cp311-cp311-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10194216, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q5B2KnyWGAMSGE9jCjBQCx9MyEq8QZTmnOj2v6IHxNws", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_MDOcx2P1i5UlTJ3SM1pY8UA1PioI6ajxOPunZARET8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-darwin.so" + } + }, + { + "key": "Q1rtNnzQn0XjrmkgqNZE_0OMs0fMxH1t092q2mej6nmE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-darwin.so" + } + }, + { + "key": "Qb9fcqC2xEyuSyNt1YiyZqSp-nebXIWkvfYnn6RNjrxM", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-darwin.so" + } + }, + { + "key": "QLG10tNDI0eHQpSgLPaWnGxVtSyvgcAjJIoDd0rSHIPA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-darwin.so" + } + }, + { + "key": "QUaqy6YEFJFwZ0YkgGOoCtN-Kngj35UMlyPwToNTZC_I", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-darwin.so" + } + }, + { + "key": "QvoEAi3Rf0RkOqNAmht3dPaaroaxj_4lAeJbAl56DoX0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnqoDLFC6O4C1ilObNU1wAsGwy_rEfs-ZLufbNG24C2g", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QnqoDLFC6O4C1ilObNU1wAsGwy_rEfs-ZLufbNG24C2g", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QnqoDLFC6O4C1ilObNU1wAsGwy_rEfs-ZLufbNG24C2g", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544312", + "type": "pypi", + "name": "lxml", + "files": "Qa9bgWjOs1XTmBYjgqD6CHulFeK6K9WdhAhoixmGa7Q4", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11935986, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QKQIvIkxFm5wgEpHeq3jSNJkwMrheLtcXY3tdABqEkhg", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QGz3afRZ6GxVkxpJYvuhTtwwx550Y9ZGebJsX4If_swY", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QWx_pSX-XUhWZWzdngJred_C5PmKM1t2Ytv3aytm0pS0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "Q51CpdkP_HrYtBxmgvZ0KpZ0MljsPs8R5RLd1TCNTJgU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QDejJ7DFnBm1x3jzr0auQx_ONAPoa6Amd9xNYxincGY8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QDejJ7DFnBm1x3jzr0auQx_ONAPoa6Amd9xNYxincGY8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvoSMi8k4tONzrPNxYiBMMC5PsCE_iWN3AqTtBOUJDfk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QuuVuGiEo0aJgRDWBaX5lAJqRgwKP2kRJFuBXmRwq5g4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QsBuXR4IeiOkc0JIT97HkeuZxei5CdGK6Fnhwk8W_x4E", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QDejJ7DFnBm1x3jzr0auQx_ONAPoa6Amd9xNYxincGY8", + "type": 47, + "file": "lxml/ElementInclude.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544313", + "type": "pypi", + "name": "lxml", + "files": "QsZuGrYTd7p5P-ZFP1eErmejs50JlbhzSw0_Mc11KczI", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11044793, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q-w8k6B1dZnwbcYk_VAv-LUplKc9bNxWlF506vmnyU-Q", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QVjJxZ5_MHXENMdPE87CbzG_kIpMRqPlUW0LyHcij6Xs", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qw8NOQ729uqH-noQ9NHnDvseVGGESqLp5nXEylWWchq4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Ql8C-ITY9WF2h33RWFZf-PfJnGLYw1fDxvpAl114QTKY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Ql8C-ITY9WF2h33RWFZf-PfJnGLYw1fDxvpAl114QTKY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Ql8C-ITY9WF2h33RWFZf-PfJnGLYw1fDxvpAl114QTKY", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QUMZek9yB0hnpGlj44szq0HIU27VViddXDA3FA_bt-UY", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QabEAbo4LfyZGao1Gmpx7S9-G2-3E88X5g3-WQz-1xFI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QK6OvtYg0KkXDDx2tNSQ52058VMuzq5kuIZpDfLDyKk8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QN8JCxtysh_wPriVh6E-OSOaa2uZF8OVKUkjGhl-IcUA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544314", + "type": "pypi", + "name": "lxml", + "files": "Q57RptpH4eOWKMEuF-93IVfwwr0Qf311ITpownlaiz7E", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13469737, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqUzGhvJFVfs4D3YL0oowwZNAApXz3-EMHlhdhFK332A", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QRuapMdgihx97JTF_JneFzubD4m1AnirdV71LVtpH_H8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qxa17SoDlrpHz5rg14Id02OOQXDAQ5yIABfHBM0ggv1k", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qgtk1Afof1nzzugeMuxhA-KUxq0pFXUQW0OcspvS_EPs", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QRu2HC9IsbSu7Mj7azt_8urJQkTVbSezwXZu5hovEd3I", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QRu2HC9IsbSu7Mj7azt_8urJQkTVbSezwXZu5hovEd3I", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRu2HC9IsbSu7Mj7azt_8urJQkTVbSezwXZu5hovEd3I", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q4DCXdrDGkD_bEPM_duMeM5LoT15Zum07SJEWEjt9uRU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QgQdzbjLRJE2TkDLtlXYFQzj4UcmDpFSNbHWEsd0szwc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9VtNuZhf2QGrFOx-QNzlKmrhgyRizZkeP5ihtYWkg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544315", + "type": "pypi", + "name": "lxml", + "files": "QGTGsMJI33Oksrt5rgLvnHgsYNa-6T19ByypaYk-OobU", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11781937, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q_p52mG6GvXsOkaE8KCR10rB0p9TQ-1wn7ReUYgHpK0w", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QaCt_2Q5DjLwP8nchBFAyfF-fEm1qj6XU4sQ4MqeUcL4", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QcRV7wpUZwnZ4PY4p7JHz-u0C7ov0zcLwa6rTjkwD694", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QFjhQ9OaO3T_PKE8iB7FytOpxwM36QrTL6LoF9sP2YUM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QnmHBSyRMmgemn0Q_f5fnEpESal9Tt_2qw2oixZxskEs", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QpbCVPoQKx4vcoaY1VQbOLrtYwHkfGzI_Avq0yDqh8Tk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QYfCuYOhiTE_koz0oAApLJ7PfKNDENmAYNq-9J4Crb6I", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q_p52mG6GvXsOkaE8KCR10rB0p9TQ-1wn7ReUYgHpK0w", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_p52mG6GvXsOkaE8KCR10rB0p9TQ-1wn7ReUYgHpK0w", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRcPbPJr1SUl3NtsAGfKmIXSTzuhbyQlhnjRsYdc3Sy8", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544316", + "type": "pypi", + "name": "lxml", + "files": "Q38GIjFWVnRDEkJbdacqG85PqdBa0_MayUWnxeqd8Jl4", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11286025, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QkIJUU8QvvFtWN0Xunxe97YLluZddDvpuTFdQ6QBChb8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q00xfArJHB3r1X8sFUg6RzDsRnIZbtcSMiwHWxFdp160", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QkIJUU8QvvFtWN0Xunxe97YLluZddDvpuTFdQ6QBChb8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QkIJUU8QvvFtWN0Xunxe97YLluZddDvpuTFdQ6QBChb8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QxQEukmfZlmrPUzmE2MIY49F2ODUYcCg3Ng4lSSyWd78", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QR6do_Am0t73gE9LAF4Np1GZ-tz7FBZmTP3J5C1UKKPk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QLnouvc9ljeXB70fJX26KO6I925nUmgfcqrg8yNzK-RE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QjY9x0QH996dQhdxEpccl4O5dNgjUL2v2G6a6BcvliTg", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QDQNIP2HfIrqru8N8sIq42M-0pJOny1B1l09ff1OOQWI", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd7L6oCQO2OzaKIe0YvtQcUU6C35m1lnzuPm0p9-MS00", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544317", + "type": "pypi", + "name": "lxml", + "files": "QatqNR5yNYB5SHjHXjtpf9ztawHPMbzgPix0B2LDKlBY", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11045490, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QEdoNXtoB-TCs85a7D5_RmGul_6vA_o6-6S8C7tbniQQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QEdoNXtoB-TCs85a7D5_RmGul_6vA_o6-6S8C7tbniQQ", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QEdoNXtoB-TCs85a7D5_RmGul_6vA_o6-6S8C7tbniQQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qyw4sBWhgCqG_-Ty6f2pPbDWo5ygUqxzD2n2IXWpWYPU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QabEAbo4LfyZGao1Gmpx7S9-G2-3E88X5g3-WQz-1xFI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QK6OvtYg0KkXDDx2tNSQ52058VMuzq5kuIZpDfLDyKk8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QN8JCxtysh_wPriVh6E-OSOaa2uZF8OVKUkjGhl-IcUA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QUMZek9yB0hnpGlj44szq0HIU27VViddXDA3FA_bt-UY", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QVjJxZ5_MHXENMdPE87CbzG_kIpMRqPlUW0LyHcij6Xs", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qw8NOQ729uqH-noQ9NHnDvseVGGESqLp5nXEylWWchq4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544318", + "type": "pypi", + "name": "lxml", + "files": "Q0bi6FtOvcXntAyDDoBmiUQgSkm6myYlkFWxojigaOTs", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-28-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 14125754, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qyctd8CJo2dLQUqALhk-PIsc5YON-7swO9sT2cEqWVzE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1e7Dz_olB5eFT2c0aSdsiEmegEu-6nHyYdFsGaGyUeg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qyctd8CJo2dLQUqALhk-PIsc5YON-7swO9sT2cEqWVzE", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qyctd8CJo2dLQUqALhk-PIsc5YON-7swO9sT2cEqWVzE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qxa17SoDlrpHz5rg14Id02OOQXDAQ5yIABfHBM0ggv1k", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QRuapMdgihx97JTF_JneFzubD4m1AnirdV71LVtpH_H8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QqUzGhvJFVfs4D3YL0oowwZNAApXz3-EMHlhdhFK332A", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9VtNuZhf2QGrFOx-QNzlKmrhgyRizZkeP5ihtYWkg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QgQdzbjLRJE2TkDLtlXYFQzj4UcmDpFSNbHWEsd0szwc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4DCXdrDGkD_bEPM_duMeM5LoT15Zum07SJEWEjt9uRU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": 19, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544319", + "type": "pypi", + "name": "lxml", + "files": "QQlPQxoDN9d8jaiC7JHRQyrKFnmmUn-zs3ZhWxmGwh3U", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-28-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12007828, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q6rL64IgCGKRzO6mKV9LH4nq8HjHZbUPaAcADVAwb0oU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q6rL64IgCGKRzO6mKV9LH4nq8HjHZbUPaAcADVAwb0oU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6rL64IgCGKRzO6mKV9LH4nq8HjHZbUPaAcADVAwb0oU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYfCuYOhiTE_koz0oAApLJ7PfKNDENmAYNq-9J4Crb6I", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QpbCVPoQKx4vcoaY1VQbOLrtYwHkfGzI_Avq0yDqh8Tk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QnmHBSyRMmgemn0Q_f5fnEpESal9Tt_2qw2oixZxskEs", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QFjhQ9OaO3T_PKE8iB7FytOpxwM36QrTL6LoF9sP2YUM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QcRV7wpUZwnZ4PY4p7JHz-u0C7ov0zcLwa6rTjkwD694", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QaCt_2Q5DjLwP8nchBFAyfF-fEm1qj6XU4sQ4MqeUcL4", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QHIgayNn2cff7viBMG3XvNGWJy7E7pLpMXe0ytBJqneY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544320", + "type": "pypi", + "name": "lxml", + "files": "Q4yH1h4z674MZuHy1FCRpw2v0bfDildyQSMSCP5bmvjM", + "version": "5.3.0", + "artifact_id": "cp311-cp311-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11303027, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QuOSNsTsg9xdjFcUivaWHPDyXKZbLCddT3HQq8mCqrs0", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QuOSNsTsg9xdjFcUivaWHPDyXKZbLCddT3HQq8mCqrs0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QuOSNsTsg9xdjFcUivaWHPDyXKZbLCddT3HQq8mCqrs0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q3iRvUe8id1l_4qII_cvggwHvk0RgX4adwmaNV8hxpjw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qd7L6oCQO2OzaKIe0YvtQcUU6C35m1lnzuPm0p9-MS00", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QDQNIP2HfIrqru8N8sIq42M-0pJOny1B1l09ff1OOQWI", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QjY9x0QH996dQhdxEpccl4O5dNgjUL2v2G6a6BcvliTg", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QLnouvc9ljeXB70fJX26KO6I925nUmgfcqrg8yNzK-RE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QR6do_Am0t73gE9LAF4Np1GZ-tz7FBZmTP3J5C1UKKPk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QxQEukmfZlmrPUzmE2MIY49F2ODUYcCg3Ng4lSSyWd78", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544321", + "type": "pypi", + "name": "lxml", + "files": "QdHjKHLHji5hWPkTW2htenkxTdtdzuK2Nr7aG9d1F1Ds", + "version": "5.3.0", + "artifact_id": "cp311-cp311-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11216183, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QMV43NhPlAFhDnH5Bq6x6iwS8Df6_8HQl6SmoUg7tCVo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMV43NhPlAFhDnH5Bq6x6iwS8Df6_8HQl6SmoUg7tCVo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMV43NhPlAFhDnH5Bq6x6iwS8Df6_8HQl6SmoUg7tCVo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYQlz16DNHq-X7mZ-gW6Ujr896q6OW2gCbcVi7ygwp8g", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QxSoi4MI9FC2_MJ1YHJXG1Pda0ZjaB_Sza4_8GmyFIXE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QVml9N8Rg4v-4rO6VpJU1WbuaV6XVyHMchfpBv0QAjUM", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QHYiC2BjcQLQ6WdZ8JSllT35ysFxsZfch8rUG_gUNZD4", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "Qf7a0TnFHjHw2NQh15TdwJeWDqj-sS635fzyFQzXeAUo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "Qb1Aldbxf1XZTXXpK3JNPbT5kK9YPlNGqYQx0Vb2vcSw", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQTaq37Ila7-XfuVReGRcKkDT4E7qwKWJ-X1-kkvjnpQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544322", + "type": "pypi", + "name": "lxml", + "files": "QSD-IcpJwRJ7z6BB6RaKKG_EiZkCYoR6ED9hUoRnCv4A", + "version": "5.3.0", + "artifact_id": "cp311-cp311-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13772519, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QywI5a81fgUHt2e0FHqhZ2A2MlwQQx6nsyqTdO1D8Fvw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QywI5a81fgUHt2e0FHqhZ2A2MlwQQx6nsyqTdO1D8Fvw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QywI5a81fgUHt2e0FHqhZ2A2MlwQQx6nsyqTdO1D8Fvw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qco5UL-aEUYjylSZwdb-4QgFHcMkcouFd4yj1XPIOOEo", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_LdQ4GN73eiM3_iIXb5WNb2IUc6LkRa-ocvm-CF5IOQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Q0ZA2qlLgcOtXZoo5y7rcHx-WN1Mr4Ufh38blUC2XNz4", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Q6xBe81OoDpeuHrOPgwIyZUrHaljztFemOy1JeBfCTk0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "QFarfJN3QU4W5dO6usBrEKv-KZ4zZIkwnFJRKhd4MPQ4", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qj3O-zxW_9r6YKFjQ0Z2HmB9FZDutzK27YKd22hx2Kkc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "QvREfIUUH9B4ifkX5QiEO53yGwCL1HkK2Sf9AU1r2XT0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544323", + "type": "pypi", + "name": "lxml", + "files": "QtY2BUL5r9M33uE8a0pC84XfUNNRFtTEz8wXRv_YoHR4", + "version": "5.3.0", + "artifact_id": "cp311-cp311-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12264745, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QgPb0GHr1EK7Dl43_knDNyHvxEVCoZDkVr4lfJPPqn1I", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgPb0GHr1EK7Dl43_knDNyHvxEVCoZDkVr4lfJPPqn1I", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QgPb0GHr1EK7Dl43_knDNyHvxEVCoZDkVr4lfJPPqn1I", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q5CcDIfxEMCiP1fOkRXxqmmOcn4p4aRrtDqUN1tuAjoM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Q7ahEMz-fGqsdLG6xRRvkubZh6jLhSYrbs1USfAznwRU", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "QDhX5UxivWo-d90HPiDEZ-6P8lKp3oR9fubx5NQuvcqo", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Qjz7S3uPNchOm5Qp7RSnIxyMET-eOXmjrrtJ0zBHTDSc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "QPXRLcA1XFiRmWva0Gfqhu-J6uQEU-nZ2MOoOadIMgp4", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Qv3MgGR0wgPq6bY--Zqa-0V4VM84h7fxrLZp3Pss7J40", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "QnsdAGwsydIXEwu-5fvPFCarTiEa7w29Fn2Ep7VvKDuI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544324", + "type": "pypi", + "name": "lxml", + "files": "QsKXDW406jfO7xWujiPOY6fFMJl1yNBoO4htXhAqZ89Y", + "version": "5.3.0", + "artifact_id": "cp311-cp311-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11437536, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QodTcg-tsAGyvyF8p9rkB5E56rFt6eauBXY2CDsT-K6U", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QodTcg-tsAGyvyF8p9rkB5E56rFt6eauBXY2CDsT-K6U", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1RF9yi1MawOWqskwOszUlf69Huxoim6N49CeHE4BUc4", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QodTcg-tsAGyvyF8p9rkB5E56rFt6eauBXY2CDsT-K6U", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QABwFoWPJ_9qH90rbR0NNZOb0FioZSigk2E18GH-JnVE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QDHuhNT8Bwg9pd6PsugHlDE7IssbBzlySMyHpYw41ASM", + "type": 25, + "props": { + "source": "lxml/sax.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QOCzClCrK4FWxxiBvYvAcT5GKjTRdahg2dZfzR5UPTH4", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QojZ8-CpdGTyD-WCAC9IN55gPSIHzNubwIcyoRuYrmtM", + "type": 25, + "props": { + "source": "lxml/etree.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QPw1kI35gjPIXzmXtpSbVfqKIcTh6IkvFNaOexBKRZ20", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QvhmLNunpsbkEUKKgqug9Ss_qRB-HVriO3QvElEZ4GTM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544325", + "type": "pypi", + "name": "lxml", + "files": "Qx-gB3_Zlt2BWTT3cGl-JrMDZj0rw2kauPxUN_5TTzuc", + "version": "5.3.0", + "artifact_id": "cp311-cp311-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8517086, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QI4FKqOgA2vQzTjtTPsjKtQXKYWdLy5uLBl64ZzohRb4", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI4FKqOgA2vQzTjtTPsjKtQXKYWdLy5uLBl64ZzohRb4", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "Q-FdSP6oByf4sSHgEDtis5X3YEGk11wcp-J7Rwnj73oA", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QI4FKqOgA2vQzTjtTPsjKtQXKYWdLy5uLBl64ZzohRb4", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QakDr52qOaCkBszzO-uERs9ug1YfgZXnZfuN8fdwjNBM", + "type": 25, + "props": { + "source": "lxml/html/diff.cp311-win_amd64.pyd" + } + }, + { + "key": "QJ19G3_w0BV9xhIRJyOqjvTbHzC1QBNzotK8UHs0z6hI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp311-win_amd64.pyd" + } + }, + { + "key": "QQrjXzIPws7ZP-80lkcGQsUZPgzZ9TgwWgs2PWGy9x8M", + "type": 25, + "props": { + "source": "lxml/etree.cp311-win_amd64.pyd" + } + }, + { + "key": "QROgHVeozFSRoXkfGjwHcqzB6yfqhc9O7MMkKpPu9xLw", + "type": 25, + "props": { + "source": "lxml/sax.cp311-win_amd64.pyd" + } + }, + { + "key": "QViWZlbRQ3TZZN3XpLfrelujixq7G0AZGeXOnqISEY8s", + "type": 25, + "props": { + "source": "lxml/builder.cp311-win_amd64.pyd" + } + }, + { + "key": "Qyyb3UDwGtpz9kBAdOglrzpx_uL_YCY2zBnK4udnijF4", + "type": 25, + "props": { + "source": "lxml/objectify.cp311-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544326", + "type": "pypi", + "name": "lxml", + "files": "QJeZ3y2r9B-fByCSHQgxMZ64HTqeJc60yFV4xOP9X83w", + "version": "5.3.0", + "artifact_id": "cp311-cp311-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7700417, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QceWJI_dHSHiw2QpHcJVA1xZDAxiQDxpEjcB_pEHKNPo", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QkXNiG5YPww8-npR5kBbGz8Tp4wtSYQWcsjJDhFWK154", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QkXNiG5YPww8-npR5kBbGz8Tp4wtSYQWcsjJDhFWK154", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QBvzuHIqAcQ3gK2k3iOF9PaR-pD0--XSTF1PG7G6ymko", + "type": 25, + "props": { + "source": "lxml/builder.cp311-win32.pyd" + } + }, + { + "key": "Qbw71GZeA4IQX9zwLDEP59U-3oK7mEx8X8Hfd9XUhWyY", + "type": 25, + "props": { + "source": "lxml/objectify.cp311-win32.pyd" + } + }, + { + "key": "Qcfytj-O2utrWOl5Q4-F4nSwqILwNjFVjoW3LMweNEGs", + "type": 25, + "props": { + "source": "lxml/sax.cp311-win32.pyd" + } + }, + { + "key": "QQvuj7Rt7ipBsQRg65-mY-ObcgIFi2ggRlO3lE_YIyuc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp311-win32.pyd" + } + }, + { + "key": "QSjTq7BzksBASc4QhmdZIbtXP6AeqdgcI4wokIfn6pbc", + "type": 25, + "props": { + "source": "lxml/etree.cp311-win32.pyd" + } + }, + { + "key": "QUDFYpUoQyNEHkrHUxymhPf09s7SYqDEKr1706i2WrYU", + "type": 25, + "props": { + "source": "lxml/html/diff.cp311-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QkXNiG5YPww8-npR5kBbGz8Tp4wtSYQWcsjJDhFWK154", + "type": 47, + "file": "lxml/ElementInclude.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544327", + "type": "pypi", + "name": "lxml", + "files": "QaN7vW_deQk35yk5uSc3lxwOlP08qYxS1qvXHgi34uts", + "version": "5.3.0", + "artifact_id": "cp312-cp312-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 18577028, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QkSUIoQ9GidVm8Imu46Gq3SvRalZKgy2gvuAZxihpDOo", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QGQVK6c9d8sx-LvepLec3j6j2_fOK-Cu72K-DGTp9uBc", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QGQVK6c9d8sx-LvepLec3j6j2_fOK-Cu72K-DGTp9uBc", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QGQVK6c9d8sx-LvepLec3j6j2_fOK-Cu72K-DGTp9uBc", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYKYfGjQqhn1_a06DXdVvTtjrRfOGDa9pEVLQobql8P8", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-darwin.so" + } + }, + { + "key": "QMQhdiZPdW7o2fvoBsDz4T3sfbln0-V4jKhHF_Al2cmU", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-darwin.so" + } + }, + { + "key": "QeIrIDWmjolEEeguxWRxvlD7ReupNA1NzDZpXFwp0ESg", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-darwin.so" + } + }, + { + "key": "QEbnDlJo0f_CI84e-XFk7C51YspwUzNntvJj5qA4doIk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-darwin.so" + } + }, + { + "key": "QdffxQ_FuM1HQPSAymOntBhy4izRjWF2QxQwKpsHgAyU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-darwin.so" + } + }, + { + "key": "Qc-9agGnZhSqs4wzQ1m7ywue37XOcjOdKYPnse2iyWLE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544328", + "type": "pypi", + "name": "lxml", + "files": "QkLHLacyvUg0TKb0DqQiy0d6ooH3qiHAotLB3Eay43RM", + "version": "5.3.0", + "artifact_id": "cp312-cp312-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10356920, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QMQhdiZPdW7o2fvoBsDz4T3sfbln0-V4jKhHF_Al2cmU", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-darwin.so" + } + }, + { + "key": "Qnc6pdXhzmRTPqtIV1RZ8GOZ98XFAvu7FG6wAtxSLh60", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qnc6pdXhzmRTPqtIV1RZ8GOZ98XFAvu7FG6wAtxSLh60", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qnc6pdXhzmRTPqtIV1RZ8GOZ98XFAvu7FG6wAtxSLh60", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qk7tBpc2gQFpWVJZDME-VS-cvy38tZ-t3j60XYXVQ1u0", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QYKYfGjQqhn1_a06DXdVvTtjrRfOGDa9pEVLQobql8P8", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-darwin.so" + } + }, + { + "key": "QeIrIDWmjolEEeguxWRxvlD7ReupNA1NzDZpXFwp0ESg", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-darwin.so" + } + }, + { + "key": "QEbnDlJo0f_CI84e-XFk7C51YspwUzNntvJj5qA4doIk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-darwin.so" + } + }, + { + "key": "QdffxQ_FuM1HQPSAymOntBhy4izRjWF2QxQwKpsHgAyU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-darwin.so" + } + }, + { + "key": "Qc-9agGnZhSqs4wzQ1m7ywue37XOcjOdKYPnse2iyWLE", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544329", + "type": "pypi", + "name": "lxml", + "files": "QjXpRarbM3czFv3G2KTNgltQ-8-CARNP-u1NvEbl_ppc", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11927570, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgVMJ8xRCjlDlY4pi26eZbyg9tPd8qAqWrKFjwHh4nKw", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QOLnxiZdAT6ZJBCb4D1w8JBSMhlrfUb0Ju9d9vMWI3pU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QWW7yl_1pWQURvJFYsUtqNegxBDLlWj4vIeqUuNUK2Is", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QXIUPwjAnPTa-BGrsEqwQk7kwtel6Z54_AUqw-gRqe2o", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QPK4wuqme8VKzeK1QsQ2dvwqJxY-KNFXvlDahMe_W1y4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QR1OxSDT2FcDYXoP_ov09-DwQgI7543lSjw_Gjlv61NY", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QvQn8mwmtMMxd7jItah-Ar1qOAB9vBx17iUEGG3Jhonk", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QbHUIv3Kk0QBtdsSw68U9eBwDqUPUu7LdZ4ZrDn1TUIo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QWW7yl_1pWQURvJFYsUtqNegxBDLlWj4vIeqUuNUK2Is", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QWW7yl_1pWQURvJFYsUtqNegxBDLlWj4vIeqUuNUK2Is", + "type": 47, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544330", + "type": "pypi", + "name": "lxml", + "files": "QstlAArByRgISJa2Y6ypkQ2WC72OBb-kAeOF_KeBc8SY", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11046209, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QyM41fuVjMpDB_cIB2YaNdGJHOUUaM3weN9DELTnsABU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QyM41fuVjMpDB_cIB2YaNdGJHOUUaM3weN9DELTnsABU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QU5EGgsDgkSF6tGbi__529vbvsq2QKL0z80Cr3D28t3w", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QyM41fuVjMpDB_cIB2YaNdGJHOUUaM3weN9DELTnsABU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QoAMkAM92nQpBZKnD-f8zmmDtAO6lh8HL2vofn-jQeY0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QgU3xBXkFkjxllrr5ewd9b5dhqtyO8JZGeCWKTHcgsPE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoSpukrOr4tuep6ML4GzSuyyzdqSs1eGwiyVPUxZz4Ew", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5pDaWNrWXBuVdedlQywBDwFW2XzNLl4qg1IFXZm9QzU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QQhTmor2li_Vpzl6SYLXdheuGRmfgO5I3STXgtkN2DHI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QvuBvK2dfPS1dGWWI_7qP9DWg0qlR8ImJktmkjf8c5kE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544331", + "type": "pypi", + "name": "lxml", + "files": "QoxBqwEthuXuTksC33m_CUjPvxOP4c2-_9R9SGBeNmVQ", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13405689, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qj3EHhT6q7fDydqVS-S0loHPzuIXvsssHBMyzNRsS2zQ", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q5qhHNJX7N-VlwLoWKwolhockzklwAkbU67FKnqAadDk", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qh0gs2XclSB14iCdnCBNYKtbrU2QrycPjWNiSHGKSes4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QH3HqtphmBMjQzYbeOd3CLuDGSOxlLhBFssH8vzU1yt8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QMQTkgSRbqxxtKoMr_qSRQ_zGltynecTE4XcODMOjb6Y", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QNfa--YxZ_VOUMvepFGOAwpnFcHGrPpFL9fd1W_K8iYo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QP9R3mjEa9XlFfbVahYTwd_E4LdbXoWVAboKbBmqA-ws", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QWxymx4LHCN1eSWhTOBumpCXg7aCIcD1yz46AsPZ2QYM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qj3EHhT6q7fDydqVS-S0loHPzuIXvsssHBMyzNRsS2zQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qj3EHhT6q7fDydqVS-S0loHPzuIXvsssHBMyzNRsS2zQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544332", + "type": "pypi", + "name": "lxml", + "files": "Q2Kaov6hlxQo9L6nArITp8_6V7ZMACGECoo64zecf6g4", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11705561, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q9XiFK_fQwpveCZ3U9g0JFifPtWJPriVWwH3t5vB_cpc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QffG3Wkd9gDOWtzAunHgbCJ1cpgGjjyDJjiaHXhDWddc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QRhzXZIvP5rKvDby-TOpLSLTwix_agvmV4jmisMKoVgM", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QYMhiyXuVXdyrA0H2ZiXJRomAkxFiLQIEhGL_n--PArQ", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QzUw_fPKt_DpzPmRZ8OpCRhb8UIhajUXDanfNL5zdQHA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QnEzReNveKaZVSgM5x3xbalLEiNkq6_RByIWqMYDILpw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnEzReNveKaZVSgM5x3xbalLEiNkq6_RByIWqMYDILpw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_8uFlVZuuxUHieoDxS5mmkZ7H1dxDfBCbAILWMvgESc", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QnEzReNveKaZVSgM5x3xbalLEiNkq6_RByIWqMYDILpw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_EcTqtoIebM-EJdGlJzKKKYs2O_wT45XbvoPCttwnTM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": 19, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544333", + "type": "pypi", + "name": "lxml", + "files": "QVuIvUI_C3jIuA4yp6bsB66V6oPbtztcCKpJd6xCdeIM", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11302249, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QR2dn6fTE-PgeUZQaEciXdCBekI55GcZ_ZapHu9bW0Bc", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q3zPup_Jxn8PPrtV-WpXapEHfNKbTD_Kh2_HDGoudMIc", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQ6d-PzJZtfLM6YGZ2W4CVZkRdqBKGumvssFJcE5rHAM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qk-O9wYvYbAk4-kdCTxCI1pbyLPeQz1l-iEFDVn-ord0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3zPup_Jxn8PPrtV-WpXapEHfNKbTD_Kh2_HDGoudMIc", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q3zPup_Jxn8PPrtV-WpXapEHfNKbTD_Kh2_HDGoudMIc", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXSAmpx1x_0ZIVgtCp7q0gKqYSQTtU6ZHRaTKGEGMNLQ", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QhXx-vOAP1eJzi4AeVlbpysBAd1WFlb23__A3vPPrtAk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpT-toNn6FgwIB44XXb4LYAx9OfKfQZ_V4h59_VKmvXE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QuMRkjRJ70DyvDwAxJ-nwQCRGfsav6lx6j4d1nbrSALY", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544334", + "type": "pypi", + "name": "lxml", + "files": "Qcv5v0YZqRI6uKaEjS8cdULpWGDsvAZlv21LZTOjvL4c", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10981426, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QQhTmor2li_Vpzl6SYLXdheuGRmfgO5I3STXgtkN2DHI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q7MicQOt9q0e_Iv5bAbDEypgsyPbFQ0eDCc7WO1NeHAw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QxuO9FK2W7L4a-nWqSrHfM1_gA46J51zGUARIqOBhi8M", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QxuO9FK2W7L4a-nWqSrHfM1_gA46J51zGUARIqOBhi8M", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QxuO9FK2W7L4a-nWqSrHfM1_gA46J51zGUARIqOBhi8M", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvuBvK2dfPS1dGWWI_7qP9DWg0qlR8ImJktmkjf8c5kE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoSpukrOr4tuep6ML4GzSuyyzdqSs1eGwiyVPUxZz4Ew", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoAMkAM92nQpBZKnD-f8zmmDtAO6lh8HL2vofn-jQeY0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QgU3xBXkFkjxllrr5ewd9b5dhqtyO8JZGeCWKTHcgsPE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5pDaWNrWXBuVdedlQywBDwFW2XzNLl4qg1IFXZm9QzU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544335", + "type": "pypi", + "name": "lxml", + "files": "QZ_Q9Iuw5wd9XQw30tlIIwdI3R7PZ_p9bXB67-2ZLMk0", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-28-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13930618, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q5qhHNJX7N-VlwLoWKwolhockzklwAkbU67FKnqAadDk", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qh0gs2XclSB14iCdnCBNYKtbrU2QrycPjWNiSHGKSes4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QH3HqtphmBMjQzYbeOd3CLuDGSOxlLhBFssH8vzU1yt8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QMQTkgSRbqxxtKoMr_qSRQ_zGltynecTE4XcODMOjb6Y", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QNfa--YxZ_VOUMvepFGOAwpnFcHGrPpFL9fd1W_K8iYo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QP9R3mjEa9XlFfbVahYTwd_E4LdbXoWVAboKbBmqA-ws", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMSqhdr3hD_V8KOG6RlHYelM03NyyDDjZG19dsh3X7_Q", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMSqhdr3hD_V8KOG6RlHYelM03NyyDDjZG19dsh3X7_Q", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMSqhdr3hD_V8KOG6RlHYelM03NyyDDjZG19dsh3X7_Q", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QLAorRutkVDwsaUYnRU-AZ9__iYIQBj4umKKVT07SEak", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544336", + "type": "pypi", + "name": "lxml", + "files": "Q6D8CQw7NNVdk1RB5dprFHivOezBFyuDtVd70R9q1-bw", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-28-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11882300, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QRhzXZIvP5rKvDby-TOpLSLTwix_agvmV4jmisMKoVgM", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_EcTqtoIebM-EJdGlJzKKKYs2O_wT45XbvoPCttwnTM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "Q9XiFK_fQwpveCZ3U9g0JFifPtWJPriVWwH3t5vB_cpc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QffG3Wkd9gDOWtzAunHgbCJ1cpgGjjyDJjiaHXhDWddc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QYMhiyXuVXdyrA0H2ZiXJRomAkxFiLQIEhGL_n--PArQ", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QzUw_fPKt_DpzPmRZ8OpCRhb8UIhajUXDanfNL5zdQHA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QbAbjcIl8VIiczAV_zAHl4tCPaji-FFgzUzUF5Hmsuco", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QbAbjcIl8VIiczAV_zAHl4tCPaji-FFgzUzUF5Hmsuco", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbAbjcIl8VIiczAV_zAHl4tCPaji-FFgzUzUF5Hmsuco", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qq1V3DEuHhrRMCJLvG4BRyu9IBUoSBAhBK7rKI8Z8UCQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544337", + "type": "pypi", + "name": "lxml", + "files": "QiMbeyKg0HAieXCZVa5AaW4w_uDta8iWcyhxPGyJBWPE", + "version": "5.3.0", + "artifact_id": "cp312-cp312-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11257811, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QgkqB9rjk1vpEH9ZiYmTBIO96TbCwcGOvHuDAvmP_N0c", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgkqB9rjk1vpEH9ZiYmTBIO96TbCwcGOvHuDAvmP_N0c", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QF-oY5h-0eIVnC4SOzjLBBpHNPvPbnob8nCPwQkiKoqo", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QhXx-vOAP1eJzi4AeVlbpysBAd1WFlb23__A3vPPrtAk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk-O9wYvYbAk4-kdCTxCI1pbyLPeQz1l-iEFDVn-ord0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpT-toNn6FgwIB44XXb4LYAx9OfKfQZ_V4h59_VKmvXE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QR2dn6fTE-PgeUZQaEciXdCBekI55GcZ_ZapHu9bW0Bc", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QuMRkjRJ70DyvDwAxJ-nwQCRGfsav6lx6j4d1nbrSALY", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QXSAmpx1x_0ZIVgtCp7q0gKqYSQTtU6ZHRaTKGEGMNLQ", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QgkqB9rjk1vpEH9ZiYmTBIO96TbCwcGOvHuDAvmP_N0c", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544338", + "type": "pypi", + "name": "lxml", + "files": "QSNhy6epPbGwKsF47E0Sd5Qryams8auBS14UgIxZyT4I", + "version": "5.3.0", + "artifact_id": "cp312-cp312-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11086551, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QnB0iEB0cT9VuotZEX5XkrNqH78zrtuCRAy0A8ZhEZW4", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QDvdhoApQsTtl1PHRb_PcL21WTmG5LXRJVQWhOK5u_Iw", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QDWG71rhWw5alYYwBltnr5rvvNP7cCVdvwvDUTMSH6UQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QE5hc5epb32mpjW2dVuy4IEnikqiI4w0DEmbUpnUnK_E", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Qf6BiB3YoRvDMzbsL0u9Aa3CosCAwmLNuBBNUKsLARNI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QlCOCOp93Pz8I5MJ0q-sEtKcF3kFjpS18sGCxRKwqNNQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Qm2AgHADKSv0NyEL_y7QmijzXJap1nc1mL-Adbj-d9bY", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QDWRjmxA_2_M463aG4eVsifkdV_TZFVR4qi8C1e41i7w", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QDWRjmxA_2_M463aG4eVsifkdV_TZFVR4qi8C1e41i7w", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QDWRjmxA_2_M463aG4eVsifkdV_TZFVR4qi8C1e41i7w", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544339", + "type": "pypi", + "name": "lxml", + "files": "QQRA60-AkCwrOZPO_b9h3o2koMJ4wwAcV-cZmRQjx15A", + "version": "5.3.0", + "artifact_id": "cp312-cp312-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13642903, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QwAqiWD1VzxNBbHUt_jcy2lI52uhcv8Xx8NjUR0NpQe8", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QxlXCv5Fe__itliC7FLf-B4UIrFVIU6nrzNUB07gIdys", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QyMP7xrEWqUUOwOSNyyT-CTewYthDLPl9KlnaDNE5g2w", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QautZevrsdwk9e9fI0S9F-mU7upvhfx6y29wE9HUegVk", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q05qDca5uc59gVUvUf_EbCAGOg9UWoPJf38QBDy3NDnM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QautZevrsdwk9e9fI0S9F-mU7upvhfx6y29wE9HUegVk", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QautZevrsdwk9e9fI0S9F-mU7upvhfx6y29wE9HUegVk", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q4PBQkkbwBfDywLjEZpppnuCfgqjuUI8Am1J63Ut-YZk", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qcf1J_MJBrCdZCwLt8AhXUzK9LPL5qUArk3lQw_VY_vY", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QgJSHrxqoQ9P3VWR6yb6JCskdy9y2K7dA4p_6SEhIreA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-powerpc64le-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544340", + "type": "pypi", + "name": "lxml", + "files": "QJZXZ5PIhrVTKCO2LoaIFXqUCnWRp4MMfaOkrQBioOBk", + "version": "5.3.0", + "artifact_id": "cp312-cp312-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12151505, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwNr1hbwQDEyPdSAGOtFTdJ7AhwclAtJbDebnpdYQ6CM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q8YVaBwU49D6v3cBbhzdxYz_-Xr9n2b6AGiJ6nMBIRjE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q6CuJ9yFpOrZlKzaIOIxxjLXFHaBeqxjXgCgZ12IBKJk", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "Q6Y6_ayuj3L6QeOXfPUjfTOXUlZa-Op5Ds4mlC4pHaA4", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "Q8w5o9qAWx4WvG68fqOKoyWpl8TIdhkQUaXiiIqvhg0o", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QcPsunrKYJyj7i-0IGeDL4utHPghPv6dLNJ0O4_yUCUc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QRE-YHHS8D-Wc_tvzManZ0PN-1O62mzmxUBUsysEFfBs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QtAL4NC0AgH2VjMWUBtEV8wRYIPD8IzyJFWnT0PRvxSI", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q8YVaBwU49D6v3cBbhzdxYz_-Xr9n2b6AGiJ6nMBIRjE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q8YVaBwU49D6v3cBbhzdxYz_-Xr9n2b6AGiJ6nMBIRjE", + "type": 47, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544341", + "type": "pypi", + "name": "lxml", + "files": "Q0Kx9SwJ3i1Qua3AP4zlrySQxEJWpWS_rKehhoIgiu4M", + "version": "5.3.0", + "artifact_id": "cp312-cp312-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11429136, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QkD6P0C9vf4nWrvYZ62Rfarh9ziQW0PLO6bauyCKBxI4", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q7-JzBmp6QKCiSG95cfl2qVSJKswUzn2R1zRRKMDXtKQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8eu_TBrKB3PSdtcu0kqm1nQhxf1IHLyTMMNXTZd8yT0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QQ-b8LAbEH-3SNFMe-6R-1che51B82nOGWbg65O7A4g0", + "type": 25, + "props": { + "source": "lxml/builder.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QtIwpcVP1x25UOCLPXRxDUwR8_2QrgNys7Dd3WDrWns0", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QwxXPcVOl3Wit498nzF5N3k6-kxi5j-N87Jr2zVxS5gE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QZfOwv6mvA-m8AL8OwBmzazVio9jzV6kiv0KkyYNwIds", + "type": 25, + "props": { + "source": "lxml/etree.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QkD6P0C9vf4nWrvYZ62Rfarh9ziQW0PLO6bauyCKBxI4", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkD6P0C9vf4nWrvYZ62Rfarh9ziQW0PLO6bauyCKBxI4", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI7dxhHqgna3A63rAneFV2rvcx6P9q0aLc4xUnCMjAbI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544342", + "type": "pypi", + "name": "lxml", + "files": "Qyu8Fq3G9vQH5VVqxamLWpfBgKPKIW-W2JlR7qHons4M", + "version": "5.3.0", + "artifact_id": "cp312-cp312-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8603102, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QBarrOHHv6YrHRCvuYjqllmP4uTWxMnVpjmHLBk1vqSk", + "type": 25, + "props": { + "source": "lxml/sax.cp312-win_amd64.pyd" + } + }, + { + "key": "QK2KfhvhqeK1Ivq28FnUvaLDu8kUD5erzHXseNpBg7mw", + "type": 25, + "props": { + "source": "lxml/objectify.cp312-win_amd64.pyd" + } + }, + { + "key": "QCkHAOu34RongEAxJC6kmU5etTszMMDq78orQTKnfKCg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QWLVLWQn_Vr_RFAC1Ro6jMb0WqmmMTpVlK3kmqBrniI0", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QWLVLWQn_Vr_RFAC1Ro6jMb0WqmmMTpVlK3kmqBrniI0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QWLVLWQn_Vr_RFAC1Ro6jMb0WqmmMTpVlK3kmqBrniI0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXFNT6u2_ws7vsgJr8BNdAQxLk0FG0WbDTVniUB7UFU4", + "type": 25, + "props": { + "source": "lxml/html/diff.cp312-win_amd64.pyd" + } + }, + { + "key": "QOqHQUD2JLoyfUhihsmX6ugvmgWdnIQwcfbULdibT3Go", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp312-win_amd64.pyd" + } + }, + { + "key": "Qmb7EylWl2jE0hN02ioY3wTOLE6YUVeFSNSlQiQEKvuU", + "type": 25, + "props": { + "source": "lxml/builder.cp312-win_amd64.pyd" + } + }, + { + "key": "QKBXpH-Jyb53-uuQcTCFPVWTNoo0WIclz760lPNpi0TY", + "type": 25, + "props": { + "source": "lxml/etree.cp312-win_amd64.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544343", + "type": "pypi", + "name": "lxml", + "files": "QtzE0PBwlaag4B4CbAU4TXujNiGrpwLTp_-mWz7cBKW0", + "version": "5.3.0", + "artifact_id": "cp312-cp312-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7898561, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QS12S6q_rTqC3fCBys1_BVwnfOO-Rdv0gQAsWPA7BSPo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QS12S6q_rTqC3fCBys1_BVwnfOO-Rdv0gQAsWPA7BSPo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q9zg-93ztO-1kDm6GEq6APVgvM8yrac131EKi26Fgxio", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QdqVBw1_SfdSnCIBr0lsctnFhpj7Io2mj4bFdwtJlgb0", + "type": 25, + "props": { + "source": "lxml/builder.cp312-win32.pyd" + } + }, + { + "key": "Qf3Nf7sBLROqhYPZJnl188dtxmDEPRvibWZH7ztj7Y3A", + "type": 25, + "props": { + "source": "lxml/etree.cp312-win32.pyd" + } + }, + { + "key": "QhJ4RnNQEmHPozLdhh_P_WUdxHgs8JoPdqQctckLIp7A", + "type": 25, + "props": { + "source": "lxml/objectify.cp312-win32.pyd" + } + }, + { + "key": "Ql-wafxT4AgZQxPfHsBgWDtgd7p2cPN2bHLz4iiHYcjI", + "type": 25, + "props": { + "source": "lxml/sax.cp312-win32.pyd" + } + }, + { + "key": "QM_EJEGAAiKKkHkuEpP2PGKQg2Ie2pWlGuU4xQvFPCbY", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp312-win32.pyd" + } + }, + { + "key": "QqYvluq1pB5y953ViQc7Kyqn3SmWeLldvCx4nM3to3Tg", + "type": 25, + "props": { + "source": "lxml/html/diff.cp312-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QS12S6q_rTqC3fCBys1_BVwnfOO-Rdv0gQAsWPA7BSPo", + "type": 47, + "file": "lxml/ElementInclude.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544344", + "type": "pypi", + "name": "lxml", + "files": "Qtkx7VhxActOMYFJPOsbLIBtSgHDAovZz-kY8S7uDUXY", + "version": "5.3.0", + "artifact_id": "cp313-cp313-macosx-10-13-universal2-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 18525093, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q0wCIlm1whi35xmHAwGxMs7Ev2ZWOsUZTP1grGkBnGso", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qe9X_ZUtG6Zd8LRNWZgbxCdjgdYi78gOujQVnMIH0DbU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QsNEJTXNvA8lRLUViqveXhAbzjAXjDd-ZE16Hy9VAlrI", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QsNEJTXNvA8lRLUViqveXhAbzjAXjDd-ZE16Hy9VAlrI", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QsNEJTXNvA8lRLUViqveXhAbzjAXjDd-ZE16Hy9VAlrI", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QtPHt2PLXNXKuWM-J_gjnWX3aDkly-Wj5mxGv8OdfGfY", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-darwin.so" + } + }, + { + "key": "QtgLpO1scPYmPhaAKelQiH2G8lMaeMLG9VoPY7NNBp20", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-darwin.so" + } + }, + { + "key": "QQJkQVS5dcxFi2X2cI8FSS1hhKbn5TvrrQH5NKkYEUzw", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-darwin.so" + } + }, + { + "key": "QOUzSEf8yicfQjUjCuGH6_nk8_HaMz6LJhrQtFiuAUsE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-darwin.so" + } + }, + { + "key": "Q785CRGOV_6ppBApKlisOFM_HB09DnW_LwBIEqCO2Zo4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544345", + "type": "pypi", + "name": "lxml", + "files": "QFY9CaJ_p7AnegCeGPbESYiKmGjAeWyLCKxtQhhADpVg", + "version": "5.3.0", + "artifact_id": "cp313-cp313-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10325289, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q0wCIlm1whi35xmHAwGxMs7Ev2ZWOsUZTP1grGkBnGso", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-darwin.so" + } + }, + { + "key": "QPticicZ44xkM8lLDIjAjGYdB690NQ_eSufxQx6fJnik", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q785CRGOV_6ppBApKlisOFM_HB09DnW_LwBIEqCO2Zo4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-darwin.so" + } + }, + { + "key": "Qv2R-gRR_Jj1Odf7wssMBCEO4QPn0P1XZjBnt5jUqtMg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QPticicZ44xkM8lLDIjAjGYdB690NQ_eSufxQx6fJnik", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QPticicZ44xkM8lLDIjAjGYdB690NQ_eSufxQx6fJnik", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QtPHt2PLXNXKuWM-J_gjnWX3aDkly-Wj5mxGv8OdfGfY", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-darwin.so" + } + }, + { + "key": "QtgLpO1scPYmPhaAKelQiH2G8lMaeMLG9VoPY7NNBp20", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-darwin.so" + } + }, + { + "key": "QQJkQVS5dcxFi2X2cI8FSS1hhKbn5TvrrQH5NKkYEUzw", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QOUzSEf8yicfQjUjCuGH6_nk8_HaMz6LJhrQtFiuAUsE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544346", + "type": "pypi", + "name": "lxml", + "files": "Qb2wgQFnTgJIsP4Zz2NBgGaLEGghi7Tc9BbwKBOpwnMQ", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11927474, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QOcFFzaYmk_kI3-jpWbUfzxhOjq3WVJTbIMO1qeQRPpk", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QqXRzjYtZj9Pez3QmwYOqToivPjkxQd0Od7-fpDPcyII", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QtJ98vLyA_j9gSuKIXKZ1kaBWvJ0vgENWPA9mT_lmb1M", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2G0b8QlTPiDLeRbBq7tfkdijjK96IcZqYj6vUUcox0M", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QqdLP8n6KNhGJ9xvGp7R1cHPm-u_atiibvmtFFqZ7rdI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q2G0b8QlTPiDLeRbBq7tfkdijjK96IcZqYj6vUUcox0M", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2G0b8QlTPiDLeRbBq7tfkdijjK96IcZqYj6vUUcox0M", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QH8wItKwDL_DX0rMgdBtyy7x9NJrPiJkMsJiEPYa_Cwg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QL3jYLq4f90d2bTk0xPSNSdnQ6Ogtn28p6LetZYS4EOU", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QmP_tO0EABisc4t4EHt5PItR8u5nv4OQlHzYlHODNZnA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-i386-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544347", + "type": "pypi", + "name": "lxml", + "files": "QpEiagEVtWIYVOVTm7EXWd4r00rjA6uvHe-Jq-AwZ_9M", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11046097, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QNUNc28FnBFo8vpRmHhpRowJbf3bINJaQCGEhQyghDbU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QjgXTxy5dqcF9npOzYYP68ujzpxXirWIw2rgS6YXj8tk", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QjgXTxy5dqcF9npOzYYP68ujzpxXirWIw2rgS6YXj8tk", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QjgXTxy5dqcF9npOzYYP68ujzpxXirWIw2rgS6YXj8tk", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXgrvbT9fA2wk9dL-lWkoRP4DQJ7oRFQAC49KW6ohlww", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qsepk4ZhU7q94OfD_qqJI0Wr1_B1vUskovMmsvd70ULg", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qufw6cIwcPfdnHQyVX0qCvL63wZl4yxux8Km2GukCvHA", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QjBoOWauI0xdaklHteUIY3rw9SU46FFz1n3_HIstJTT4", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qk3tPBsGmMy27tsDD4rd2UWLaI0FTsZdJXNmGDtBq-YQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QOIixI9crxtH3dRFHCxwXYSWhyGzgL2lf4jxk6EWspnA", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544348", + "type": "pypi", + "name": "lxml", + "files": "QbEgCzTi-8dnkoTx_zmi0O7XXaKNPNi7m0P0_xsiaAKw", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13405561, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QN6iTY7uYi019qyysC_4q0tPFECDbUxAovr3X-hI3hYs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QIhFSYaYaLy0TD9uvZwsBGlcr113oWQZPk7OlN3-5szY", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QFnX_IB8h0a-me1m1p0jzRQE4CVyFFyBxCYetYdYabxU", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q25mt9qAOJ4QZFIDv5WupQMUjvEUlOPbdpZu1Lc84xJo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q0AC-hCePKdqAuZOSWL8RSCxm-V62oDpGIF7llc8vh2M", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QtsU6-60bmEkDN8O7zHu3DlukjMjqbVxSArePbxtOkXY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QxPArhi9tp5yJLcQMgS2IE9BiE8BvinLhCwCx71p8r7A", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QxPArhi9tp5yJLcQMgS2IE9BiE8BvinLhCwCx71p8r7A", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QxPArhi9tp5yJLcQMgS2IE9BiE8BvinLhCwCx71p8r7A", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QD3UU8-qDo5n7NUugoJt9eS8LwbrCdKV7wGgC90Vh9nU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544349", + "type": "pypi", + "name": "lxml", + "files": "QV4KSZHFwZrWQyGfayvPJpjhtwvrAIM_xDEHcUFVxWEo", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11697257, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qn_mHvtcZmGGnMyuU2TYRZuDGbYh8lPAns9TKVUJgs6U", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QdHqxtUZ0uwpsk6TT03DAmkpiTZJ3zBhu13dArCK4tbA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QfABltZBqBt0VFBHT9e_d7iBNylJo509a-55STHlYia4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QgXBiMOCvmy-8qZ5z3oNmzTKxagoeBw6gbaZjtw0HJ8o", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QKd8PIiKGQzKGnVAiEzya31ky7zMvgbngFOwwnLR-o8M", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QvAyYl1jhUTreXTtIPHuKSBeY0Wxc4iomYKXtenzooOU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QorsAnOTKAHXIDjUWQQDyjKybexF3tngoisQxplWkxko", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QorsAnOTKAHXIDjUWQQDyjKybexF3tngoisQxplWkxko", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QorsAnOTKAHXIDjUWQQDyjKybexF3tngoisQxplWkxko", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q9z93fv_wk-Vfcy7RdxruvBbRrGxMYGlILTHqjqITBj0", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544350", + "type": "pypi", + "name": "lxml", + "files": "Qa5SyeGb8O7-MniCBeQSNzLTHLpt_4KE7pEHdBxNTc2s", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11293993, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QM7CaFY-i_HuCUz6UYqklIPGMqGqTrkK5k0dqTp0mzPI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qeeu4HppSu9lyaw_vwgIz7HjFvm_p4zxV_txcc0MDvZY", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qeeu4HppSu9lyaw_vwgIz7HjFvm_p4zxV_txcc0MDvZY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qeeu4HppSu9lyaw_vwgIz7HjFvm_p4zxV_txcc0MDvZY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QyrAP0vaqFK9NFfAG3Sn-1Hdtp-3dVMeH0wcafn-oEbA", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QmW2n9H5svMgK-ZjHOEskeAYlxy01BZ_7eYRBg22PNRM", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMNMYtBo6horCbMS5L26JnpRQGQ5T77oIPjsdU-3k5DY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb7g48GdIdCNAIjcD_-L5dAeNC-byGDxvd1n11Sy6Fm0", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAE3qmATMf7xpXjg4T---auUtrtysA9B-Vw9UCShvodA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q64thVNZdejD4TgT-mY5Scgtj0EVNw4KjkyQfTBbRx1I", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544351", + "type": "pypi", + "name": "lxml", + "files": "QFqTwcZSORnNabb0jCX25eqNfodO7NojU-7JLMEt9qfs", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10981314, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QVRZdjHWG-kma4l-0nOZ389R2lvEgBoAF45yFY_NKw6k", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QjBoOWauI0xdaklHteUIY3rw9SU46FFz1n3_HIstJTT4", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qk3tPBsGmMy27tsDD4rd2UWLaI0FTsZdJXNmGDtBq-YQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QOIixI9crxtH3dRFHCxwXYSWhyGzgL2lf4jxk6EWspnA", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qsepk4ZhU7q94OfD_qqJI0Wr1_B1vUskovMmsvd70ULg", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qufw6cIwcPfdnHQyVX0qCvL63wZl4yxux8Km2GukCvHA", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QXgrvbT9fA2wk9dL-lWkoRP4DQJ7oRFQAC49KW6ohlww", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QVRZdjHWG-kma4l-0nOZ389R2lvEgBoAF45yFY_NKw6k", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QVRZdjHWG-kma4l-0nOZ389R2lvEgBoAF45yFY_NKw6k", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QaGtdQwyVvPSdJsIkx2eMr8KHnxyJY_s-_IQbcuzJhJs", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544352", + "type": "pypi", + "name": "lxml", + "files": "QzfXLROlE_vA42rksAQXu3qO-W4t3Nw_SLCGkwoEw7to", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-28-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13930490, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qjdgj4N09Svex34whFFAxTTYv1SqjHp0EoC_BrRt3dIQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qjdgj4N09Svex34whFFAxTTYv1SqjHp0EoC_BrRt3dIQ", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qjdgj4N09Svex34whFFAxTTYv1SqjHp0EoC_BrRt3dIQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqWEH5HTXLQFT7Yi7JxaDJ_ioNwqSFRqUnTDAM7SJ4jg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QtsU6-60bmEkDN8O7zHu3DlukjMjqbVxSArePbxtOkXY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QN6iTY7uYi019qyysC_4q0tPFECDbUxAovr3X-hI3hYs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QIhFSYaYaLy0TD9uvZwsBGlcr113oWQZPk7OlN3-5szY", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QFnX_IB8h0a-me1m1p0jzRQE4CVyFFyBxCYetYdYabxU", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q25mt9qAOJ4QZFIDv5WupQMUjvEUlOPbdpZu1Lc84xJo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q0AC-hCePKdqAuZOSWL8RSCxm-V62oDpGIF7llc8vh2M", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544353", + "type": "pypi", + "name": "lxml", + "files": "Q8hYrnVptFGOoqHubBhY3Lq1fKLjzelw8hCSqcSg-HLk", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-28-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11865804, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QdHqxtUZ0uwpsk6TT03DAmkpiTZJ3zBhu13dArCK4tbA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QnKP2VHw9IyXAVTrClx43rJxz7c0ja31ow8eOHbZEcFw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QKxIYXztX2mE-3m_bt8my_OadjT4QYyBsnXWZCXWjVMg", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QKxIYXztX2mE-3m_bt8my_OadjT4QYyBsnXWZCXWjVMg", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QKxIYXztX2mE-3m_bt8my_OadjT4QYyBsnXWZCXWjVMg", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvAyYl1jhUTreXTtIPHuKSBeY0Wxc4iomYKXtenzooOU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "Qn_mHvtcZmGGnMyuU2TYRZuDGbYh8lPAns9TKVUJgs6U", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QKd8PIiKGQzKGnVAiEzya31ky7zMvgbngFOwwnLR-o8M", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QgXBiMOCvmy-8qZ5z3oNmzTKxagoeBw6gbaZjtw0HJ8o", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QfABltZBqBt0VFBHT9e_d7iBNylJo509a-55STHlYia4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-s390x-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544354", + "type": "pypi", + "name": "lxml", + "files": "QEfPczL38wTGoRkt1zMs6DTKNsLv9-40zVwwafcVRtPY", + "version": "5.3.0", + "artifact_id": "cp313-cp313-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11253491, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q64thVNZdejD4TgT-mY5Scgtj0EVNw4KjkyQfTBbRx1I", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAE3qmATMf7xpXjg4T---auUtrtysA9B-Vw9UCShvodA", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb7g48GdIdCNAIjcD_-L5dAeNC-byGDxvd1n11Sy6Fm0", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMNMYtBo6horCbMS5L26JnpRQGQ5T77oIPjsdU-3k5DY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QmW2n9H5svMgK-ZjHOEskeAYlxy01BZ_7eYRBg22PNRM", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QyrAP0vaqFK9NFfAG3Sn-1Hdtp-3dVMeH0wcafn-oEbA", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QwX4KSInc52ZXAtGzU_4nPLFrhr3W7hWZHDnjND_CLPo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QwX4KSInc52ZXAtGzU_4nPLFrhr3W7hWZHDnjND_CLPo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwX4KSInc52ZXAtGzU_4nPLFrhr3W7hWZHDnjND_CLPo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QthD0MBLXTkH_RrfaLZXZjLSMeXTPzHWXASpgkzbRpfI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544355", + "type": "pypi", + "name": "lxml", + "files": "QmciVl9zYDz_IED-cuapxq-M6hTNHgZV9drmJEtpmlGE", + "version": "5.3.0", + "artifact_id": "cp313-cp313-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11086551, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMgkqS-VOLsnOsWx6oAZ8zQpLjlKgiGyZj6WHKSySYeM", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMgkqS-VOLsnOsWx6oAZ8zQpLjlKgiGyZj6WHKSySYeM", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMgkqS-VOLsnOsWx6oAZ8zQpLjlKgiGyZj6WHKSySYeM", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QykeIJPVZMJBZp6X4Tlxjo147RlXeXoXrqRUXJKsHjVc", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QDkE4mlqrRVZtC0AJpbgc3F9_GaN0DNrEHnfgmzB7R3M", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QZyovx-NCbQtkw5ILa3RJ698JPHLDfDm6_071rKVap3c", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QX1b6dSPDsExEk2sYQrYtDXiQeGma6X1rTJspuBSYcSI", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QT7D8GvA4pxMjMPHTF9UyKlVvAdrzctbehVu0rKdBiRs", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qo96_75NUjtzWZa9KCwRyr5aCk6sr5oZT75G1Tnxx9gY", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QhN74xVUR_U5ESV65WI2wyfUBT8P3oRr-DEZAkOiyw98", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-aarch64-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544356", + "type": "pypi", + "name": "lxml", + "files": "QBhwHdSX6ljzFA8HsOE_pyRQDaMSZZnPWlH1CHdY1xEs", + "version": "5.3.0", + "artifact_id": "cp313-cp313-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13642903, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q123cjoZOMy1-QpNFqu6yuCgj7MVvso2f_i_NqeOB2aM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qt81s9sSXLKTXuokyRoSVVN69tu0tTU-_SnCDxflYmNc", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qt81s9sSXLKTXuokyRoSVVN69tu0tTU-_SnCDxflYmNc", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QINRB6MCYjbY9vSo2uBZlq1L1HyOBRdU9mnoOXCwqVPw", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QLgsM3BA-r_qZzmkqhnyIgjO15ZMrg6xVrNi60jjjkVw", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qt81s9sSXLKTXuokyRoSVVN69tu0tTU-_SnCDxflYmNc", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQAYtqOgSzCM4lEkkn-GA1bDLvDLRPpcu7Mg_SQg5uFo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QQTRPDcQa2xtJRESqPRWEN1UiIRJskVMUvXx2fuzk578", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QsNKeCnLIjmlf7yp3cacTrefZaKW3VAy7EDpOCqV95Ls", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QXHljJx09iZNMmyE8io_oS4efgwe-7ELjBjb3CwgkFQM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-powerpc64le-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544357", + "type": "pypi", + "name": "lxml", + "files": "QQIWii5YnCKTj3QXPXcbyXoZ2UQQiJEL1Vmveh9IGjpY", + "version": "5.3.0", + "artifact_id": "cp313-cp313-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12143313, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QnKbRVxIQS13Qd8D4_fIf3u6olJrOvkgsDjUW-wX6ASs", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qk4evZL2zQ4HOrU_94bXcYycciJM7VYjIqhkGyUNHLv0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qk4evZL2zQ4HOrU_94bXcYycciJM7VYjIqhkGyUNHLv0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QOiHutwA0hsNSOAbm8nZzhGRtEKxA9eBzAP9owjuylJ8", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QIw30rfdkaxvkovnpFycVS7HwUg7p9XC0YUG319yWPFE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QeHya8IaypI7L50QmvS5MnBz7eiPzRF001dmW7zFBRqg", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QAFlBpo1iaDqdn3h8-_GqTPVMq4NrP3_uczcCadV3bIE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "Q7nEjF1Z-ewEW3XQIRS7IV3_ZFpZ3srXoIMjvrmF5ZA8", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qk4evZL2zQ4HOrU_94bXcYycciJM7VYjIqhkGyUNHLv0", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q58lmJVI9uH05WfJg0HsZzAhDIneYOBSKXjWgE6Uj6Eg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544358", + "type": "pypi", + "name": "lxml", + "files": "Q-0XtvOCAJD--UcbEkAnPxTUGM10lijtkCfNQYH7eWvw", + "version": "5.3.0", + "artifact_id": "cp313-cp313-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11420880, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QmnIZl3Dv9BLgogCBE2mteMtsxaPyysJEQohR1bpYzaI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qt9qodpkdLGifvCplyH95W_SSkyfoPNNY-apT5rxtpqw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qt9qodpkdLGifvCplyH95W_SSkyfoPNNY-apT5rxtpqw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qt9qodpkdLGifvCplyH95W_SSkyfoPNNY-apT5rxtpqw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QZ_PJ_6V-Ohf1_n9n5HGgWF2meLvWkmhNPUYL1jsxt7M", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QWoLrqfbgC_TlrU6SV0jsr0WHUgUxSu4h01x2IrMa324", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QmX_HNisHEfy-X2URUqlh6JtdOpEIqMEB2AXUv-Q4zUQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QABn7STEfYc-Xsje3EJpjeytIl3B0t3u4g-AiPJ6HoWg", + "type": 25, + "props": { + "source": "lxml/etree.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q5i_W3u9W9bfx2xTgcs4LugFW1PE5i8x5B1gOgkTQw4I", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q0Wz7-mnmm8t5OMDJPsjLdwxDsDVFvqpnEUPZaO3opPk", + "type": 25, + "props": { + "source": "lxml/builder.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544359", + "type": "pypi", + "name": "lxml", + "files": "QiP2CJ_FUQ6P9QzRN7eAuwnBaHT5ZYuxfic2uZAeoySw", + "version": "5.3.0", + "artifact_id": "cp313-cp313-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8596958, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2t9eiI5wUUKYVi3Od-_8LcIajHyBhINlhOP82TX6CsU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QOBy11Xk-74wm5LNEo24zgIn18Jyy6907Ga46fwB3poI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q7bzTN-0WVuWYvUxpk-7lcgQ9Vs-1vV_nn1Qqy62zS74", + "type": 25, + "props": { + "source": "lxml/etree.cp313-win_amd64.pyd" + } + }, + { + "key": "QELEP6y-PfEZdIzTqTVK9H301VaS3W7d3YlBRX1WauqI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp313-win_amd64.pyd" + } + }, + { + "key": "QL64N28jxCdnxeucNqAPUyXT8sCW1un7UVheA1cSeWHE", + "type": 25, + "props": { + "source": "lxml/sax.cp313-win_amd64.pyd" + } + }, + { + "key": "QMZI-WJsgA_xtPbPcXda1_-Wj8-A1ypRskHCU0rdo5nQ", + "type": 25, + "props": { + "source": "lxml/builder.cp313-win_amd64.pyd" + } + }, + { + "key": "QwjuFXZLcGZW1aXM9hiJuNCTzqxPbrhVGa98iyzhOx64", + "type": 25, + "props": { + "source": "lxml/html/diff.cp313-win_amd64.pyd" + } + }, + { + "key": "Qwu37u4nfNDyhOzeubQlBeYPle7D73sASTIW6j9XQDCs", + "type": 25, + "props": { + "source": "lxml/objectify.cp313-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2t9eiI5wUUKYVi3Od-_8LcIajHyBhINlhOP82TX6CsU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2t9eiI5wUUKYVi3Od-_8LcIajHyBhINlhOP82TX6CsU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": 19, + "file": "lxml/html/_diffcommand.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544360", + "type": "pypi", + "name": "lxml", + "files": "Q8knXtLtzZvxtEI5zTVpdjsvsqD6IzJ9zrxXVg2aWhZA", + "version": "5.3.0", + "artifact_id": "cp313-cp313-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7896001, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Ql0nwGYbLQnPXTUGmsl714nS9Pi_dtzCG5f54ULlbtgE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Ql0nwGYbLQnPXTUGmsl714nS9Pi_dtzCG5f54ULlbtgE", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "Ql0nwGYbLQnPXTUGmsl714nS9Pi_dtzCG5f54ULlbtgE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q6NsZhOhi5xPcDvoieZTNcVC9NCuqmhptX8H96Q8H8iw", + "type": 25, + "props": { + "source": "lxml/etree.cp313-win32.pyd" + } + }, + { + "key": "Q9TTkCuhnC8epNjeXFLN-EM8lPOGSSL6asvra3alBc10", + "type": 25, + "props": { + "source": "lxml/builder.cp313-win32.pyd" + } + }, + { + "key": "QL0elZm9y0e4cG4PPtz8O1pYSqhQoA2gehOrLZ_ksPiI", + "type": 25, + "props": { + "source": "lxml/html/diff.cp313-win32.pyd" + } + }, + { + "key": "QPqmaFvTbiXAq37ls7HwN9w985Zcw1wDD6_OmLvAzrPU", + "type": 25, + "props": { + "source": "lxml/sax.cp313-win32.pyd" + } + }, + { + "key": "Q1l_oQaBqDwfk3sbeMLUaCuM6m0xiUzNG0sgbcRbb1I4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp313-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QoWybTkxFdcPbBsbpZQBSkyJ3bxskdXw-G5-1UMmtDpU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qxi6nE943RSUZYGEKmEYgEajh77rnpUOdDRLeGB82MUw", + "type": 25, + "props": { + "source": "lxml/objectify.cp313-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544361", + "type": "pypi", + "name": "lxml", + "files": "QVIf04q5h1j0iwDnM76gSQaKPz6UCYXaZvSFOVq7UJxo", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10421147, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QKHS_xD4XEKdSu1ZKXqKDQlXw05_oix7H1eGMgXGPA58", + "type": 25, + "props": { + "source": "lxml/builder.cpython-36m-darwin.so" + } + }, + { + "key": "QH1pMNPYddCBctWSZvQ_bEGnGiYyIf3ht9vutA1rrvdo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-36m-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-f4yfZqbE_3sThTslbEcfLwW_mXTAEGLixJ6V68xSBo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-f4yfZqbE_3sThTslbEcfLwW_mXTAEGLixJ6V68xSBo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-f4yfZqbE_3sThTslbEcfLwW_mXTAEGLixJ6V68xSBo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGBwELdQkl3xTv6VaXqrXMbU2r4p4BB2J2GX-de0loOM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QdZSGAZB8qeREsWUxpIOOv7KKZG5hejH-fSxZ6LFOwds", + "type": 25, + "props": { + "source": "lxml/sax.cpython-36m-darwin.so" + } + }, + { + "key": "QDl3bDJm7clbRLg6w7egmdn2vrJGDnNxEXctpd8BzbOI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-36m-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QPelrGuTbiCojPgNl3zq8Dlo5AMIRxRz1P-H3-FL0iCs", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-36m-darwin.so" + } + }, + { + "key": "QnddHHIGTXPBwit4WRmfkgTUaPz_4MGCzpqUD3rarBro", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-36m-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853544362", + "type": "pypi", + "name": "lxml", + "files": "Qivf1vteEf6T2wQsPwDc8VFYln9cH84fECipUkVfgpAo", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11661678, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QVYs9G5wFm9haQr6jVeNBj16BFG-ChZebbFOzBu8PJMA", + "type": 25, + "props": { + "source": "lxml/etree.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QVB6RhEQXLU8J6vOyYz_msSDjK-qZfzjOvFNI-TmzaKY", + "type": 25, + "props": { + "source": "lxml/builder.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Qe1pnZ7CocHLbWUg7nuiSm6SWgJVil3KQosTE_ePMnk8", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QDFhFLBezcKyaNkbdkIZ1v7bBNvUnFHam8OGV24vbhzs", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Q3dULV15W5ctwIDDAtWTCYfnHS29cSAuaSzPqAtHfUmo", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFnOQ61Wov_v9gbUHXgC33zf3aMYm9pAwsZoNG9xcWr0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QFnOQ61Wov_v9gbUHXgC33zf3aMYm9pAwsZoNG9xcWr0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFnOQ61Wov_v9gbUHXgC33zf3aMYm9pAwsZoNG9xcWr0", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QcoD93RmIBAwERCGZgbl_QmnsLAYpO7r4SL3KpkIYIlQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYvQgMuX4HJZFM7pM2WXwbCqkRqVvDL62uuRMmMM_8HE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-36m-i386-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545893", + "type": "pypi", + "name": "lxml", + "files": "QyZ8QNoWQW_2dtMYUVNsV91IIdpp2vpL4zm-tqHiF7JY", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11077127, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": 25, + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": 25, + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_XzSmjaSf-8o23aZniCekn2fYSWGwEfUA5e2PbCLVOM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QCg0SQOjqQgJMKJGdck7tWMma0l_zpwKw0xH19vXbvIo", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QCg0SQOjqQgJMKJGdck7tWMma0l_zpwKw0xH19vXbvIo", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QCg0SQOjqQgJMKJGdck7tWMma0l_zpwKw0xH19vXbvIo", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545894", + "type": "pypi", + "name": "lxml", + "files": "QQ6ilpFjfIafILdlwm-cYcXPLF2FOomjzg0gm2UK-1TE", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11032690, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": 25, + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": 25, + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QwYxJO2MQ5NfsqYh96WGBSNmIPLpekpJRdVl2_O-OjxM", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QwYxJO2MQ5NfsqYh96WGBSNmIPLpekpJRdVl2_O-OjxM", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwYxJO2MQ5NfsqYh96WGBSNmIPLpekpJRdVl2_O-OjxM", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMaCGClf66FzUg2RbkJLh25bbzLGa6awMtxsSaV7f-Ig", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545895", + "type": "pypi", + "name": "lxml", + "files": "QEXXSOfpUX__sG43r0E5XvVcj4V9PoSk0CNfXuad3_Jo", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-manylinux-2-5-x86-64-manylinux1-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11411643, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": 25, + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QTvIlgstvUOTk4lS9hBBDbNUg1sb9fV5fSTvGmg21IzU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QTvIlgstvUOTk4lS9hBBDbNUg1sb9fV5fSTvGmg21IzU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QTvIlgstvUOTk4lS9hBBDbNUg1sb9fV5fSTvGmg21IzU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbXUKPI9V-vX8mu5aXSpOEFwXVI0WVrdEqT4CUFtP1mI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": 25, + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545896", + "type": "pypi", + "name": "lxml", + "files": "QdqVHap17UM9WS8AbDM2BH2l1zH1IeuptY6DDp9QyYE8", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11163657, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QPZOzQAyv3tCjjZ_ykQC4u6rpodyfEvLejmjdvlU34js", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q-mkbrvEa24JZsVB9aUfX-88xfQEwdFCIKjIXIHL-vTY", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": 25, + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": 25, + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": 25, + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-mkbrvEa24JZsVB9aUfX-88xfQEwdFCIKjIXIHL-vTY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-mkbrvEa24JZsVB9aUfX-88xfQEwdFCIKjIXIHL-vTY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": 19, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545897", + "type": "pypi", + "name": "lxml", + "files": "QnFc5rtZlsVeMxkLwr75rbBtzuqLTCH86dYNBhZ-vUo0", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8870289, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QjaFpUHmj1UJvoD-IbcU_TiENOrbjUEeIGrxwPJQiy8g", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QRj0GS-qtY9z-XU-d0pmrNcEYjsSJkjHbJVwLLuidarQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QRj0GS-qtY9z-XU-d0pmrNcEYjsSJkjHbJVwLLuidarQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QqATqBjkwixip4SF5TPdQvo8B1zaLg5nvcgj99V5nzzQ", + "type": 25, + "props": { + "source": "lxml/sax.cp36-win_amd64.pyd" + } + }, + { + "key": "Qq5niINtweiJTrsM9QCFph381pFAguux-204clxLoaZA", + "type": 25, + "props": { + "source": "lxml/etree.cp36-win_amd64.pyd" + } + }, + { + "key": "QOmHwzJdcDEMnbzbXCpzENeC3Mk9dpHh-DxhmX5w7vRw", + "type": 25, + "props": { + "source": "lxml/html/diff.cp36-win_amd64.pyd" + } + }, + { + "key": "QNmUMqyi7Zxxon2v9Hoa_5IMQkY9hbEnVOvYepntTJOU", + "type": 25, + "props": { + "source": "lxml/objectify.cp36-win_amd64.pyd" + } + }, + { + "key": "Q6b6KLB9qi1C_y0sXwE8ENJGBZx-Tr9dH6tUS34WoPWY", + "type": 25, + "props": { + "source": "lxml/builder.cp36-win_amd64.pyd" + } + }, + { + "key": "Q69-R5ApjEywM_YC2_5qL8jtmt9-NptG6jet9ukn0oh8", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp36-win_amd64.pyd" + } + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QRj0GS-qtY9z-XU-d0pmrNcEYjsSJkjHbJVwLLuidarQ", + "type": 47, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545898", + "type": "pypi", + "name": "lxml", + "files": "QzdZiUN2Cwdxz0LdLdD4xonBmW2fJIiN57qpDvjI_b1I", + "version": "5.3.0", + "artifact_id": "cp36-cp36m-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7975283, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "Q_B_gcniT18mYSz46wrjsTPF_npD5KfPMuBTvCgiSgNY", + "type": 25, + "props": { + "source": "lxml/builder.cp36-win32.pyd" + } + }, + { + "key": "QDCF87XxA734xG0kpk4WbXj-Zx0AO9P0NeJVNRizHnVQ", + "type": 25, + "props": { + "source": "lxml/sax.cp36-win32.pyd" + } + }, + { + "key": "QEjPRKxuVMEdYYUc1SnZsWZJaxYH6gmtJzq_H0K0Nec0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp36-win32.pyd" + } + }, + { + "key": "QPXsX5Jcnp1cy4z9dUB8zJTk64ZT0muOX-fGLXqEKWcQ", + "type": 25, + "props": { + "source": "lxml/etree.cp36-win32.pyd" + } + }, + { + "key": "QUX8-wx14ga8JMPqCWe3I4HnL6mau3a0zli-sBblfDNk", + "type": 25, + "props": { + "source": "lxml/html/diff.cp36-win32.pyd" + } + }, + { + "key": "QYlqMHnRv9lHXhcVdRbLs3cMysIemvn0HGCYlZPi-HpQ", + "type": 25, + "props": { + "source": "lxml/objectify.cp36-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QAvhPz3m5F_66_WinNSju7sEIcBuXqvbYFzW5dHMd7fw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QAvhPz3m5F_66_WinNSju7sEIcBuXqvbYFzW5dHMd7fw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QAvhPz3m5F_66_WinNSju7sEIcBuXqvbYFzW5dHMd7fw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QYljM66h--sVbnuBxYD3mwDaWgO9h_KJz6BJAm2i2dRo", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545899", + "type": "pypi", + "name": "lxml", + "files": "QacIPUATERALGBwee4i4TKSzelNT7t9rXycIImDgvaBI", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10501391, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QbwziBTkVuoIJL-nvb3UEWJ30n7tKDCjM7HR-dFlgzmk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-darwin.so" + } + }, + { + "key": "QeNXY2PGTeU4Ww5FH_jf9IvbATzSLk2OTfygvR9uxEuQ", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-darwin.so" + } + }, + { + "key": "QFpwaYapym-35Wjjbzs9ReYR0BuL2K7IIW0pTJTQsdig", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-darwin.so" + } + }, + { + "key": "QhzoFcApF9tMMUai6sJF4DwHiMNjnuMNykWtMtIYD6_U", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-darwin.so" + } + }, + { + "key": "QJBJDw_InpzT69hud1LuN6mFRAb2VT3x5XHu8pUyoP7A", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-darwin.so" + } + }, + { + "key": "QXmM8WfFJlfvzBhVZ5Gv4LTiERl4X9qYYgmaSyOFCgmE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QwKyaE_IDQSBiOxfwNk8yP9LQ58owo5ebNtqk_lm2-9Y", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q2BhSu8G4LE5xu7yaL5fvq9NrWg9m0nJ9FKSOuQkBGvc", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2BhSu8G4LE5xu7yaL5fvq9NrWg9m0nJ9FKSOuQkBGvc", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2BhSu8G4LE5xu7yaL5fvq9NrWg9m0nJ9FKSOuQkBGvc", + "type": 47, + "file": "lxml/ElementInclude.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545900", + "type": "pypi", + "name": "lxml", + "files": "QdHeVjEoEp4P_5MjG--ANqDFK4Xl8pGHApjfCSNDXyKU", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11985430, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q32buZlHv-BNo1iJ_tpEhYrtdcBiV39dhQp-gYt6gohI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q-kc1EIzdN9ml53rSx-WNPRapRLq1iFKjx6dsdatB93Y", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Q1Z4BWh4qtGlwidEsNfaIzXIj2wOtCeVL9QEthCjrQwE", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Q47IfHSnB72OCXoXxRAR1yzWBtafaNRfQcOxvUmqoo3I", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Qn9MD2k8fWbVPms6mu0zx215wA7sIL2h8srzZS5DmLCk", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "QStgDG3iXIwaaqi12SY6k8KaB7xBezAJASBbkXEzmtsU", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q_nnGvhV425nyuarbFEUgT610Zh_M2XZjSiCBne0vve8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_nnGvhV425nyuarbFEUgT610Zh_M2XZjSiCBne0vve8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_nnGvhV425nyuarbFEUgT610Zh_M2XZjSiCBne0vve8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QgoOj5Aj92nJm2MlMJ3Dp-ep4MCU-Cdoh24XuiFV8JsE", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545901", + "type": "pypi", + "name": "lxml", + "files": "Q3eI3wn8GOHCXey4Bqzbh-TX7lLXirzXQEZcyrzwHrDk", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11250511, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qc0qtrJb1zYY2ElrcpcwfLEoe166j2sb40krIKI0j6Zk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Q06jXXRlvKUhFKjO2NmbWwEoIqmC7kSuUPSXDY0Q5sT0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QIS9CibotXb_d-5d7U0vX8_ISzmciOgekPxtOEwjVyiY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qd40uFrkeOOec9BokhLlfPY4tVjzG5PuIXS9JsCqmKls", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qd40uFrkeOOec9BokhLlfPY4tVjzG5PuIXS9JsCqmKls", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qd40uFrkeOOec9BokhLlfPY4tVjzG5PuIXS9JsCqmKls", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXPCD0892PDZZrYoBtnyr1am_mr6gq2gyt8ewyIuXuZI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QkJwCh6LwniaWBFd62mdo2A75vLhtqeQGnElfvesf2dg", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QJ1wsILZHXQZu9yHU0U0i5YbTbN91OROUflXXr_BmgIk", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QfsVgQ1ZqoRvSnraVlmtf2Tu6pYiDfo7zeS1N8_Ji5VU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545902", + "type": "pypi", + "name": "lxml", + "files": "Q9PR3RurXdFcxtqWMswmbWdE3oNwPwjTtroVJtZC0Pr8", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11380559, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQ2Fsramh0oXm4qD3AOxudars98506aaLsVrfpKDH4Ys", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q9TM-jsc-D-XRKPwKUYtj8X6HDia3dH4CmyvOaBZBSxY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QA1lWa4j0iEOL_Lj8cu4cej2kgmNb4Lg8GQRh7HrA0qI", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QD6o3cCVl5XTN55hdX1UGyV2Ns82i9oHd0tQyn9U_6hM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QN2m_UyyQDMYRKDXwVMlZq2x1ngyP9gmA4xjFl-RqFEA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QwVZwAiKjpCKzJQcB3U0QedGk1_S83vTP37DOCbqLFmE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QzTIwntioIrfR1ovNtQXPI0SnYyALsIZRR3nZ5V38Oeg", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q6b1EWeuFEBAKK2cxOj-5sVsPM7WQUIux_EGXaQ9WpKc", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6b1EWeuFEBAKK2cxOj-5sVsPM7WQUIux_EGXaQ9WpKc", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q6b1EWeuFEBAKK2cxOj-5sVsPM7WQUIux_EGXaQ9WpKc", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545903", + "type": "pypi", + "name": "lxml", + "files": "Q9tdpHJR6wUopZenL1O07jb2Dw00jEYRHMarJfnC2zWA", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11251345, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qu4A48OF-xtrLDBZBD6QWH1grak4Mhw7TuAbWtvpQ-Fc", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q06jXXRlvKUhFKjO2NmbWwEoIqmC7kSuUPSXDY0Q5sT0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qc0qtrJb1zYY2ElrcpcwfLEoe166j2sb40krIKI0j6Zk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QfsVgQ1ZqoRvSnraVlmtf2Tu6pYiDfo7zeS1N8_Ji5VU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QJ1wsILZHXQZu9yHU0U0i5YbTbN91OROUflXXr_BmgIk", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QkJwCh6LwniaWBFd62mdo2A75vLhtqeQGnElfvesf2dg", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QXPCD0892PDZZrYoBtnyr1am_mr6gq2gyt8ewyIuXuZI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QT0IgTlZnd7Tp7tmtDtXSosvWVxBJlPX9CuIpp4kD6cM", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QT0IgTlZnd7Tp7tmtDtXSosvWVxBJlPX9CuIpp4kD6cM", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QT0IgTlZnd7Tp7tmtDtXSosvWVxBJlPX9CuIpp4kD6cM", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545904", + "type": "pypi", + "name": "lxml", + "files": "Q0HklZCXuhkxp74QpdtSQHXQN_GVcYgD3mGVfMpdLSmk", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11348410, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QD6o3cCVl5XTN55hdX1UGyV2Ns82i9oHd0tQyn9U_6hM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QN2m_UyyQDMYRKDXwVMlZq2x1ngyP9gmA4xjFl-RqFEA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QwVZwAiKjpCKzJQcB3U0QedGk1_S83vTP37DOCbqLFmE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QzTIwntioIrfR1ovNtQXPI0SnYyALsIZRR3nZ5V38Oeg", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QRdryGSEh4NL8yu17mGedkloadxy_okvkgGIIm5WCvd8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QRdryGSEh4NL8yu17mGedkloadxy_okvkgGIIm5WCvd8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QA1lWa4j0iEOL_Lj8cu4cej2kgmNb4Lg8GQRh7HrA0qI", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRdryGSEh4NL8yu17mGedkloadxy_okvkgGIIm5WCvd8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QdHbUK1BX7nRR1RM8KSAZ1-D5TnU4aqq7xLhw2WjMIgc", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q9TM-jsc-D-XRKPwKUYtj8X6HDia3dH4CmyvOaBZBSxY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545905", + "type": "pypi", + "name": "lxml", + "files": "QEGbYXOx7j3KAmzUP7F-E7NhlkSYYkCN93s9_2dWZ4AM", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11422080, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q06jXXRlvKUhFKjO2NmbWwEoIqmC7kSuUPSXDY0Q5sT0", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qc0qtrJb1zYY2ElrcpcwfLEoe166j2sb40krIKI0j6Zk", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QfsVgQ1ZqoRvSnraVlmtf2Tu6pYiDfo7zeS1N8_Ji5VU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QJ1wsILZHXQZu9yHU0U0i5YbTbN91OROUflXXr_BmgIk", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QkJwCh6LwniaWBFd62mdo2A75vLhtqeQGnElfvesf2dg", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QXPCD0892PDZZrYoBtnyr1am_mr6gq2gyt8ewyIuXuZI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QpcuCv24xgJKb59s5T63kDwzLCEmFYTy5AasZFXiMF2Q", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QouMTyiD_XoRLbbCkr2zdrCWzdmaAJfty37inCWjm66E", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QpcuCv24xgJKb59s5T63kDwzLCEmFYTy5AasZFXiMF2Q", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpcuCv24xgJKb59s5T63kDwzLCEmFYTy5AasZFXiMF2Q", + "type": 47, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545906", + "type": "pypi", + "name": "lxml", + "files": "QTmIyMpEF_k10wSGmoo5KQiP52BdyToAqkx7A-5_-NTE", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11487153, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QD6o3cCVl5XTN55hdX1UGyV2Ns82i9oHd0tQyn9U_6hM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8lYU1bMzB2HXErApU29T7-ybt3w9IhW7DKL7hMPeYnE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QsNe4e1ihLum6hPbrK-ubYGaovh7JNshP47CX4x6ST50", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q8lYU1bMzB2HXErApU29T7-ybt3w9IhW7DKL7hMPeYnE", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q8lYU1bMzB2HXErApU29T7-ybt3w9IhW7DKL7hMPeYnE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QzTIwntioIrfR1ovNtQXPI0SnYyALsIZRR3nZ5V38Oeg", + "type": 25, + "props": { + "source": "lxml/etree.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QwVZwAiKjpCKzJQcB3U0QedGk1_S83vTP37DOCbqLFmE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QN2m_UyyQDMYRKDXwVMlZq2x1ngyP9gmA4xjFl-RqFEA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QA1lWa4j0iEOL_Lj8cu4cej2kgmNb4Lg8GQRh7HrA0qI", + "type": 25, + "props": { + "source": "lxml/sax.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9TM-jsc-D-XRKPwKUYtj8X6HDia3dH4CmyvOaBZBSxY", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545907", + "type": "pypi", + "name": "lxml", + "files": "Q-FwmmRccB2k4Ngl5nMP5apZYnFGCVv77S7qz2ewTh94", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8528351, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QpdQCrVb-MZ38rEQ8MsPFJH2n1sHVVd5oYwMhk-S5tuE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QO8XG34m_1vL1bj9aHlM8h-sTbtiJgFz3DpjsAt2aRUw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QwD7LPOleuWFTuRTgk0BeCTZoUmcNmk8iQn152Gl5q40", + "type": 25, + "props": { + "source": "lxml/sax.cp37-win_amd64.pyd" + } + }, + { + "key": "QVfCaEHSPhrULS54kHTSf3_IPndnXtbPkvy7rstN8ANY", + "type": 25, + "props": { + "source": "lxml/builder.cp37-win_amd64.pyd" + } + }, + { + "key": "QpdQCrVb-MZ38rEQ8MsPFJH2n1sHVVd5oYwMhk-S5tuE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QSkea71rs2PlArEKagx_DOFyS2r-bXAk_wJCG3UCzcz0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp37-win_amd64.pyd" + } + }, + { + "key": "QPwbK326cmG2r2DSzKB87W7CnwCInU2D-AJe5hIoISy0", + "type": 25, + "props": { + "source": "lxml/html/diff.cp37-win_amd64.pyd" + } + }, + { + "key": "QaneU6ZwmTFhIJ_8FJ8USLbjb_2GX8Cv28Y8M1Ks5cCw", + "type": 25, + "props": { + "source": "lxml/etree.cp37-win_amd64.pyd" + } + }, + { + "key": "Q4KrDDFVItGR_37E0-dVT1vXGkR2QRSu9KsJt-lDHZNw", + "type": 25, + "props": { + "source": "lxml/objectify.cp37-win_amd64.pyd" + } + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QpdQCrVb-MZ38rEQ8MsPFJH2n1sHVVd5oYwMhk-S5tuE", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545908", + "type": "pypi", + "name": "lxml", + "files": "Qf1J7MtR-sGp3FEOK27sitWS0-H-uWWBs9iGuWzjellc", + "version": "5.3.0", + "artifact_id": "cp37-cp37m-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7743938, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QSv6zWnYChXf_B3Fw9umTj7TKbRnCYWJv2ULY2M9HdtM", + "type": 25, + "props": { + "source": "lxml/builder.cp37-win32.pyd" + } + }, + { + "key": "Qu0ix4S_XsOoORXAVqZsjnBjXCwZDiGyfF0uBOge7XYY", + "type": 25, + "props": { + "source": "lxml/etree.cp37-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QIxXB2otYJOTuLyJpulesP9phJGkdOza7ssV375FaJcI", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QIxXB2otYJOTuLyJpulesP9phJGkdOza7ssV375FaJcI", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QIxXB2otYJOTuLyJpulesP9phJGkdOza7ssV375FaJcI", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QCA0bpTFlvqI6kiii5jwyG7pthUp-gPVXdw9IMomTOCs", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q8rGGwT_QTcAxtag4NtWF72XWS7KMKkLfIHiQw1FK5is", + "type": 25, + "props": { + "source": "lxml/html/diff.cp37-win32.pyd" + } + }, + { + "key": "Qgu5NJ7AMyyvnXS5xX4To7eA7t8Bi6gdyRrwYe3NJLGo", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp37-win32.pyd" + } + }, + { + "key": "QlrQH7XtDOxOwwH-APCBj2kv3FJZwnVGcUxUElmreps4", + "type": 25, + "props": { + "source": "lxml/objectify.cp37-win32.pyd" + } + }, + { + "key": "Qm99dU4AEeRKlywRrxnsL9x_uArXdMnzOgclIfYsjUPo", + "type": 25, + "props": { + "source": "lxml/sax.cp37-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545909", + "type": "pypi", + "name": "lxml", + "files": "QsStk66JjvUhE23Zd3etzMjL65KqbXHMoQE7yo9iHRAQ", + "version": "5.3.0", + "artifact_id": "cp38-cp38-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10476848, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QYgcyD6nNjaS6rXQOkG2Udkr2tl8XOFS9EnKlkoX5KKI", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QZjF1FSvA0E-SZDdWNgfv6AnL8az1w7vuT01b5TrmxeI", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-darwin.so" + } + }, + { + "key": "QtS972tnl3E_eYY-EywDXSyB0UQnGaEj6_C_4g-p454U", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-darwin.so" + } + }, + { + "key": "QPFHV_VgVyW_-MLM9inBs5H590D2C3LocfEYQal_-Los", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-darwin.so" + } + }, + { + "key": "QoNPN95n76psVgM6eGSnuEqu_7YlJUrPrwbOed4G27To", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-darwin.so" + } + }, + { + "key": "QiQUZbq4WCvZijVWizF1N0jBSTQ1GvyIhn5oknmddGE8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-darwin.so" + } + }, + { + "key": "QimP_toXDW4WTtegJm8o2BL-yJRZHeF3luI59BCE7lcA", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-darwin.so" + } + }, + { + "key": "QKjEt-OrceVKFI57zoUS5TYi0elN0RCm2TqntXKB-XBQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QYgcyD6nNjaS6rXQOkG2Udkr2tl8XOFS9EnKlkoX5KKI", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QYgcyD6nNjaS6rXQOkG2Udkr2tl8XOFS9EnKlkoX5KKI", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545910", + "type": "pypi", + "name": "lxml", + "files": "QxhBWuhQeadyCAvKG4Mn1JVBsoVYtqQyH1ogpGAHcpGc", + "version": "5.3.0", + "artifact_id": "cp38-cp38-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12054708, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QBq2B34oezDhBgH-hw2j6VdbYxcXtQo4X3MFOZNiPCzg", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QBq2B34oezDhBgH-hw2j6VdbYxcXtQo4X3MFOZNiPCzg", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QBq2B34oezDhBgH-hw2j6VdbYxcXtQo4X3MFOZNiPCzg", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QJOyegN4TrGKp3IZinoJSjs00YEDESX6srkTdYMx0zTM", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QJUetQSBQbaqcrMydyHDmsJq66GDvJgrM9edn6ix2EOc", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QedtGLTvpgEKf11bczqxlksYWUbVKaOBBWcNbKJPfcrQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "Q_BErJ0PdUgrDXfy7GCgiMg8juoJjs34Ektp6yhbdcpw", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Ql4NfoorWwqW-ZQZY4PSNCv0t4tRYIVXEJjHhtqz6atM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QNK4wgKMty4gLquWSynknALcqe3-kuVteIvaZO-P88z8", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QxKdN4-_PBkzRZoWIybe8QU6ziMs1LngKH5FS8-jbXco", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-i386-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545911", + "type": "pypi", + "name": "lxml", + "files": "null", + "version": "5.3.0", + "artifact_id": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11242863, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QeHM0H-3S0iUnnYa0zte-cQytnoqOdw-uV7_ANHVNTqQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QeIk1wtsXgMPXzfbjbILokfniL3fD_XZ74jJ4E89YHSQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QelQECnauaOIpMoWnR5xFAEbg916HB8MB_SDUUcbFvqc", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QhDOt9nfBc4ztbYcSrcFZTyf_KqfVnwyOnDFgnIE7l0s", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qtmg0zm_i00Dfaq13lDyeqwEepA8PUgR_Xqq2UYnbHA8", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QyzKz8Ly1_CgQucL2budy9TxUWH_-qIb6wSCws_4lN9g", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QrpP723PoawqrG0TgpKicXGTMzBP9iKAA3x-41KlJD5o", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QrpP723PoawqrG0TgpKicXGTMzBP9iKAA3x-41KlJD5o", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QrpP723PoawqrG0TgpKicXGTMzBP9iKAA3x-41KlJD5o", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQTHAavEEpmj0m_-rL9ujSE1YMoYxJIwXO5D2TQJt6Jk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545912", + "type": "pypi", + "name": "lxml", + "files": "QPFBo8ZIx2a3AsjAIAEW-3NXtH0Nu-IMxByaD7RTRi3s", + "version": "5.3.0", + "artifact_id": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11441559, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QDl15wC0PaLh73nQfZ0ubn-fqSQqPqz7Zt1QsN0djDac", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qf64W3wHOfd-DQ394XsoDE1i9l5DiUn7l9cREJ5hAIbs", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXJIc19LRmA4mvKMJtXKPeckgjJt9NQBJltUhfczHbg8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlqnMY0hQCs0qNsS2eXQ9yxg_D9Ye23CphmAGyFfo2XI", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfipINKlFAy2XjEMZvYbPCm7i59gO6CqAOUdnFnLrgzo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeWjkNgYF1cI6wU6SILts1mQjQmpC7htFJHJNZI6LGA8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q31FczK29OMUXyg5LGwWspyF9_4x2aDeGF3-p7-8SVAQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2m4JVKQGDJdWaU5Qts_qOz5u2ClGBEAYKBPH50ucMUg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qf64W3wHOfd-DQ394XsoDE1i9l5DiUn7l9cREJ5hAIbs", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qf64W3wHOfd-DQ394XsoDE1i9l5DiUn7l9cREJ5hAIbs", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545913", + "type": "pypi", + "name": "lxml", + "files": "Q_rjRQaYl14oF0vY6qhq5u7g_taeKte1Q-wTIBdU-o7Y", + "version": "5.3.0", + "artifact_id": "cp38-cp38-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11112562, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QeHM0H-3S0iUnnYa0zte-cQytnoqOdw-uV7_ANHVNTqQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QeIk1wtsXgMPXzfbjbILokfniL3fD_XZ74jJ4E89YHSQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QelQECnauaOIpMoWnR5xFAEbg916HB8MB_SDUUcbFvqc", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QhDOt9nfBc4ztbYcSrcFZTyf_KqfVnwyOnDFgnIE7l0s", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qtmg0zm_i00Dfaq13lDyeqwEepA8PUgR_Xqq2UYnbHA8", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QyzKz8Ly1_CgQucL2budy9TxUWH_-qIb6wSCws_4lN9g", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2hNrXZ0VYCYgT_CRReUBzC-7Oo8aMa1k8jFvDLI3_pg", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2hNrXZ0VYCYgT_CRReUBzC-7Oo8aMa1k8jFvDLI3_pg", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2hNrXZ0VYCYgT_CRReUBzC-7Oo8aMa1k8jFvDLI3_pg", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QtJPml3dd-lLLIBrS20cZTOoZrOmhAocqLkTRYkUBhEQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545914", + "type": "pypi", + "name": "lxml", + "files": "QUCBq4QHZEH6bPRvNY7JpRcX-SkGpSvT3Tmtyu-PNns0", + "version": "5.3.0", + "artifact_id": "cp38-cp38-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11405227, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q2m4JVKQGDJdWaU5Qts_qOz5u2ClGBEAYKBPH50ucMUg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QfipINKlFAy2XjEMZvYbPCm7i59gO6CqAOUdnFnLrgzo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeWjkNgYF1cI6wU6SILts1mQjQmpC7htFJHJNZI6LGA8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q31FczK29OMUXyg5LGwWspyF9_4x2aDeGF3-p7-8SVAQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QEM-9aWd37ari4fpFQZcNOAhlxrNV_30qjmbbh5yBxBs", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QEM-9aWd37ari4fpFQZcNOAhlxrNV_30qjmbbh5yBxBs", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXJIc19LRmA4mvKMJtXKPeckgjJt9NQBJltUhfczHbg8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlqnMY0hQCs0qNsS2eXQ9yxg_D9Ye23CphmAGyFfo2XI", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QEM-9aWd37ari4fpFQZcNOAhlxrNV_30qjmbbh5yBxBs", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRbn7JefBVKiW7PAmcMVt6OMs94TQcZO_sYaA8VpPxyw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545915", + "type": "pypi", + "name": "lxml", + "files": "Qdssau7Cq8u2WEJlnW-zFs30jqjtc8Uy9SYrCA9NtGq4", + "version": "5.3.0", + "artifact_id": "cp38-cp38-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11283425, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QhDOt9nfBc4ztbYcSrcFZTyf_KqfVnwyOnDFgnIE7l0s", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qtmg0zm_i00Dfaq13lDyeqwEepA8PUgR_Xqq2UYnbHA8", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QyzKz8Ly1_CgQucL2budy9TxUWH_-qIb6wSCws_4lN9g", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QktXNjD3-95aiqin0ZXY11eTFvU--0dX8Z3u93rJMgHk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QWMjvUQB6Ryn9Z3rDFtTWUV7w8Vw80y7ooy4MAcZesVY", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QWMjvUQB6Ryn9Z3rDFtTWUV7w8Vw80y7ooy4MAcZesVY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QWMjvUQB6Ryn9Z3rDFtTWUV7w8Vw80y7ooy4MAcZesVY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QelQECnauaOIpMoWnR5xFAEbg916HB8MB_SDUUcbFvqc", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QeHM0H-3S0iUnnYa0zte-cQytnoqOdw-uV7_ANHVNTqQ", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QeIk1wtsXgMPXzfbjbILokfniL3fD_XZ74jJ4E89YHSQ", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545916", + "type": "pypi", + "name": "lxml", + "files": "QJp84CaHOzkA92pY3eNLRAtuQvVZsAiajm7-6Gh25mko", + "version": "5.3.0", + "artifact_id": "cp38-cp38-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11527650, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2m4JVKQGDJdWaU5Qts_qOz5u2ClGBEAYKBPH50ucMUg", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q31FczK29OMUXyg5LGwWspyF9_4x2aDeGF3-p7-8SVAQ", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeWjkNgYF1cI6wU6SILts1mQjQmpC7htFJHJNZI6LGA8", + "type": 25, + "props": { + "source": "lxml/etree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfipINKlFAy2XjEMZvYbPCm7i59gO6CqAOUdnFnLrgzo", + "type": 25, + "props": { + "source": "lxml/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlqnMY0hQCs0qNsS2eXQ9yxg_D9Ye23CphmAGyFfo2XI", + "type": 25, + "props": { + "source": "lxml/sax.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXJIc19LRmA4mvKMJtXKPeckgjJt9NQBJltUhfczHbg8", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-q9Xu1CpbyGrQLiOYngD0M_adSkOq2F2RIcReleXOng", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-q9Xu1CpbyGrQLiOYngD0M_adSkOq2F2RIcReleXOng", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-q9Xu1CpbyGrQLiOYngD0M_adSkOq2F2RIcReleXOng", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4nXfR2P6RxiBx4EijAbso3WNqU85EPJLl9PAr12Vv0o", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545917", + "type": "pypi", + "name": "lxml", + "files": "QDUcgA0ylxSA2TTSOO8A4_Dd2ffwBg3pf7DH-UbiQ1Rc", + "version": "5.3.0", + "artifact_id": "cp38-cp38-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8516053, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "Q4EYLp3FUxWdVPmPA3jsyqVudwRZ1jUPdwLLkwHX0p4M", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4EYLp3FUxWdVPmPA3jsyqVudwRZ1jUPdwLLkwHX0p4M", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qrx_vn1DhWZaeSO19G4UFPTHxAsA4qx0XUfD9TLDfl_4", + "type": 25, + "props": { + "source": "lxml/builder.cp38-win_amd64.pyd" + } + }, + { + "key": "QlP_mTiXlQs78HmRAaSGY55ojuo54JWw5xfGvtRNdBjs", + "type": 25, + "props": { + "source": "lxml/sax.cp38-win_amd64.pyd" + } + }, + { + "key": "QIy0GtTnfq1i8Xpl5JjL1BLUKiWNULIpz-2foHySwd94", + "type": 25, + "props": { + "source": "lxml/etree.cp38-win_amd64.pyd" + } + }, + { + "key": "QHGkPvFEWXe7eYbOYgHLnN80boP8V5ibGaGKsrX-tOHA", + "type": 25, + "props": { + "source": "lxml/html/diff.cp38-win_amd64.pyd" + } + }, + { + "key": "QAOQiIHzJzAwvdM_3fihD0kEgszsIT6qkiwZO7KT5gMs", + "type": 25, + "props": { + "source": "lxml/objectify.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0hM8Zcl7LKBzIuom9Iqtpr-nf3VJLlMqjTMBlpf88UM", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp38-win_amd64.pyd" + } + }, + { + "key": "QPgpOhLvPmSbXgzIX_m_IE-J-otdzs95pHwyDo9YMy4E", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4EYLp3FUxWdVPmPA3jsyqVudwRZ1jUPdwLLkwHX0p4M", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545918", + "type": "pypi", + "name": "lxml", + "files": "Q1U3jdE-zSXDFTAp5tyqQdR2yzxZOwAgEXkdDqkXbnxw", + "version": "5.3.0", + "artifact_id": "cp38-cp38-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7717305, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QCC7jXoZe7sD1x7E9_1xy8Mj-oOwkaNMnYutx0BDt2Tc", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q8aFlQ2iuFpP82FJdJIcCH7KcPIy0SQOEBSAL6iLlDDE", + "type": 25, + "props": { + "source": "lxml/sax.cp38-win32.pyd" + } + }, + { + "key": "QCLx4OO4zWDFbktziB5rex3-ndzWef38fmcd2MFxEGZE", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp38-win32.pyd" + } + }, + { + "key": "QCqHKGOEUSxqbcUAVgi6Ah_heg8Gp4W08QtMwk62rQDo", + "type": 25, + "props": { + "source": "lxml/html/diff.cp38-win32.pyd" + } + }, + { + "key": "QnXxl1fNUu3dWxHJKQUYIsI-qDAHTVxlM_lLczzI_7wY", + "type": 25, + "props": { + "source": "lxml/builder.cp38-win32.pyd" + } + }, + { + "key": "QtrG0qM_aw186HMGliHrQ_YAhXQ7ArAHHaPZhFKFsmns", + "type": 25, + "props": { + "source": "lxml/etree.cp38-win32.pyd" + } + }, + { + "key": "QV80UIg2VpO__bapRn_13QtNYBfaqd0m4v846y2LS-Io", + "type": 25, + "props": { + "source": "lxml/objectify.cp38-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qjjwm-0cs2SDPWa2Pp4i_QyHr5V_p6-J4ZiDDqELkaWM", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qjjwm-0cs2SDPWa2Pp4i_QyHr5V_p6-J4ZiDDqELkaWM", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qjjwm-0cs2SDPWa2Pp4i_QyHr5V_p6-J4ZiDDqELkaWM", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": 19, + "file": "lxml/html/soupparser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545919", + "type": "pypi", + "name": "lxml", + "files": "QuqJwaxHK42fFOggGQS4FBwFusxR6SWXIagVVhhNj0GI", + "version": "5.3.0", + "artifact_id": "cp39-cp39-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 18312764, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QQ9ZBXt1ysI92HzxdjJ5aO1SFppyqLl9QYfAWz-ScXC8", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-darwin.so" + } + }, + { + "key": "QlozXKUe9sluS56z8oGRSTgXLAiA_DpSxgTICzvCqhnE", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QM80koQjbpXd27vZDrUeSh9Teq-qpQKlrBZqVDoGNxtU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QM80koQjbpXd27vZDrUeSh9Teq-qpQKlrBZqVDoGNxtU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QM80koQjbpXd27vZDrUeSh9Teq-qpQKlrBZqVDoGNxtU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QuwaWML-0mXbyI1Dva5Fwh18G2F2vl3iWfxh7iGkmVFM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-darwin.so" + } + }, + { + "key": "QuQ3yrU3X5QQVe-5hzZBxzY51m6eZbkJ6OHYbjVR3d1Y", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-darwin.so" + } + }, + { + "key": "QTkzdHgXUHZPnG8aqKKw7dJmX6-8iExs8VoUBvL6TnJ8", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-darwin.so" + } + }, + { + "key": "QN5Vmy_HDcolCDoPvlyJFprx4oUQjTNmyNezpKbxsW70", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-darwin.so" + } + }, + { + "key": "Q83yaAZQm6Tj6QiJlX1f8DDUn1nAmsJFCnhnpEOR1cZU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545920", + "type": "pypi", + "name": "lxml", + "files": "QQRhGitqAqafPuJG0i2qFLOWRNS_4CoWb7Erovnb3JWk", + "version": "5.3.0", + "artifact_id": "cp39-cp39-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 10160592, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QN5Vmy_HDcolCDoPvlyJFprx4oUQjTNmyNezpKbxsW70", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-darwin.so" + } + }, + { + "key": "Q83yaAZQm6Tj6QiJlX1f8DDUn1nAmsJFCnhnpEOR1cZU", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgUeW-M6_5N-dbyYd0MyF2Cx-EbKGORRhIL-5t--gcEY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QgUeW-M6_5N-dbyYd0MyF2Cx-EbKGORRhIL-5t--gcEY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QuwaWML-0mXbyI1Dva5Fwh18G2F2vl3iWfxh7iGkmVFM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-darwin.so" + } + }, + { + "key": "QuQ3yrU3X5QQVe-5hzZBxzY51m6eZbkJ6OHYbjVR3d1Y", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-darwin.so" + } + }, + { + "key": "QTkzdHgXUHZPnG8aqKKw7dJmX6-8iExs8VoUBvL6TnJ8", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-darwin.so" + } + }, + { + "key": "QQ9ZBXt1ysI92HzxdjJ5aO1SFppyqLl9QYfAWz-ScXC8", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-darwin.so" + } + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QgUeW-M6_5N-dbyYd0MyF2Cx-EbKGORRhIL-5t--gcEY", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QsJIij9gZGHjF1WnA_Bbq1sWucyCsX__5AtWTmbR6V8E", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545921", + "type": "pypi", + "name": "lxml", + "files": "QZHtoeqfchMtbM1wHvfVQag9mv-Lfpn3Vzex5RIf-9rQ", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12058900, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QI9BihJ_C0LAIPkQUWiwva7eTsKt9XSjayg8sy_MdMk4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3YnDmq4CpLPCYjhySWA50aBApTWVC05eVLJsaTJX2Q8", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Q6irG-l9XPDJX8fK_l6E6JT_KSNaECcJDLFbuqaS7Vj4", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QkCJsMJX7PjHjSvUb73f1zckUfBROk2Gy7nr1FL6Cza8", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QLGaFK7m21vIGuuNelur5k_nygOnDpv9IDon0UoqVDiw", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QrvnaKR__AUS_v73PXNBPSUKg0_M0DSUxHfdeDRGOyak", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qv63bDlXupLweGF8CUBgtDbf44VFsb1I0OvRnaSm4NJ0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qv63bDlXupLweGF8CUBgtDbf44VFsb1I0OvRnaSm4NJ0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qv63bDlXupLweGF8CUBgtDbf44VFsb1I0OvRnaSm4NJ0", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwFQIYe6dfoaRbrv4V9iqr5zGovFqv3NvDeULJCO700A", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545922", + "type": "pypi", + "name": "lxml", + "files": "QCOdsT0hzzJ-uBDvErNgqIEcmmcfplp9lQi5WpToGibo", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11110247, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QG1xivA1GLRgq2dKXQxVjOvYhh3Q-eCo1EECyLWjWrck", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q8sBN1-_uiSUCLlzpdBeaXc8OxyfTK6XzZD-DK97mGJs", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5ocEYNYOXvUXZrCicps2IV32pw5PCVlQncHb0BtaDvM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qf0wMUq34Ilnd2WPSocivtQsvtKb3J08DUJGyY4Wpzt8", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QvRux_X8RFNlvZmwD5BZxQEie6jgZZJjOKZAm91Q1tdY", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvRux_X8RFNlvZmwD5BZxQEie6jgZZJjOKZAm91Q1tdY", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QSbmhsr_s2SWd39pSD6KqIrz3GYit76yqVxGVe7nQgQE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIdaddtrVRyuR9IINXol2xuKlBcwJs_2eyRIRQIGL2-0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QLVkiTH28v0jMk1Ub0sv5Gt2zkhdFR5_tdr9sH3Bbx3A", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvRux_X8RFNlvZmwD5BZxQEie6jgZZJjOKZAm91Q1tdY", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545923", + "type": "pypi", + "name": "lxml", + "files": "QbeemmVUoV7OmglTsbPUqRoW42pAJaN69yekHVmyF46U", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13469679, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QfL3HHfyibQ07UBSTvX_U6zggh10ntsMO-4f0dCh_gPE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qq13I18emzQ0mmlco4Y3JsZJpeujWKvUIeRxSha4hN3k", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9wn_SpP_oqsP_ecqta_grDKzkGbllKKP2vAdEehzc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QrRUcn1a-Z1qbAZw7MOJj_Jex1hMLfrc4UmRCFrhZsPA", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QTHhQigcbhvJxNqTAOcd1lveGk114yesoCXW5Rzi4CBU", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvasLQGWD7HElvwx_sYfkM3M_A2gcAkwwbIDRVlnI664", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QVkwNvpHYpX0wBJIn-QXS3Xlp_xA3BIzK4JCjCvLMMY4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QfL3HHfyibQ07UBSTvX_U6zggh10ntsMO-4f0dCh_gPE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QfL3HHfyibQ07UBSTvX_U6zggh10ntsMO-4f0dCh_gPE", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQFUq-EbPOwkvzB84GP_B8Njwz69nkqOLf7s-K95TDts", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545924", + "type": "pypi", + "name": "lxml", + "files": "QwmI7jgAXCNli5ial14Fm0RSvw9r_nuzJ_xLiijgSA1k", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11785967, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q73wLjMNnveglMlJzkxQRFsQ-4Qwe_SBE7tAhXLmkIXg", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q73wLjMNnveglMlJzkxQRFsQ-4Qwe_SBE7tAhXLmkIXg", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q73wLjMNnveglMlJzkxQRFsQ-4Qwe_SBE7tAhXLmkIXg", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q0C7s-WWjyAOQzgDnvNoASCXZGvFk3tLZOPYmcVq_oqc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QbY4wgupVFKx0hqajKJYkWrslucnEfZPY6mpge0FG6A8", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q9DSeM9b-G4b2TawRWHrDLU6MDe7y5SbLnoENWNm33_0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QIbAnkaI7vr6j1TSwcoTditE0ntKjrg26VPjuSdYN-hA", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QNwcVi6NO1pFeeEQgrCvACtJrxH0QKe0fiItYnkM9kSo", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QR_MuWuy1MV6l2uw8mMSCeqMv_FMIThM6n9kXn1WADf0", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Qr62CYDAqIfUjydkBzg00-q2Cs97D3ek15XtYcKqqBhw", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545925", + "type": "pypi", + "name": "lxml", + "files": "Qww0xHbbbnwh8wt8bEQS3NWQoeG4WDYUm9ORJZoluKcA", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11417047, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q8I9TFSRCsorLZFWQweQkfqDX_6jBQMUrzZZf7AwZz9o", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q5iCnaXHyWQp407Yyq_NxhtUAUT-jXmMwK04HAJtEzqc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QthvYrE-XlyscDjC9-oixNU-f6yTjt4sBsB5HKvUTMXs", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QthvYrE-XlyscDjC9-oixNU-f6yTjt4sBsB5HKvUTMXs", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QthvYrE-XlyscDjC9-oixNU-f6yTjt4sBsB5HKvUTMXs", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QVrSXOGQTtKYJNbh_oWpkKDSdmXu2ss5brU8hptXs-YI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvnY2K5lHV0kbltFVN9aLIghtSO-2cravw7h-SGScepw", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu1cNsso_mFbd_4Q_wHyZK5KWW9i1QYTPWN2HwE-MqzU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIufQd_2sUQ07QTcY9zqWNdW-67hAJNQ2opwOcaZiydo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QIUaZlxszcCUZ1zdIi6XwqOlcn-hZgTyW8XvzuV3ELUU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545926", + "type": "pypi", + "name": "lxml", + "files": "Q2rCcJPzb0srVHMgqW_E7HS6TqTBRD4dLPHBSEanzANs", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11045474, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QcS7FlZ_MbeylXkO5VQg574UEgWLZSxaxfgDUHJZE-Kw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QoXc01oVrb_1L-YXsZ_Drho4pO-onEqkBnfRbLevKdeI", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QcS7FlZ_MbeylXkO5VQg574UEgWLZSxaxfgDUHJZE-Kw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QcS7FlZ_MbeylXkO5VQg574UEgWLZSxaxfgDUHJZE-Kw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QSbmhsr_s2SWd39pSD6KqIrz3GYit76yqVxGVe7nQgQE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIdaddtrVRyuR9IINXol2xuKlBcwJs_2eyRIRQIGL2-0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QG1xivA1GLRgq2dKXQxVjOvYhh3Q-eCo1EECyLWjWrck", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qf0wMUq34Ilnd2WPSocivtQsvtKb3J08DUJGyY4Wpzt8", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q8sBN1-_uiSUCLlzpdBeaXc8OxyfTK6XzZD-DK97mGJs", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5ocEYNYOXvUXZrCicps2IV32pw5PCVlQncHb0BtaDvM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545927", + "type": "pypi", + "name": "lxml", + "files": "QLa2hyZaFZPxgWyd2qi-RX1gHcbAtqlgduDX40izV_7M", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-28-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 14060122, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q6Wd6Xdk6pSJw60cluEhOORNAGrHjOiK__8nTlXtF_IQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qq13I18emzQ0mmlco4Y3JsZJpeujWKvUIeRxSha4hN3k", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9wn_SpP_oqsP_ecqta_grDKzkGbllKKP2vAdEehzc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QrRUcn1a-Z1qbAZw7MOJj_Jex1hMLfrc4UmRCFrhZsPA", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QTHhQigcbhvJxNqTAOcd1lveGk114yesoCXW5Rzi4CBU", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvasLQGWD7HElvwx_sYfkM3M_A2gcAkwwbIDRVlnI664", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QVkwNvpHYpX0wBJIn-QXS3Xlp_xA3BIzK4JCjCvLMMY4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXiOHI7-R-cl9ImtohICu2nCTkRDrrhCnsnjAJXYsW_Q", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXiOHI7-R-cl9ImtohICu2nCTkRDrrhCnsnjAJXYsW_Q", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXiOHI7-R-cl9ImtohICu2nCTkRDrrhCnsnjAJXYsW_Q", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545928", + "type": "pypi", + "name": "lxml", + "files": "QsPHuderw2tYd-gigbpjfr6bd2PKKyb7Rd8Qwtf8kuzY", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-28-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12003668, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QIbAnkaI7vr6j1TSwcoTditE0ntKjrg26VPjuSdYN-hA", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q0C7s-WWjyAOQzgDnvNoASCXZGvFk3tLZOPYmcVq_oqc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q9DSeM9b-G4b2TawRWHrDLU6MDe7y5SbLnoENWNm33_0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QNwcVi6NO1pFeeEQgrCvACtJrxH0QKe0fiItYnkM9kSo", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QR_MuWuy1MV6l2uw8mMSCeqMv_FMIThM6n9kXn1WADf0", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Qr62CYDAqIfUjydkBzg00-q2Cs97D3ek15XtYcKqqBhw", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QLpFd3LiuFfe0aomW9sj1nCmowd1CIWUWgb2xbr69zNQ", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QLpFd3LiuFfe0aomW9sj1nCmowd1CIWUWgb2xbr69zNQ", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QLpFd3LiuFfe0aomW9sj1nCmowd1CIWUWgb2xbr69zNQ", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGpLJpaubP31HQBh7wjR4lRKtJcn8Db-HF7PXxEHejIE", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545929", + "type": "pypi", + "name": "lxml", + "files": "QhJSQ_f5vzvH-0cZ4sc9qM6u74krC_vZ8HLPl2Nvan9Y", + "version": "5.3.0", + "artifact_id": "cp39-cp39-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11323371, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qe4DsMxxWOPR_YE3dpX3Ctbts5-Zq1mlx99npYHUZIt8", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q5iCnaXHyWQp407Yyq_NxhtUAUT-jXmMwK04HAJtEzqc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIUaZlxszcCUZ1zdIi6XwqOlcn-hZgTyW8XvzuV3ELUU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIufQd_2sUQ07QTcY9zqWNdW-67hAJNQ2opwOcaZiydo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu1cNsso_mFbd_4Q_wHyZK5KWW9i1QYTPWN2HwE-MqzU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvnY2K5lHV0kbltFVN9aLIghtSO-2cravw7h-SGScepw", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVrSXOGQTtKYJNbh_oWpkKDSdmXu2ss5brU8hptXs-YI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnHjauspRIqiyO3Nx7_c80uEFVOvT082IMxCtpWq9POU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QnHjauspRIqiyO3Nx7_c80uEFVOvT082IMxCtpWq9POU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QnHjauspRIqiyO3Nx7_c80uEFVOvT082IMxCtpWq9POU", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545930", + "type": "pypi", + "name": "lxml", + "files": "QdefYNRHxkc9N_U9RK2WvMWWi46gkd0JNYSJvqmj2KeU", + "version": "5.3.0", + "artifact_id": "cp39-cp39-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11216153, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QG1xivA1GLRgq2dKXQxVjOvYhh3Q-eCo1EECyLWjWrck", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIdaddtrVRyuR9IINXol2xuKlBcwJs_2eyRIRQIGL2-0", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QSbmhsr_s2SWd39pSD6KqIrz3GYit76yqVxGVe7nQgQE", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QWaUDfODUgOXS6Z2tr0ZoqUVjDEWD9LPk2U5s-Z1l8AA", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QWaUDfODUgOXS6Z2tr0ZoqUVjDEWD9LPk2U5s-Z1l8AA", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QWaUDfODUgOXS6Z2tr0ZoqUVjDEWD9LPk2U5s-Z1l8AA", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QxF6D2LQYJ60UrJn-8UrvKNkZDbeXsncs59CMisWH5IQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q8sBN1-_uiSUCLlzpdBeaXc8OxyfTK6XzZD-DK97mGJs", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5ocEYNYOXvUXZrCicps2IV32pw5PCVlQncHb0BtaDvM", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qf0wMUq34Ilnd2WPSocivtQsvtKb3J08DUJGyY4Wpzt8", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545931", + "type": "pypi", + "name": "lxml", + "files": "QnrKt9gUHpbpXMb9LSIUedQEqYgz7cIjsTK-UzGeiNOk", + "version": "5.3.0", + "artifact_id": "cp39-cp39-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 13903561, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QpvXIcTdoj7XTBBXzKYFtngz4hCHhSbFbW4x6o3eJGzY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q7xk-nTx8fInfwpBGo_t7VHVoKTIlL5SAcF6RvlLJT_M", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q7xk-nTx8fInfwpBGo_t7VHVoKTIlL5SAcF6RvlLJT_M", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q7xk-nTx8fInfwpBGo_t7VHVoKTIlL5SAcF6RvlLJT_M", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QVkwNvpHYpX0wBJIn-QXS3Xlp_xA3BIzK4JCjCvLMMY4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvasLQGWD7HElvwx_sYfkM3M_A2gcAkwwbIDRVlnI664", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QTHhQigcbhvJxNqTAOcd1lveGk114yesoCXW5Rzi4CBU", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QrRUcn1a-Z1qbAZw7MOJj_Jex1hMLfrc4UmRCFrhZsPA", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9wn_SpP_oqsP_ecqta_grDKzkGbllKKP2vAdEehzc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qq13I18emzQ0mmlco4Y3JsZJpeujWKvUIeRxSha4hN3k", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545932", + "type": "pypi", + "name": "lxml", + "files": "Q9KZ-AYxW2ISK5nseGNN4F0T6quIZKZ43rKc9-ITiU3g", + "version": "5.3.0", + "artifact_id": "cp39-cp39-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 12272915, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QsI3dpDvYFTZtxp82gO7ioGWEajn1ry4DcacPEGtPxN4", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qr62CYDAqIfUjydkBzg00-q2Cs97D3ek15XtYcKqqBhw", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QIbAnkaI7vr6j1TSwcoTditE0ntKjrg26VPjuSdYN-hA", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q9DSeM9b-G4b2TawRWHrDLU6MDe7y5SbLnoENWNm33_0", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q0C7s-WWjyAOQzgDnvNoASCXZGvFk3tLZOPYmcVq_oqc", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QR_MuWuy1MV6l2uw8mMSCeqMv_FMIThM6n9kXn1WADf0", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QgScWYHq16pKqu-IvOJ11MDLF_P3HSjPLDYUEeZIu58w", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QNwcVi6NO1pFeeEQgrCvACtJrxH0QKe0fiItYnkM9kSo", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QgScWYHq16pKqu-IvOJ11MDLF_P3HSjPLDYUEeZIu58w", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QgScWYHq16pKqu-IvOJ11MDLF_P3HSjPLDYUEeZIu58w", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545933", + "type": "pypi", + "name": "lxml", + "files": "QW2079lbs38muV-84H6rPRYVDFV5IgVC370Ck_vQv9f8", + "version": "5.3.0", + "artifact_id": "cp39-cp39-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 11445666, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QVrSXOGQTtKYJNbh_oWpkKDSdmXu2ss5brU8hptXs-YI", + "type": 25, + "props": { + "source": "lxml/html/diff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu1cNsso_mFbd_4Q_wHyZK5KWW9i1QYTPWN2HwE-MqzU", + "type": 25, + "props": { + "source": "lxml/objectify.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIufQd_2sUQ07QTcY9zqWNdW-67hAJNQ2opwOcaZiydo", + "type": 25, + "props": { + "source": "lxml/etree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIUaZlxszcCUZ1zdIi6XwqOlcn-hZgTyW8XvzuV3ELUU", + "type": 25, + "props": { + "source": "lxml/sax.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5iCnaXHyWQp407Yyq_NxhtUAUT-jXmMwK04HAJtEzqc", + "type": 25, + "props": { + "source": "lxml/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qq6EuvVAJbxxvtdWCm2o97Jlyi0mjgGcQqvEgc8Aj9Vw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qq6EuvVAJbxxvtdWCm2o97Jlyi0mjgGcQqvEgc8Aj9Vw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QVYpBnysBNkZepDAx2WjjcJ-PkuELxzaqIyPE_lSNTNs", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qq6EuvVAJbxxvtdWCm2o97Jlyi0mjgGcQqvEgc8Aj9Vw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvnY2K5lHV0kbltFVN9aLIghtSO-2cravw7h-SGScepw", + "type": 25, + "props": { + "source": "lxml/_elementpath.cpython-39-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853545934", + "type": "pypi", + "name": "lxml", + "files": "QeZtHdtWMAbhlBScR50UiuqsLGiihvOhWgnKpUJmtH4Q", + "version": "5.3.0", + "artifact_id": "cp39-cp39-win32-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7706553, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QD8Y_bd8UcPvM1XjWrLkdz_WonWJ28JsQpXk3Nl4vjAg", + "type": 25, + "props": { + "source": "lxml/builder.cp39-win32.pyd" + } + }, + { + "key": "QhClOSvyOzAX9TIeUM16FpJGOlVFy8rnmxuVdgvTc9DA", + "type": 25, + "props": { + "source": "lxml/sax.cp39-win32.pyd" + } + }, + { + "key": "QqG-BB42FAdrTTb-IldyLigj7pZp1GjeUtLnKXFdejL0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QisLfS_bznC0s1coKDuFXKASKtp3a19yZwVDixH4BUJI", + "type": 25, + "props": { + "source": "lxml/objectify.cp39-win32.pyd" + } + }, + { + "key": "QlmkfyxQdiyQjyALS5X4xLOb7L52SG0lxHRjYTkxmiMM", + "type": 25, + "props": { + "source": "lxml/etree.cp39-win32.pyd" + } + }, + { + "key": "Qox7bdVEZwI1JqbrFw-P5q1LoX05XXSdCP0WCMDH4ylo", + "type": 25, + "props": { + "source": "lxml/html/diff.cp39-win32.pyd" + } + }, + { + "key": "QqG-BB42FAdrTTb-IldyLigj7pZp1GjeUtLnKXFdejL0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqG-BB42FAdrTTb-IldyLigj7pZp1GjeUtLnKXFdejL0", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "Qy544g9WpckyXty3r3y9mkzPJR0YTFLMUuPFq0UmtavU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_qC1p2SdPfO3d_toH_8pAN-vyj611QczH-FpzeTl7B4", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp39-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552632", + "type": "pypi", + "name": "lxml", + "files": "QqCgBfVRG-7qOWvJsgWLYcCuelIE8hAetfdlOpbHvv58", + "version": "5.3.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND GPL-2.0+ AND HPND AND Kazlib", + "size": 29180692, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": 63, + "file": "lxml-5.3.0/doc/mklatex.py" + }, + { + "key": "QNw4U-ko1X8oUq-LCLmdDtyoZETwrfu3zkigSHpOVQk4", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "lxml-5.3.0/src/lxml.egg-info/PKG-INFO" + } + }, + { + "key": "QU0EHJ9wqrUxH1bPUQfRhhh0En1nf7UGWPSDkSo96RG4", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only AND GPL-2.0+" + } + }, + { + "key": "Q8G9sdfTcFz0fTQ68iAkOVBiKvDDXPu3Gbp6bAvY4t3g", + "type": 25, + "props": { + "source": "lxml-5.3.0/doc/html/apidoc/objects.inv" + } + }, + { + "key": "QGk55n_IV2qUSKp2h6TjmCQA4tvkEVz005wsvCHN0qC0", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only AND GPL-2.0+" + } + }, + { + "key": "QFULt66OcJNWO0kCJ4OjCzBcVv0YPoWDllu7ahNfKkvw", + "type": 15586191, + "props": { + "location": "lxml-5.3.0/LICENSES.txt" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/benchmark/benchbase.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/benchmark/benchbase.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/buildlibxml.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/buildlibxml.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": 63, + "file": "lxml-5.3.0/buildlibxml.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/buildlibxml.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/doc/html/apidoc/_static/doctools.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/doc/html/apidoc/_static/jquery.js" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/doc/html/apidoc/_static/jquery.js" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/doc/html/apidoc/_static/jquery.js", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/doc/html/apidoc/_static/js/html5shiv-printshiv.min.js" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/doc/html/apidoc/_static/js/html5shiv.min.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/doc/html/apidoc/_static/js/theme.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/doc/html/apidoc/_static/searchtools.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/doc/html/apidoc/searchindex.js" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/doc/html/apidoc/searchindex.js" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/doc/html/apidoc/searchindex.js", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/doc/mkhtml.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": 63, + "file": "lxml-5.3.0/doc/mkhtml.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/doc/s5/ui/default/slides.js" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/setup.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/setupinfo.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": 63, + "file": "lxml-5.3.0/setupinfo.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/setupinfo.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/setupinfo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/ElementInclude.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/src/lxml/ElementInclude.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": 63, + "file": "lxml-5.3.0/src/lxml/etree.c" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/html/__init__.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/src/lxml/html/__init__.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/html/_diffcommand.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/html/html5parser.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/src/lxml/html/html5parser.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/html/tests/test_feedparser_data.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/html/tests/test_html5parser.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": 47, + "file": "lxml-5.3.0/src/lxml/html/tests/test_html5parser.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/html/tests/test_html5parser.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/html/tests/transform_feedparser_data.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/isoschematron/__init__.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/common_imports.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/src/lxml/tests/dummy_http_server.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/tests/test_doctestcompare.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_elementtree.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_etree.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_htmlparser.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/src/lxml/tests/test_http_io.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_incremental_xmlfile.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/tests/test_incremental_xmlfile.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_io.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": 16, + "file": "lxml-5.3.0/src/lxml/tests/test_nsclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_relaxng.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/tests/test_unicode.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_xmlschema.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/src/lxml/tests/test_xslt.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/src/lxml/tests/test_xslt.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/tools/xpathgrep.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": 81, + "file": "lxml-5.3.0/tools/xpathgrep.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/update-error-constants.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": 19, + "file": "lxml-5.3.0/versioninfo.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552744", + "type": "pypi", + "name": "lxml", + "files": "QHVBcH7dHsvsLgVTw13FK8VUKxNLwL90bGkB9NswA_y8", + "version": "5.3.0", + "artifact_id": "cp39-cp39-win-amd64-whl", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.4225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 8505301, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q_ecogLd7wSRAnqogqIFoqR7FL5Gcwf_7I2NC7Sz2njY", + "type": 25, + "props": { + "source": "lxml/sax.cp39-win_amd64.pyd" + } + }, + { + "key": "QQkfNdkHWoM0j7jaZ9iIbc600h2U83VANhC3SbpP5MtM", + "type": 25, + "props": { + "source": "lxml/etree.cp39-win_amd64.pyd" + } + }, + { + "key": "QRHLvYPZCANmQ02QrjL9Wy9CGQKDoMb_tgPIuHivj8c4", + "type": 25, + "props": { + "source": "lxml/html/diff.cp39-win_amd64.pyd" + } + }, + { + "key": "QPvwY_Rv5LWaXUzXSzcWSbiRdvWv2RAFv4P8ZwACJwQw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QPvwY_Rv5LWaXUzXSzcWSbiRdvWv2RAFv4P8ZwACJwQw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QPvwY_Rv5LWaXUzXSzcWSbiRdvWv2RAFv4P8ZwACJwQw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qx4kzivT1ZDBvn2V06oxbX43KkgH78lqtdPMVHOoEf8Y", + "type": 25, + "props": { + "source": "lxml/_elementpath.cp39-win_amd64.pyd" + } + }, + { + "key": "QvxZikrorDLYv5s_e1iAax0E_uT4_LvKPNMKMWMCm10s", + "type": 25, + "props": { + "source": "lxml/builder.cp39-win_amd64.pyd" + } + }, + { + "key": "QV5RHSwl6jrQVtpEpDcN_nKzfkfsZ69VWlFemTJNtRd0", + "type": 25, + "props": { + "source": "lxml/objectify.cp39-win_amd64.pyd" + } + }, + { + "key": "Q4S5zQDHYbRY-6BMaf6VKTDQ4eEQhnfSuoBefEOkNdIk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": 19, + "file": "lxml/html/soupparser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552746", + "type": "pypi", + "name": "lxml", + "files": "QcMDbBnvNbzreweUTJ1eyzXFkTrvINxriZcrrNPc_Yr8", + "version": "5.3.0", + "artifact_id": "pp310-pypy310-pp73-macosx-10-15-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 8881039, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QNR8nOkF_0XwGSx6MPBwkJI0cm1MThGM4p4jB7vHie7I", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q7gGrRo_qtOqsARvZdxGViAdxDezprxLN_obAF0Ldam0", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QF9-YmLptVmlrsJISx2LdLvSAOT2BQvw_x1l94z1aCuQ", + "type": 25, + "props": { + "source": "lxml/objectify.pypy310-pp73-darwin.so" + } + }, + { + "key": "QoVjrmJnQkYSaJiWdBjUGtN2-Dm628K-kFG4P5eNI_uI", + "type": 25, + "props": { + "source": "lxml/etree.pypy310-pp73-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q7gGrRo_qtOqsARvZdxGViAdxDezprxLN_obAF0Ldam0", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q7gGrRo_qtOqsARvZdxGViAdxDezprxLN_obAF0Ldam0", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552747", + "type": "pypi", + "name": "lxml", + "files": "QSAiZWVJrS2hjpSZC9Je5CuN2NuxG8_J6bws5bBTrobw", + "version": "5.3.0", + "artifact_id": "pp310-pypy310-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9621634, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QbRF1DsJK1qGMoKYgIE4KhHBpSEBVznRnp7Bg7EUyyyk", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QbRF1DsJK1qGMoKYgIE4KhHBpSEBVznRnp7Bg7EUyyyk", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QsqPk1UEDy5cuqGUUEle4IzdZ8faygtovDqN2F2UWAdc", + "type": 25, + "props": { + "source": "lxml/etree.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Q3sbK82WF68XBKJmzoglO4BUy-2a0FRxj98uWm3keRJ4", + "type": 25, + "props": { + "source": "lxml/objectify.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QtGB_RY0jZC1iSV8pV-2E3hx_byHfaUD5FPfv6H0-Odg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QbRF1DsJK1qGMoKYgIE4KhHBpSEBVznRnp7Bg7EUyyyk", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552748", + "type": "pypi", + "name": "lxml", + "files": "QmD_empNBVH2zyZuUlZjJuPFlw17bCW7ksaEWVmveZQE", + "version": "5.3.0", + "artifact_id": "pp310-pypy310-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9808774, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QOsxS7rInciBpqsq1Fvd4t2YgKo5LJHeh6NLmgA3c2pE", + "type": 25, + "props": { + "source": "lxml/etree.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz4mlHp11qN8CUeLJHuGt_R75gZoVvBdFXnq_cuqZEfc", + "type": 25, + "props": { + "source": "lxml/objectify.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Ql5zbmy4abIVltyoViDAZ3wyjScQuIGbtJMC38Jpmxt4", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Ql5zbmy4abIVltyoViDAZ3wyjScQuIGbtJMC38Jpmxt4", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Ql5zbmy4abIVltyoViDAZ3wyjScQuIGbtJMC38Jpmxt4", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QDGA2nn1qtnYoUYmJQ_jkM7JLiT8EwZNEoUy1qTxfw1I", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552749", + "type": "pypi", + "name": "lxml", + "files": "QDhoGfygxcnO4aTSLaagCXu5CSDfyo4T5UYgI8pRzdLo", + "version": "5.3.0", + "artifact_id": "pp310-pypy310-pp73-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9556316, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QsqPk1UEDy5cuqGUUEle4IzdZ8faygtovDqN2F2UWAdc", + "type": 25, + "props": { + "source": "lxml/etree.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Q3sbK82WF68XBKJmzoglO4BUy-2a0FRxj98uWm3keRJ4", + "type": 25, + "props": { + "source": "lxml/objectify.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QFOKujRwlyvjEeIcZa9K794QyRvd2OxtbE57m7FNqu-k", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QaVYCSdAhPwL614Xl56xhC4OuAkWwE8YoDClRnAC39TY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QFOKujRwlyvjEeIcZa9K794QyRvd2OxtbE57m7FNqu-k", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFOKujRwlyvjEeIcZa9K794QyRvd2OxtbE57m7FNqu-k", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552750", + "type": "pypi", + "name": "lxml", + "files": "QXpQCcuhKKYo6bRY_t1hOAkL2FNKGDrhcuIhMTBKgIsY", + "version": "5.3.0", + "artifact_id": "pp310-pypy310-pp73-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9771977, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qwop6tJgsOf_Bj_zZseFkuJCMJfY9KzsJ8TpKSOTPEQE", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QOsxS7rInciBpqsq1Fvd4t2YgKo5LJHeh6NLmgA3c2pE", + "type": 25, + "props": { + "source": "lxml/etree.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz4mlHp11qN8CUeLJHuGt_R75gZoVvBdFXnq_cuqZEfc", + "type": 25, + "props": { + "source": "lxml/objectify.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QS1-QyppU4apkj7MOXUuQbWHi52Y_rcCaKkEONP-uySU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qwop6tJgsOf_Bj_zZseFkuJCMJfY9KzsJ8TpKSOTPEQE", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qwop6tJgsOf_Bj_zZseFkuJCMJfY9KzsJ8TpKSOTPEQE", + "type": 47, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552751", + "type": "pypi", + "name": "lxml", + "files": "Qfj8JNoKW7yMoWaHyqWocG_Inzu4XwGjCKF6OFHizHyk", + "version": "5.3.0", + "artifact_id": "pp310-pypy310-pp73-win-amd64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7785093, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QDUrvdM3AqW7jauUat4w7wOYgTtZTefA717HZ9_nunbY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QcT0OVHJI-BnsCoCnamlwaPbR4nLoBiYFmCuP3D_QN6A", + "type": 25, + "props": { + "source": "lxml/etree.pypy310-pp73-win_amd64.pyd" + } + }, + { + "key": "QUID8vXJw3kr0T-kvFaYwn8snCYG3jlAq1nGFGsc6LPc", + "type": 25, + "props": { + "source": "lxml/objectify.pypy310-pp73-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qp4-dXspy8sBbAsjczVYPafwsKLpJG_A28WvYpmLo9Fk", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qp4-dXspy8sBbAsjczVYPafwsKLpJG_A28WvYpmLo9Fk", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qp4-dXspy8sBbAsjczVYPafwsKLpJG_A28WvYpmLo9Fk", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": 19, + "file": "lxml/html/soupparser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552752", + "type": "pypi", + "name": "lxml", + "files": "QTKqimIDwwhUkV5rkHmkdYTXfv9aunRH3LnUjpuhYnVM", + "version": "5.3.0", + "artifact_id": "pp37-pypy37-pp73-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 8875930, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QwEelhmFykfwL-PklSpqidq0d0ph7jGPYSoAcs8wOUF4", + "type": 25, + "props": { + "source": "lxml/objectify.pypy37-pp73-darwin.so" + } + }, + { + "key": "QkPrzIo8KRRsch0iyuWJApE67csi4A2BcBXMMchD3fsM", + "type": 25, + "props": { + "source": "lxml/etree.pypy37-pp73-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QgY_XQGohaAID2aeH0cnE6nBTlMsenf8DPvj8N4YmFZI", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QgY_XQGohaAID2aeH0cnE6nBTlMsenf8DPvj8N4YmFZI", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QGmwAIxJKmW4gdJfXVF_M9cSu7E06uVO5Zg9WavdCIqU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QgY_XQGohaAID2aeH0cnE6nBTlMsenf8DPvj8N4YmFZI", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552753", + "type": "pypi", + "name": "lxml", + "files": "QZkN3XvMobMARsFiuf9LutsiEv_e1eTPTX0zNWfDeCn0", + "version": "5.3.0", + "artifact_id": "pp37-pypy37-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9768020, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QOSUlOjHSMwLcIQesjDVoZCWeNyprf-Z7i6grKrAE4bA", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QOSUlOjHSMwLcIQesjDVoZCWeNyprf-Z7i6grKrAE4bA", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QOSUlOjHSMwLcIQesjDVoZCWeNyprf-Z7i6grKrAE4bA", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5nf7_mbfnXk9RqJBdE8paH_l1XRe5tXtiwf--L_aXsU", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q-iqjvmSNgculg0vECxFAfHWlcwGkIjy6sAm58dSKvlc", + "type": 25, + "props": { + "source": "lxml/objectify.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QH1M1FnT_1ukZrHdXgHImHAFBFfZhyfNZ48RENZFqGTE", + "type": 25, + "props": { + "source": "lxml/etree.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": 19, + "file": "lxml/ElementInclude.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552754", + "type": "pypi", + "name": "lxml", + "files": "QeSwcjbkpCY3mk5VsROKB02qX0UmlhBh5ZF5SZeaP7Y4", + "version": "5.3.0", + "artifact_id": "pp37-pypy37-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9938696, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qvzn5QIZGWM6qqpUgT_BrUvogyN9MlR8XgS5BNdnOFY8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qvzn5QIZGWM6qqpUgT_BrUvogyN9MlR8XgS5BNdnOFY8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qvzn5QIZGWM6qqpUgT_BrUvogyN9MlR8XgS5BNdnOFY8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q72gzDTN47S73WqJbqRxgLgsohfUrhZoHrxv0-YPR3rY", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_WCwGHQhclWit4dYWpTFRroFwI24kcT8-Gk4qNnJu-c", + "type": 25, + "props": { + "source": "lxml/objectify.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QwbcjzF6Qz11z3RjM1pij9JgUWJiFkfn5L0rkt3NGvY8", + "type": 25, + "props": { + "source": "lxml/etree.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552755", + "type": "pypi", + "name": "lxml", + "files": "Qlvt5IYH4OIRCLP8LLJ38FuEHcuTWsKWULWNayQGIutI", + "version": "5.3.0", + "artifact_id": "pp37-pypy37-pp73-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9702656, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QbEUYPYttU5fHduBwkiSg09bHbbHhg7O25mOe5YvlUhU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbEUYPYttU5fHduBwkiSg09bHbbHhg7O25mOe5YvlUhU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q-iqjvmSNgculg0vECxFAfHWlcwGkIjy6sAm58dSKvlc", + "type": 25, + "props": { + "source": "lxml/objectify.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QH1M1FnT_1ukZrHdXgHImHAFBFfZhyfNZ48RENZFqGTE", + "type": 25, + "props": { + "source": "lxml/etree.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QbEUYPYttU5fHduBwkiSg09bHbbHhg7O25mOe5YvlUhU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qxk1L0pi96HENjDWEvmz8EvkVkBlnL7NeqW3ig5yPhNA", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552756", + "type": "pypi", + "name": "lxml", + "files": "QwGv07XUU_K8w2aQ0qvyA7RStnI491iR_Qnmybw-IEEY", + "version": "5.3.0", + "artifact_id": "pp37-pypy37-pp73-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9897837, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qkx68OppmrMgMHPjCCcM8D6qX4c1sfneL5pfFra5JAnQ", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvEo5tEIWj0PsELS8i3DuG7JgyhmHqJEcrVm7MhGx3ic", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvEo5tEIWj0PsELS8i3DuG7JgyhmHqJEcrVm7MhGx3ic", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvEo5tEIWj0PsELS8i3DuG7JgyhmHqJEcrVm7MhGx3ic", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwbcjzF6Qz11z3RjM1pij9JgUWJiFkfn5L0rkt3NGvY8", + "type": 25, + "props": { + "source": "lxml/etree.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_WCwGHQhclWit4dYWpTFRroFwI24kcT8-Gk4qNnJu-c", + "type": 25, + "props": { + "source": "lxml/objectify.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552757", + "type": "pypi", + "name": "lxml", + "files": "QIXRmfN7CpC20A4-cRprhhIaWAl4tzHpZzFYi0U6mFXU", + "version": "5.3.0", + "artifact_id": "pp37-pypy37-pp73-win-amd64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7790729, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QCPx3ZOcGBrKVcnWDV22JRkQtb_8BfRbgbttjtxAh_gc", + "type": 25, + "props": { + "source": "lxml/objectify.pypy37-pp73-win_amd64.pyd" + } + }, + { + "key": "QomONNcT2xalT_nwdx-tLWs8hZKJGeM9d8EsKX9VoJvs", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QpTFAZluMllpw48M8B9IlyA_b21sVUK4llsVvGMxFay8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QpTFAZluMllpw48M8B9IlyA_b21sVUK4llsVvGMxFay8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q16MVYIwkhWcaWxudeHjeo3u7vTHvOonUhGcqtpkBfIA", + "type": 25, + "props": { + "source": "lxml/etree.pypy37-pp73-win_amd64.pyd" + } + }, + { + "key": "QpTFAZluMllpw48M8B9IlyA_b21sVUK4llsVvGMxFay8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552758", + "type": "pypi", + "name": "lxml", + "files": "Q5V_JB_tpDV23Hw8UQypVSudajamXl-fglxG3gZEpKus", + "version": "5.3.0", + "artifact_id": "pp38-pypy38-pp73-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 8880154, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QUjUJqSd8cDUeObJPWiNhTfRMNNZFW3eV2p-gjNDBJGk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q7zO8YtKCP43agthJliumtmI0YDI3-9wqLxB2Fp55M5Y", + "type": 25, + "props": { + "source": "lxml/objectify.pypy38-pp73-darwin.so" + } + }, + { + "key": "QROPubFXaeQUD8sC1-qrXd29fUDT68yqfmGhaEQ7JP6E", + "type": 25, + "props": { + "source": "lxml/etree.pypy38-pp73-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMYXUTvHVVEkuUxh-V94fcB1EZIwVLvWghxhAjY_k6gg", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QMYXUTvHVVEkuUxh-V94fcB1EZIwVLvWghxhAjY_k6gg", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMYXUTvHVVEkuUxh-V94fcB1EZIwVLvWghxhAjY_k6gg", + "type": 47, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552759", + "type": "pypi", + "name": "lxml", + "files": "QneFqRZQ0jm5Q6ij_URbj56SH0pUHj2AeIivB89vgSpA", + "version": "5.3.0", + "artifact_id": "pp38-pypy38-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9622876, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QPlGISuq4frMTfJFWw09BT7ZsgZwwgP1Lrp3stF3nRXU", + "type": 25, + "props": { + "source": "lxml/objectify.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qhxaa1ymmn3Z620l-piGUpOFEmOv89A9eLyeki_UInmc", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q2_8MOPpEGKV_RgKXDhNfY0kA6M7QrnEjUmdY93KoR-4", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2_8MOPpEGKV_RgKXDhNfY0kA6M7QrnEjUmdY93KoR-4", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2_8MOPpEGKV_RgKXDhNfY0kA6M7QrnEjUmdY93KoR-4", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QApS1T8qSELk5oxwTvt7V-DaGJ6V2y6PGwYPoqwb7WjU", + "type": 25, + "props": { + "source": "lxml/etree.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": 19, + "file": "lxml/html/_diffcommand.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552760", + "type": "pypi", + "name": "lxml", + "files": "Q6vDCeRtf_GRCCxCKyVAT_H4IRSkjnOSNNMRhJQ78Q_0", + "version": "5.3.0", + "artifact_id": "pp38-pypy38-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9843072, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qctpmz40gljWddGMDiVru_2M4kZa3wttPJstFUXSTOrM", + "type": 25, + "props": { + "source": "lxml/etree.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QAdRmsYlZLpVdQHcHmU8KwZhK82u7zVtXJpvBIS1ults", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QHyCN5tGhrTupjVCjPOzA0fcico7Fazk4NjbC9UVHKsw", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qg052q7ysIy_UGammhoU7eblvBxDo2AVMWCu4S9AXWJ0", + "type": 25, + "props": { + "source": "lxml/objectify.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QHyCN5tGhrTupjVCjPOzA0fcico7Fazk4NjbC9UVHKsw", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QHyCN5tGhrTupjVCjPOzA0fcico7Fazk4NjbC9UVHKsw", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": 19, + "file": "lxml/html/html5parser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552761", + "type": "pypi", + "name": "lxml", + "files": "QcWuJkNpSAqxpStT0leGoxNWjN6NYvVZrE83XVbonqeo", + "version": "5.3.0", + "artifact_id": "pp38-pypy38-pp73-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9623080, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QPlGISuq4frMTfJFWw09BT7ZsgZwwgP1Lrp3stF3nRXU", + "type": 25, + "props": { + "source": "lxml/objectify.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QApS1T8qSELk5oxwTvt7V-DaGJ6V2y6PGwYPoqwb7WjU", + "type": 25, + "props": { + "source": "lxml/etree.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QU945pRKqLpWoXeFIjgiBafdpjHmgD1oTzqWDiqXhuVk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QK_ZejUgjBTk9q7asuYL395FktT8N8w6Y6UE3UfEPIcU", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QK_ZejUgjBTk9q7asuYL395FktT8N8w6Y6UE3UfEPIcU", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QK_ZejUgjBTk9q7asuYL395FktT8N8w6Y6UE3UfEPIcU", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552762", + "type": "pypi", + "name": "lxml", + "files": "QeFrjLUqsXo-5ORHvU4oFDosVp4CFedwInco4mJfvSmQ", + "version": "5.3.0", + "artifact_id": "pp38-pypy38-pp73-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9798117, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qga1PVE_deBV7f1kJLda_DazR7K95UCYwbNQS2U492ww", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QuKON0t58wHeTkGBTgYibmtP1IGInka8RQSerDxtWgOw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qga1PVE_deBV7f1kJLda_DazR7K95UCYwbNQS2U492ww", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qga1PVE_deBV7f1kJLda_DazR7K95UCYwbNQS2U492ww", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qctpmz40gljWddGMDiVru_2M4kZa3wttPJstFUXSTOrM", + "type": 25, + "props": { + "source": "lxml/etree.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qg052q7ysIy_UGammhoU7eblvBxDo2AVMWCu4S9AXWJ0", + "type": 25, + "props": { + "source": "lxml/objectify.pypy38-pp73-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552763", + "type": "pypi", + "name": "lxml", + "files": "QE172ypHAs5ruvx7TBjDkiewjEbfXMXVTPlBvH7e7nS8", + "version": "5.3.0", + "artifact_id": "pp38-pypy38-pp73-win-amd64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7793281, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QZUdhxDjTeo0aNT7RFRVpShU67vEx3N_S6gmexHBAw2k", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QZUdhxDjTeo0aNT7RFRVpShU67vEx3N_S6gmexHBAw2k", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QqLXXSQ6elZeYohWypBdfTakZUu7TNGmVh8MFzLge3tg", + "type": 25, + "props": { + "source": "lxml/objectify.pypy38-pp73-win_amd64.pyd" + } + }, + { + "key": "QK9yC3TCFXUCHsqquGmgiElscZrxQMpJAK7x72pmgs4s", + "type": 25, + "props": { + "source": "lxml/etree.pypy38-pp73-win_amd64.pyd" + } + }, + { + "key": "Q-K_eOWlvK4794S254AhxSp4xQJ14ElDD4Q7DuiakVJw", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QZUdhxDjTeo0aNT7RFRVpShU67vEx3N_S6gmexHBAw2k", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": 19, + "file": "lxml/html/soupparser.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552764", + "type": "pypi", + "name": "lxml", + "files": "QDu-iiFnUDM8mrAXSS6H-cgXF0970yGSbjHnh084BEJU", + "version": "5.3.0", + "artifact_id": "pp39-pypy39-pp73-macosx-10-15-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 8880931, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QEG9yOjRPJJVXxkuF2RwYYZsamS07bNvDcKi12PBi_94", + "type": 25, + "props": { + "source": "lxml/objectify.pypy39-pp73-darwin.so" + } + }, + { + "key": "QhkCHkfoh8YKy1Xja59UhWXh-LxwkhYIBA5AzsUsNcAU", + "type": 25, + "props": { + "source": "lxml/etree.pypy39-pp73-darwin.so" + } + }, + { + "key": "QXXx7PUbBSCCEhXWJ0vF_hAp2pW5bAQzfFxtqNnaMz0k", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QXXx7PUbBSCCEhXWJ0vF_hAp2pW5bAQzfFxtqNnaMz0k", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhB9vMS8JSoo_g9a7s5ymPmDF6cRVqOivveSDuSyQkjk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QXXx7PUbBSCCEhXWJ0vF_hAp2pW5bAQzfFxtqNnaMz0k", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552765", + "type": "pypi", + "name": "lxml", + "files": "Qrlg0MTzHuyHDGQFW4odN78NuDD_yn2EbQ0CrlSbFqNQ", + "version": "5.3.0", + "artifact_id": "pp39-pypy39-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9624556, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1FPjSAFvB9Ve_04v3OshGR6yiZ4ZQJOgoreEoZHWf2c", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QJ2TubKyITBEloLI1-yxKqKeWosrSih4eITm0FU4W8z8", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QJ2TubKyITBEloLI1-yxKqKeWosrSih4eITm0FU4W8z8", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QJ2TubKyITBEloLI1-yxKqKeWosrSih4eITm0FU4W8z8", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXHEYOeP_5ZlS2X-WtgPSu5t4KXNRkS-d_v9cFhBGeVI", + "type": 25, + "props": { + "source": "lxml/etree.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QS9ftoiZs3KSrlPyWmYduTj3MGYAPhrzONLpkCHnhiEo", + "type": 25, + "props": { + "source": "lxml/objectify.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552766", + "type": "pypi", + "name": "lxml", + "files": "Qha-lmiJgGV1_aPcWfs6KZJQ4Pt5zd3xPaIaxNawKPp8", + "version": "5.3.0", + "artifact_id": "pp39-pypy39-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9806432, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q8rkVaSTFloD26GihEJwS29TqnnungWsKlsPJQStth-U", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QX4uBNvcqkZDuxsQ8nm7j-gzPMsTzJ1D1ISpUYMK4PZk", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q8rkVaSTFloD26GihEJwS29TqnnungWsKlsPJQStth-U", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q9r802dnmRchq83phtAJ54kzKTv_j6y67lN69xOclt-4", + "type": 25, + "props": { + "source": "lxml/etree.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QS1xR-urAGvqalfec_L7FxUDmnXD7tJmFU1OZaEpb530", + "type": 25, + "props": { + "source": "lxml/objectify.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8rkVaSTFloD26GihEJwS29TqnnungWsKlsPJQStth-U", + "type": 47, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552767", + "type": "pypi", + "name": "lxml", + "files": "QyncVkJkvdR0xAdwEBUukjHXTFcbi7QAO6IqaL-tmjDU", + "version": "5.3.0", + "artifact_id": "pp39-pypy39-pp73-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9559240, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QnQuAgUbIsiAsxjiY4BehCLKxVHb79OWr0dHeeKDTufg", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnQuAgUbIsiAsxjiY4BehCLKxVHb79OWr0dHeeKDTufg", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Q0K2vXHc3rrc828ZuyrQQUGcAcaePEgJj8FuPRnPCz44", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QnQuAgUbIsiAsxjiY4BehCLKxVHb79OWr0dHeeKDTufg", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QS9ftoiZs3KSrlPyWmYduTj3MGYAPhrzONLpkCHnhiEo", + "type": 25, + "props": { + "source": "lxml/objectify.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QXHEYOeP_5ZlS2X-WtgPSu5t4KXNRkS-d_v9cFhBGeVI", + "type": 25, + "props": { + "source": "lxml/etree.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": 19, + "file": "lxml/html/__init__.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552768", + "type": "pypi", + "name": "lxml", + "files": "Q7G6atr1rHPcErBbjUYp_mqHhXPQpFn6QE_X5d9SdEY8", + "version": "5.3.0", + "artifact_id": "pp39-pypy39-pp73-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "size": 9769669, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "Q-51xBeO3_UayGMIudYxSv99OYLPAziFvGv0OUB90dpg", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QB3rVl2PsYKyHEXC1IQrzoZfsxmV92qCfXXMagiR3Zh4", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q9r802dnmRchq83phtAJ54kzKTv_j6y67lN69xOclt-4", + "type": 25, + "props": { + "source": "lxml/etree.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QB3rVl2PsYKyHEXC1IQrzoZfsxmV92qCfXXMagiR3Zh4", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QS1xR-urAGvqalfec_L7FxUDmnXD7tJmFU1OZaEpb530", + "type": 25, + "props": { + "source": "lxml/objectify.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QB3rVl2PsYKyHEXC1IQrzoZfsxmV92qCfXXMagiR3Zh4", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0-only" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15853552769", + "type": "pypi", + "name": "lxml", + "files": "QEZg5295dgn_ndauZcbKG9bHzdaHVfnhjR3Umbn32xio", + "version": "5.3.0", + "artifact_id": "pp39-pypy39-pp73-win-amd64-whl", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.7225 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": true, + "shell": false, + "unsafe": true + }, + "license": "BSD-3-Clause AND Kazlib", + "size": 7783553, + "author": "faassen, scoder, zope.wineggbuilder", + "state": "revalidate", + "alerts": [ + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": 19, + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": 15586191, + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qo2lTsDImIUq57-aGFQmhziCVzY7KTkdI9lmo7n6dqbE", + "type": 25, + "props": { + "source": "lxml/objectify.pypy39-pp73-win_amd64.pyd" + } + }, + { + "key": "Q5DyiDL-N5XuSi081LQPVpiNwH74J05RLC1IWtms31J0", + "type": 81, + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": 19, + "file": "lxml/html/soupparser.py" + }, + { + "key": "QnUSUABb0fkP4eLK1wjMHTJY_hFMT-g7w1_xf462SM5k", + "type": 47, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": 19, + "file": "lxml/html/html5parser.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": 19, + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QnUSUABb0fkP4eLK1wjMHTJY_hFMT-g7w1_xf462SM5k", + "type": 47, + "file": "lxml/html/__init__.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": 19, + "file": "lxml/html/__init__.py" + }, + { + "key": "QnUSUABb0fkP4eLK1wjMHTJY_hFMT-g7w1_xf462SM5k", + "type": 47, + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qc5tLwh4OJayM2Na-sDnjsQZq9E0V35rH88oxfVMRET4", + "type": 25, + "props": { + "source": "lxml/etree.pypy39-pp73-win_amd64.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168425", + "type": "pypi", + "name": "simplejson", + "files": "QFdoHQeTn5M6dDzwzCNpZL-T8_Tb-rnwYnOue1ft358E", + "version": "3.19.3", + "artifact_id": "cp27-cp27m-manylinux1-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 358363, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "QZCj89--uucMp3IaMX0mD2yuHVu9C-qQqb2PR3Py_umk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QM1fNuQJLvrEf4wForE2Y3bNKHCL41-3HlGZ6phOCjDI", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QIle7fk38bwLL-e11qpgbX9e6pn7MPak9ChfVfSZGzXE", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QM1fNuQJLvrEf4wForE2Y3bNKHCL41-3HlGZ6phOCjDI", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QM1fNuQJLvrEf4wForE2Y3bNKHCL41-3HlGZ6phOCjDI", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QIle7fk38bwLL-e11qpgbX9e6pn7MPak9ChfVfSZGzXE", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168426", + "type": "pypi", + "name": "simplejson", + "files": "QaqSJYfYUWPSEjFBEFrenmhhVqsnvghHSCbdMfUX5Qhc", + "version": "3.19.3", + "artifact_id": "cp27-cp27m-manylinux1-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 397245, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "QouVO2MpNCIJe5decH2tQ_RtxStriACzJV2_5Lp5NuWA", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q9JUUKd7t6TwOPYHIyjhrithwXUkWZS6J_xYFwP9jkcU", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q7XV4RH_Ir5EvA60HZteeGk628owWC7vn9LsmACWc8jU", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QouVO2MpNCIJe5decH2tQ_RtxStriACzJV2_5Lp5NuWA", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q9JUUKd7t6TwOPYHIyjhrithwXUkWZS6J_xYFwP9jkcU", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q9JUUKd7t6TwOPYHIyjhrithwXUkWZS6J_xYFwP9jkcU", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168427", + "type": "pypi", + "name": "simplejson", + "files": "QejZte_dBxFGceJjV3llxHx8__qjqkB0E6uL2Ef4aDic", + "version": "3.19.3", + "artifact_id": "cp27-cp27m-manylinux2010-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 358366, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QTkN7lUXmumpxZnm0qvQfePxlJwKBaTbBqGAPqSoen8c", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "QZwzIwlvVSu6Fmm7OwWnRZ-20iPlNDNQmWgXVC8NnR2w", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QZwzIwlvVSu6Fmm7OwWnRZ-20iPlNDNQmWgXVC8NnR2w", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QTkN7lUXmumpxZnm0qvQfePxlJwKBaTbBqGAPqSoen8c", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QQnxwbaQsrqTSW3QPPsc-RyyXzrCY3msz50K9edKjVps", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZwzIwlvVSu6Fmm7OwWnRZ-20iPlNDNQmWgXVC8NnR2w", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168428", + "type": "pypi", + "name": "simplejson", + "files": "QYFbhyVfRMmmfpjtgUgUfTBnZ7cbaQwkJS3JEYx9PHjw", + "version": "3.19.3", + "artifact_id": "cp27-cp27m-manylinux2010-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 397248, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "QDIy9EFtTOcNgK_blFrKXuJd3E7PggLOzQ5wkGScK7yY", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDIy9EFtTOcNgK_blFrKXuJd3E7PggLOzQ5wkGScK7yY", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QaukDjh3wwilmrc5OfMyZa_5Y9MxjLR8e1wexVBnmjBw", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QKyhMnZ5843Fi2VfVvpc1T28_Mu8QXs0IseFXezm0no4", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDIy9EFtTOcNgK_blFrKXuJd3E7PggLOzQ5wkGScK7yY", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QaukDjh3wwilmrc5OfMyZa_5Y9MxjLR8e1wexVBnmjBw", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168429", + "type": "pypi", + "name": "simplejson", + "files": "QtWsb4HJ6pGDoYH_q1kHINrkFEPlLn6HguWyynoXbfKI", + "version": "3.19.3", + "artifact_id": "cp27-cp27mu-manylinux1-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 364900, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q_X6Ea-eJiaFMoTpEH4CjmmCAYUzYYnzz37iHdW1u-iA", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QsfrWe-seS5vT3xccNfdcwCx6R27voaa84VE31T3b2y8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QKu7eUZvzwk8ACLfuJGtdO5s2hKY7ZjMb_FxKtfIGdKg", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_X6Ea-eJiaFMoTpEH4CjmmCAYUzYYnzz37iHdW1u-iA", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QsfrWe-seS5vT3xccNfdcwCx6R27voaa84VE31T3b2y8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QsfrWe-seS5vT3xccNfdcwCx6R27voaa84VE31T3b2y8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168430", + "type": "pypi", + "name": "simplejson", + "files": "QI8djn9ohTIPjNuAdEWcA6Q0_ZyWXG3TmRN5z6EBhWmc", + "version": "3.19.3", + "artifact_id": "cp27-cp27mu-manylinux1-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 399526, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qb4LaW4q9Bt_6BKZQZjatSKFT71WZt5GRSLT4YhYlZ_E", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qb4LaW4q9Bt_6BKZQZjatSKFT71WZt5GRSLT4YhYlZ_E", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qb4LaW4q9Bt_6BKZQZjatSKFT71WZt5GRSLT4YhYlZ_E", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QGlJ5LzpnNY5YF0YZBmfgwfx-yf-It7U7Hvo-0LdoUt4", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QGlJ5LzpnNY5YF0YZBmfgwfx-yf-It7U7Hvo-0LdoUt4", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qw2JzX_Jb4HvTH-91MDJJ0rkyjj3u4SN1Q96inN7pmhU", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168431", + "type": "pypi", + "name": "simplejson", + "files": "Qj6RcusgL0os6HNCAQUpqphhBG7hTB3gf4cb1VnOw940", + "version": "3.19.3", + "artifact_id": "cp27-cp27mu-manylinux2010-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 364903, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QpqSlqCV6dJVCkXD9xdz-SYc4tQVsjWIysZ_qYegDIh0", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QXlfj6vOlv46g90VedpKs6V90coqcpKEvc5m4lrcxKlg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QXlfj6vOlv46g90VedpKs6V90coqcpKEvc5m4lrcxKlg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qzh6uFI1fwEndkAkwPRVGcjB1YzIHieb2w-yyT83OqRc", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QXlfj6vOlv46g90VedpKs6V90coqcpKEvc5m4lrcxKlg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qzh6uFI1fwEndkAkwPRVGcjB1YzIHieb2w-yyT83OqRc", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168432", + "type": "pypi", + "name": "simplejson", + "files": "QeFkAX6w1Q-b2PE6sLZfLdwXighWOuWryWTF5R3QrKdc", + "version": "3.19.3", + "artifact_id": "cp27-cp27mu-manylinux2010-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 399529, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QEyQjjo8Y60lpOQKhL9E0sbGxtpBFGoX7qA37K6Obm-E", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRKKbPCyAftxRQiE9KyucMXlK7d-Xk18Wt_OxSSkAE8g", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QRKKbPCyAftxRQiE9KyucMXlK7d-Xk18Wt_OxSSkAE8g", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q1W9hxUD-JVckVtn1bKrjNWC2nWFN2wW2E4Snd-NFe0M", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRKKbPCyAftxRQiE9KyucMXlK7d-Xk18Wt_OxSSkAE8g", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QEyQjjo8Y60lpOQKhL9E0sbGxtpBFGoX7qA37K6Obm-E", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168433", + "type": "pypi", + "name": "simplejson", + "files": "Qbi4f7cp7X91osLAmaxTYg5vjQ0laR25OWnpKc69oixA", + "version": "3.19.3", + "artifact_id": "cp310-cp310-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 307589, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QJAbwlBWg39tAwB6qsBf79wEWlXHRjK7OiSJVnGL78s0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QCiJlsyJcqTfsVkyv1YACeO7jevRgZO8jCPu5MzYRrSw", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QCiJlsyJcqTfsVkyv1YACeO7jevRgZO8jCPu5MzYRrSw", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qta00BveTS9QoWO7jKWVCQyuWpbBf6bhDurUlo8so9vQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qttd2huMw_QTr-vM3ofyOs4m-P3bkjdo0YDVSoa_msl4", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QCiJlsyJcqTfsVkyv1YACeO7jevRgZO8jCPu5MzYRrSw", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qta00BveTS9QoWO7jKWVCQyuWpbBf6bhDurUlo8so9vQ", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168434", + "type": "pypi", + "name": "simplejson", + "files": "QUdqDQrPXibs0oqVhEHeZiy-CzARL3hLPXqUuMnzAJk8", + "version": "3.19.3", + "artifact_id": "cp310-cp310-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 225880, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QJAbwlBWg39tAwB6qsBf79wEWlXHRjK7OiSJVnGL78s0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q3lN79-wFvuIzean5r0usKayzIsL94ZO6To8zYwI2iWc", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QANGGzTVvYOSwQ24u1cOXdCLoRFzwqbTyMBo_6Je5wxE", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZs3PCjnhjImifePHZkz58zVU1yXcWAT7PuJ8ouVVDj0", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q3lN79-wFvuIzean5r0usKayzIsL94ZO6To8zYwI2iWc", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QZs3PCjnhjImifePHZkz58zVU1yXcWAT7PuJ8ouVVDj0", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QZs3PCjnhjImifePHZkz58zVU1yXcWAT7PuJ8ouVVDj0", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168435", + "type": "pypi", + "name": "simplejson", + "files": "Qobcipi4evJ49uy_eP1qKrGYnAdRBVdTr0mfOsE5Taac", + "version": "3.19.3", + "artifact_id": "cp310-cp310-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 258447, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QeGmW7s9GZcweRr_qoP4Ek58lV_ltqusytfIS7hZ4lcQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QJAbwlBWg39tAwB6qsBf79wEWlXHRjK7OiSJVnGL78s0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-darwin.so" + } + }, + { + "key": "Q43tIs4L4u5JmlaGLjbxcJxm25LuxEBkhgxQboo8dCjM", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q43tIs4L4u5JmlaGLjbxcJxm25LuxEBkhgxQboo8dCjM", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QeGmW7s9GZcweRr_qoP4Ek58lV_ltqusytfIS7hZ4lcQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QA0SzbKfDTRsPmV7gMrHvBfu8z_Xj__Mp8NwkEZoDXwY", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q43tIs4L4u5JmlaGLjbxcJxm25LuxEBkhgxQboo8dCjM", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168436", + "type": "pypi", + "name": "simplejson", + "files": "Qtvtbu_YzgmrIiwEBOXxLz9GzwZpDog27p3HsyHPUF6E", + "version": "3.19.3", + "artifact_id": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 456615, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QVVOvZqvipGesqEVGmrwmy8r2FJMHg8f4SbvOF-52TG8", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qp7L0Z8Poxt0ypGUc3rxexdSby3IXwviYWaxKmDjRn30", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QMKtzwHKzFUy8CtFBU086ExbYEqbcsp5oAcVizb_8GGU", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QVVOx58kXfuWtCQMmkrvvp2RTS_d6dBdvVjM3wf6N3P4", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QMKtzwHKzFUy8CtFBU086ExbYEqbcsp5oAcVizb_8GGU", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QMKtzwHKzFUy8CtFBU086ExbYEqbcsp5oAcVizb_8GGU", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qp7L0Z8Poxt0ypGUc3rxexdSby3IXwviYWaxKmDjRn30", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168437", + "type": "pypi", + "name": "simplejson", + "files": "Q0E-Uqekol7YSm0ezphY2JBB9dpgqCf6ZEbqS7nXRHK8", + "version": "3.19.3", + "artifact_id": "cp310-cp310-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 472515, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q_t8STxirzP_0m56l7-jfmarxEjQ0yeM3BbJh-witRPQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QcX5bCsO0_28z5dXrKtum3nAeUu-Dbwhe8e2q2-InpqU", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-62Kt0JqJcAsmc615YKKvynNMuaCeKIoxvXf-Yf_QYk", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QcX5bCsO0_28z5dXrKtum3nAeUu-Dbwhe8e2q2-InpqU", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q_t8STxirzP_0m56l7-jfmarxEjQ0yeM3BbJh-witRPQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QWdIEtiTrE1wkNbBt0cAmGoYK1YpwuGRmQxiMkBj4Qv0", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QcX5bCsO0_28z5dXrKtum3nAeUu-Dbwhe8e2q2-InpqU", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168438", + "type": "pypi", + "name": "simplejson", + "files": "Q_eOcgFN7KB4_ab3YZKDbyayTwYWRHICnTkifaCz0RqI", + "version": "3.19.3", + "artifact_id": "cp310-cp310-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 371751, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q296eRVwiHZpTiOU6Cuk3v1_hcjQUBYWCRssW3W1NLbQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QrHMtKR2dHNQ7xSqkQ5Kp5_0hQoQXJ5T2FCgYRCYbtJc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q296eRVwiHZpTiOU6Cuk3v1_hcjQUBYWCRssW3W1NLbQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QBZjV5ubNLC0kcwqFOKYIzd1CUZzD3FnuQvSYEKdG7LY", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QrHMtKR2dHNQ7xSqkQ5Kp5_0hQoQXJ5T2FCgYRCYbtJc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-8p-WC0ARjVNGJYd0jebvLPDszkWuhfiZIZURq0xRxA", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QrHMtKR2dHNQ7xSqkQ5Kp5_0hQoQXJ5T2FCgYRCYbtJc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168439", + "type": "pypi", + "name": "simplejson", + "files": "QZ4puR_Ae1NsfWKy_A9pwjYwrwMxJF_YiEHrGXLpMd_Y", + "version": "3.19.3", + "artifact_id": "cp310-cp310-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 429437, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QmaTTWYM3NrXqnS_AqN_NYpqwAh-ooNHoSDlqOM_0naQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QDUzH_56YCJA0T2HZ84aGqeXtjHrFoW_YggBx2seRChg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QmaTTWYM3NrXqnS_AqN_NYpqwAh-ooNHoSDlqOM_0naQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QbaWVV5N3tQkKlpGluE0ub6NAjJeXsaH1FTvNiFAfP8I", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qu7p1H-EiNugVaPtgxdCOoBc3WtLSVtYznlusypBydpc", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QmaTTWYM3NrXqnS_AqN_NYpqwAh-ooNHoSDlqOM_0naQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QbaWVV5N3tQkKlpGluE0ub6NAjJeXsaH1FTvNiFAfP8I", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168440", + "type": "pypi", + "name": "simplejson", + "files": "QfVOkQUr_F5CxERAUDRtTE9oSVnq0LrzRpjt0ojmqMvU", + "version": "3.19.3", + "artifact_id": "cp310-cp310-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 394151, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qq62NzK-MqRiQdsgdkpaBeZG1n3KC3RBtG563mRgILmQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qi2G72_cjF9qCj5UsaSfuClp8xHE-aqM-98wCMyrWM1w", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QLbujq1byGtmVdTemtno8t0oJe3EFiHAcIz-Rb1l304Q", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qi2G72_cjF9qCj5UsaSfuClp8xHE-aqM-98wCMyrWM1w", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qq62NzK-MqRiQdsgdkpaBeZG1n3KC3RBtG563mRgILmQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qq62NzK-MqRiQdsgdkpaBeZG1n3KC3RBtG563mRgILmQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QVVOx58kXfuWtCQMmkrvvp2RTS_d6dBdvVjM3wf6N3P4", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168441", + "type": "pypi", + "name": "simplejson", + "files": "QKKtH9xhovOMYLhGgJFsgP958jXcKzsLgaTBYwrsxDQk", + "version": "3.19.3", + "artifact_id": "cp310-cp310-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 371021, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q-8p-WC0ARjVNGJYd0jebvLPDszkWuhfiZIZURq0xRxA", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QaALT73_GTmpAPbxw2PTeEQpYxFKm3oDYMKWddPs8EtE", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qfy5c7QlhAicFAbbwMgC5b_hwLxzm7Q4kZUAlKXhfppM", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q_chiv96u_25vZKUzUP_TlbXGWWhJe-ys1HINKBFe3PQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaALT73_GTmpAPbxw2PTeEQpYxFKm3oDYMKWddPs8EtE", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qfy5c7QlhAicFAbbwMgC5b_hwLxzm7Q4kZUAlKXhfppM", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qfy5c7QlhAicFAbbwMgC5b_hwLxzm7Q4kZUAlKXhfppM", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168443", + "type": "pypi", + "name": "simplejson", + "files": "QE3Rpo1Ih97si8J_hnZStqBodVgP09SSjciMn3sNOT3A", + "version": "3.19.3", + "artifact_id": "cp310-cp310-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 407819, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QDPXHpNegLgRtX7X9_wDznR6fRx6sKSyK7D0yQnLfvFs", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q9dYPtre4BjWUdDJxymYagru77SE2tvSpoD5vosftMpM", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q_8Lfly8J05Jd--glSDkShI66uezcR2StL4xGv_doZG4", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDPXHpNegLgRtX7X9_wDznR6fRx6sKSyK7D0yQnLfvFs", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q9dYPtre4BjWUdDJxymYagru77SE2tvSpoD5vosftMpM", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-62Kt0JqJcAsmc615YKKvynNMuaCeKIoxvXf-Yf_QYk", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q9dYPtre4BjWUdDJxymYagru77SE2tvSpoD5vosftMpM", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168444", + "type": "pypi", + "name": "simplejson", + "files": "QGG3Kj7ns-xMCOEGEAcl6TJzUe_hc0nStnxYMIVV-gTE", + "version": "3.19.3", + "artifact_id": "cp310-cp310-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 378781, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QLPaSW0aIAGcbn9WvzIwi0rEU6BCmJwQzMYygPuAvrLU", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QLPaSW0aIAGcbn9WvzIwi0rEU6BCmJwQzMYygPuAvrLU", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDUzH_56YCJA0T2HZ84aGqeXtjHrFoW_YggBx2seRChg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qtjs-gd2REBDQv50mtm0TFyNVKIBduhWYCFUUTktnVzU", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QJmE0Amkwg6NxijyPuNqER_CVXaX75qXbclwP4D_ASUs", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qtjs-gd2REBDQv50mtm0TFyNVKIBduhWYCFUUTktnVzU", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QLPaSW0aIAGcbn9WvzIwi0rEU6BCmJwQzMYygPuAvrLU", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168445", + "type": "pypi", + "name": "simplejson", + "files": "QdPk2CL6k3ipUNE2X00a4LilCqPzDkCnimnVTLkMeje8", + "version": "3.19.3", + "artifact_id": "cp310-cp310-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 227135, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qxi2qfiBT-zdVMTAudhEy-ihc3R435PgWJVIg0ZroK4E", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QYbOD6cNGTfFISpvE1bZnnvzqqMt3yBdJG2xNJtwiXHg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp310-win_amd64.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qxi2qfiBT-zdVMTAudhEy-ihc3R435PgWJVIg0ZroK4E", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qxi2qfiBT-zdVMTAudhEy-ihc3R435PgWJVIg0ZroK4E", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QeaOeV12RJYoWFNhvatTL7JPjH52E4HlMNP5EQ55RS1o", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QeaOeV12RJYoWFNhvatTL7JPjH52E4HlMNP5EQ55RS1o", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q3WatlDtrmFWco6b_Ob-GcUnxZnIsj61IE0co7copL9k", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168449", + "type": "pypi", + "name": "simplejson", + "files": "Qch9zgy54bhqKZBtderFhJIOFCi2lT7kqyj3eijJzSL8", + "version": "3.19.3", + "artifact_id": "cp310-cp310-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 221494, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QDG0utlljuTFLzwgf0Qsosw4c2hvaQKbsxGqU2w0OrBI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QPh7XUw60gjXh1l9i61tIJ28sP2WJKWB3_vrPPnB1Gjo", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QPh7XUw60gjXh1l9i61tIJ28sP2WJKWB3_vrPPnB1Gjo", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qo1laJHRfgFUoECb6t7vuafXTyksX8aM8Kx1IAxSknT8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qo1laJHRfgFUoECb6t7vuafXTyksX8aM8Kx1IAxSknT8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qo1laJHRfgFUoECb6t7vuafXTyksX8aM8Kx1IAxSknT8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q520neZ9-kAfqb8TqOOLfPx1wnc0-vfmfIGPAuXDUEP4", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp310-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168450", + "type": "pypi", + "name": "simplejson", + "files": "QA8LuCN-tXt0-8pacOuF7kucqB5_s1fcRxAvn6vuLlyA", + "version": "3.19.3", + "artifact_id": "cp311-cp311-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 307109, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QMsZ4XAUmIp6xWRzpyBn0pi9YryRfhm1I8_REsQKEKYQ", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-darwin.so" + } + }, + { + "key": "QA8ZqJxYoU7GtuJYxg5s3-zDTZ61JevGBKu3vNrv12Uw", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QA8ZqJxYoU7GtuJYxg5s3-zDTZ61JevGBKu3vNrv12Uw", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QpDyzZeqzbbaPXFe0hZMFhrr7XuJBbdwcnr53VlbTTqk", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qf9oACMOQjnG9V8Ag1igwuQ96N6TZV9K3clREYBEzrBs", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QA8ZqJxYoU7GtuJYxg5s3-zDTZ61JevGBKu3vNrv12Uw", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QpDyzZeqzbbaPXFe0hZMFhrr7XuJBbdwcnr53VlbTTqk", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168451", + "type": "pypi", + "name": "simplejson", + "files": "Q9IATxpxyC4embPCOeFv6njiTRw_brEhvQP92IaxABJw", + "version": "3.19.3", + "artifact_id": "cp311-cp311-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 225400, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QDfnkiYLUU3JC4hjOxN312GOc4PwGv3ryWL6PYLznA3I", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDfnkiYLUU3JC4hjOxN312GOc4PwGv3ryWL6PYLznA3I", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QloYiML0PjwF7UE619qD0IM3WGbiv9lJHb6SLb_okplg", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QHBvE0k5J8xp2QqZZz8yWXzvNbabLvUsKOLt9kG4VR68", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QloYiML0PjwF7UE619qD0IM3WGbiv9lJHb6SLb_okplg", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDfnkiYLUU3JC4hjOxN312GOc4PwGv3ryWL6PYLznA3I", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QMsZ4XAUmIp6xWRzpyBn0pi9YryRfhm1I8_REsQKEKYQ", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168452", + "type": "pypi", + "name": "simplejson", + "files": "QY6KMUTVjs8Yn4p0fsGQyEgqtsjkckjQO8j5EMtAAMr8", + "version": "3.19.3", + "artifact_id": "cp311-cp311-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 257951, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QlhvqaoVSUfRlAUhHBW-0Gve8sdSmP1DMsg6Keom9bu8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QMsZ4XAUmIp6xWRzpyBn0pi9YryRfhm1I8_REsQKEKYQ", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-darwin.so" + } + }, + { + "key": "QlhvqaoVSUfRlAUhHBW-0Gve8sdSmP1DMsg6Keom9bu8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QlhvqaoVSUfRlAUhHBW-0Gve8sdSmP1DMsg6Keom9bu8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QJJ5FqNWKn1baKStQCeYOnAL3ptnduKhoPZKwgSwFO_Y", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QCFSBLukgPv-EHG62_i18bUOm1yZP3m66YrdJl647IAw", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJJ5FqNWKn1baKStQCeYOnAL3ptnduKhoPZKwgSwFO_Y", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168453", + "type": "pypi", + "name": "simplejson", + "files": "QZpuOGL0xd9C-3mdlx_v6VUdrwdKsjmobdhGR_uitNek", + "version": "3.19.3", + "artifact_id": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 479495, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QMNw7CNSBxillkbtgOtnh6jG7hIp23ww6f97Uj9z-xiM", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QMNw7CNSBxillkbtgOtnh6jG7hIp23ww6f97Uj9z-xiM", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QMNw7CNSBxillkbtgOtnh6jG7hIp23ww6f97Uj9z-xiM", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QF7PS-Bru5-Iv7r3C1oKzo1dZj7gyEOTGIG-4BxT40wI", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QF7PS-Bru5-Iv7r3C1oKzo1dZj7gyEOTGIG-4BxT40wI", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QR57crqiETr_Do3rdKIJgDu9xMq8VaxPPYUNf82XmQ1k", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QGGl3NivBYwF7oHeCPk5R7FF0i2N464eXypXEZOyHqlg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168454", + "type": "pypi", + "name": "simplejson", + "files": "QW81mh6UoBXLHRDzIgvtau1dVwVsCo0Ydum0S-bBPFsY", + "version": "3.19.3", + "artifact_id": "cp311-cp311-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 501947, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q22zRTpLe6Xi6xROcNUGHURVv1xBNnX54pVOZP73kUjQ", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QFn8GGdAZFI30Bqh8FaOaniaSAVs2jeeg8N-1pvyzFbg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QFn8GGdAZFI30Bqh8FaOaniaSAVs2jeeg8N-1pvyzFbg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QFn8GGdAZFI30Bqh8FaOaniaSAVs2jeeg8N-1pvyzFbg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QHy3YHXJiCuFluA2s9aiN85VH-f21Ugjh77nBmhSxLy8", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QHy3YHXJiCuFluA2s9aiN85VH-f21Ugjh77nBmhSxLy8", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q9RlThJFcJTrf9iuXGatnSS8XWBJaPWtxuV1qYu_-LE8", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861168455", + "type": "pypi", + "name": "simplejson", + "files": "QMpKP2MSkV5m8l07K7pF6jpP0Edkfmw38Y8KKB1oMzL4", + "version": "3.19.3", + "artifact_id": "cp311-cp311-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 394715, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QKewF1mWOsZLJ4qwZDI7fJVXfHLfW09nT0I2C6xEJKN0", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QbQfVsQMa_kM2E_W9BqfipSFR7jPc2p4mI_ZGhoLVYYQ", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QKewF1mWOsZLJ4qwZDI7fJVXfHLfW09nT0I2C6xEJKN0", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QKewF1mWOsZLJ4qwZDI7fJVXfHLfW09nT0I2C6xEJKN0", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QOfHtVBMXwOmv9pBYf9WBE3XljhBsgONQYSgM0pQTtUM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QqH6T_941pJJ3JkRBgQmEyvZ7JUqGzVArTVWGM_Q2-sc", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QOfHtVBMXwOmv9pBYf9WBE3XljhBsgONQYSgM0pQTtUM", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179106", + "type": "pypi", + "name": "simplejson", + "files": "Qw-yitkv3WTxEeSIgsRPN4BfPALNkAufvTmCSCOWWlgw", + "version": "3.19.3", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.7225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.7225 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": true + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 373523, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QLinXSwSD8B-yojLJeOzyR1L8F7xh9Qs-ToKsSDKfb1E", + "type": 63, + "file": "simplejson-3.19.3/setup.py" + }, + { + "key": "QpV4lyBhsVotC5WVoEGimRXZBfgn5zAgaEnDYdfxZPJM", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3/simplejson.egg-info/PKG-INFO" + } + }, + { + "key": "Q9BotidEitAfxgtEtNoqs4LgaeXI9T93emNf3k-IBhxI", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3/setup.py" + } + }, + { + "key": "QLinXSwSD8B-yojLJeOzyR1L8F7xh9Qs-ToKsSDKfb1E", + "type": 63, + "file": "simplejson-3.19.3/scripts/make_docs.py" + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": 19, + "file": "simplejson-3.19.3/setup.py" + }, + { + "key": "Q-cj3rQFJAKi_yzCdqfLg26juMrNA3hLg2ZirsAgyJ38", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3/PKG-INFO" + } + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": 19, + "file": "simplejson-3.19.3/scripts/make_docs.py" + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": 19, + "file": "simplejson-3.19.3/simplejson/tool.py" + }, + { + "key": "Q85eVxH2GMlHE7SuPD4HiF7eMJaufTnWMp49QmHv9tpk", + "type": 81, + "file": "simplejson-3.19.3/simplejson/tests/test_unicode.py" + }, + { + "key": "QLinXSwSD8B-yojLJeOzyR1L8F7xh9Qs-ToKsSDKfb1E", + "type": 63, + "file": "simplejson-3.19.3/simplejson/tests/test_tool.py" + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": 19, + "file": "simplejson-3.19.3/simplejson/tests/test_tool.py" + }, + { + "key": "Q85eVxH2GMlHE7SuPD4HiF7eMJaufTnWMp49QmHv9tpk", + "type": 81, + "file": "simplejson-3.19.3/simplejson/tests/test_decode.py" + }, + { + "key": "Q85eVxH2GMlHE7SuPD4HiF7eMJaufTnWMp49QmHv9tpk", + "type": 81, + "file": "simplejson-3.19.3/simplejson/tests/test_fail.py" + }, + { + "key": "Q0-BE9Y0UdYk7k41duGlst5liox-6CumIgtK2EcqAyqc", + "type": 16, + "file": "simplejson-3.19.3/setup.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179107", + "type": "pypi", + "name": "simplejson", + "files": "QbAppTIxqjfkHaX4cJai6OjVQBcDqDBexfbmzQOl_r6E", + "version": "3.19.3", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.8768332, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8768332 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 181929, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QYKYAujqr14kLXx684skq8k_fBZCjreHaTHVAXd4IrKw", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QEBUKwUGAqbNfgk0Lf-724l2FykJm38TLMw2mDWD9biA", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QEBUKwUGAqbNfgk0Lf-724l2FykJm38TLMw2mDWD9biA", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qa5QKMGxXd_IbbsLEsUDTU_-a6YnBR2Z6pmaYpFjbecs", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qa5QKMGxXd_IbbsLEsUDTU_-a6YnBR2Z6pmaYpFjbecs", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QEBUKwUGAqbNfgk0Lf-724l2FykJm38TLMw2mDWD9biA", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179135", + "type": "pypi", + "name": "simplejson", + "files": "QGzvJ5Vviwl0RoC5fhu_WxS30bq6aoa5WdyUkxD9PRsg", + "version": "3.19.3", + "artifact_id": "cp311-cp311-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 460701, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QOSJq84j6G-J60pKs7n6WbGZcEOwimHDgK6D2UY2ajFE", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q8d_g5-bScdu8RpJcXp-kAwU6ps7KJJL9Q7o6jQlrBPU", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QTRVKMFJH3Myw3jvttLcCz2pbPBXfkp1seqamTZn7L0c", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qwoyc4ImqcXlNXG1bQmrxY7VNaWOel_Olr9EvzvXmUgc", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QOSJq84j6G-J60pKs7n6WbGZcEOwimHDgK6D2UY2ajFE", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q8d_g5-bScdu8RpJcXp-kAwU6ps7KJJL9Q7o6jQlrBPU", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QOSJq84j6G-J60pKs7n6WbGZcEOwimHDgK6D2UY2ajFE", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179136", + "type": "pypi", + "name": "simplejson", + "files": "QuZwmL3ITGdKmmBndHAyv5AVgU244MjmbYD7NnHuyKA4", + "version": "3.19.3", + "artifact_id": "cp311-cp311-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 406928, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q8HuDOJOPnIwYjhuGanfimGvyizuGTHJAHKVWHC1os1E", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QMuIzP-YTQFv5eHOrnds3w9hVHOFyn3YTkp1dyvhuIfg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QMuIzP-YTQFv5eHOrnds3w9hVHOFyn3YTkp1dyvhuIfg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QvbDw9AFNjnP-yCdXc6J2hkyQglC23VPu712W1ij_k3U", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QMuIzP-YTQFv5eHOrnds3w9hVHOFyn3YTkp1dyvhuIfg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q8HuDOJOPnIwYjhuGanfimGvyizuGTHJAHKVWHC1os1E", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qxqt6cKuICVXGrMWK7yFFnJcqH1rL_-LVSehHiMidLF8", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179137", + "type": "pypi", + "name": "simplejson", + "files": "QHXhnbe32qRkYrQpF8WuGaIHN8yQK_s1ud-U4PD5dN_0", + "version": "3.19.3", + "artifact_id": "cp311-cp311-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 383482, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QBNlA4CaoQHiqufPbXD9jpxMQM07BzX1y4jcd8icahSk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QBNlA4CaoQHiqufPbXD9jpxMQM07BzX1y4jcd8icahSk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QBNlA4CaoQHiqufPbXD9jpxMQM07BzX1y4jcd8icahSk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QIYB16Gr9Cb9VbezxUS-29QWDKHtfKqhKhXO9htNN7Ls", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QAri8Gat8SRtYmLBZ6hYs308ON9f0sREidpoqjTNMTdk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QIYB16Gr9Cb9VbezxUS-29QWDKHtfKqhKhXO9htNN7Ls", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q6FTscBm50bhvdHIRZ8BNHku9l8Eza3HxL3aRIjFCfeI", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-i386-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179138", + "type": "pypi", + "name": "simplejson", + "files": "QGn_7HhIslnPbfCtCJvXDi5zQ6IyzaJCXqU8FitJsY5k", + "version": "3.19.3", + "artifact_id": "cp311-cp311-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 423500, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QQ7CETnw3QYgsuyrCynCQzx1l3HaGOPYDwrTHljEY3_M", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QQ7CETnw3QYgsuyrCynCQzx1l3HaGOPYDwrTHljEY3_M", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QQ7CETnw3QYgsuyrCynCQzx1l3HaGOPYDwrTHljEY3_M", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QCQZFLi4N0RiyvRs1dN0sdJK7oV-8KztEFOD9Xo70XqI", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QuBx3hxHvBWs4Dp6er9GMG7TBtqGGpfSdu4F9JrNegbc", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QCQZFLi4N0RiyvRs1dN0sdJK7oV-8KztEFOD9Xo70XqI", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QvJ1h1xYhQiJJ7RbvWaG0L9yYyPVhFTAC9HmO2ryGN14", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179139", + "type": "pypi", + "name": "simplejson", + "files": "QHBoyBqCd_pGuU9ChIvKF-kcTg8fLUtHV4cuuwHYPz1k", + "version": "3.19.3", + "artifact_id": "cp311-cp311-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 395718, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qzc93FEOgC5G9DHIKtUWzJYzbuh7ZVgYVzv6Qgvmt38I", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QECx9cAr3k44lHkVXv-lH1EV9FEP6c3J4pwgnxXokzd8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QwVSLINXYf-p7zCYGC5_qC-5QGjsCZYZkQM4wPm0mD84", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qzc93FEOgC5G9DHIKtUWzJYzbuh7ZVgYVzv6Qgvmt38I", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QECx9cAr3k44lHkVXv-lH1EV9FEP6c3J4pwgnxXokzd8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QECx9cAr3k44lHkVXv-lH1EV9FEP6c3J4pwgnxXokzd8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QlT1PaQpTBNBvFPKJhsTIW-O2E2asopd_yjjN3CUz_Rg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179140", + "type": "pypi", + "name": "simplejson", + "files": "QXezjYzuoUiMsyDFI7PX_OLaTiiCc5s30IRhN4zRg4oU", + "version": "3.19.3", + "artifact_id": "cp311-cp311-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 226623, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QwHKaQMH0sJ1hbXjF1aETNBAETUPNQI22l0FfhEoBo2U", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qm1k2W_ZZUBrI52ZhIjEoDqhUWPc238EqCtK5ldX3Aa0", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qm1k2W_ZZUBrI52ZhIjEoDqhUWPc238EqCtK5ldX3Aa0", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qb3btTBdH9oE6C-rablHmSCgOnpTOhd07bZzouHMcSrk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QwHKaQMH0sJ1hbXjF1aETNBAETUPNQI22l0FfhEoBo2U", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QHxQ-m5ABaRT1ha5T5el1gMSEJMl9a3hMXFYKyfDz7gs", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp311-win_amd64.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qm1k2W_ZZUBrI52ZhIjEoDqhUWPc238EqCtK5ldX3Aa0", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179141", + "type": "pypi", + "name": "simplejson", + "files": "Qs21pgC8oRSipUF55UodJU10Ed0FHpqA219x0_zc97UI", + "version": "3.19.3", + "artifact_id": "cp311-cp311-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 220470, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q2xLylVbHcnlaYAkgLXgiBDuN-U_RDSS9LG84vqXBb5s", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q1ujei_SJzs-BLaAtjE9ARXXw55NFpEnc-LiXaVxeTm0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp311-win32.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QIjFE_R4wZbzo4fJv-Ziny448fGnnUeaidwYUlk6a0Cs", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QIjFE_R4wZbzo4fJv-Ziny448fGnnUeaidwYUlk6a0Cs", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q2xLylVbHcnlaYAkgLXgiBDuN-U_RDSS9LG84vqXBb5s", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QKkmbzkYmo3LQi-OFLMbDI5mNQ4yYmgzAx3IA4iKwpHw", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QIjFE_R4wZbzo4fJv-Ziny448fGnnUeaidwYUlk6a0Cs", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179142", + "type": "pypi", + "name": "simplejson", + "files": "QrJRcUs9ktshe7g2jBifG8VcoNXeZu3sQQ_11QhOLJYU", + "version": "3.19.3", + "artifact_id": "cp312-cp312-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 323509, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QY48xILZXhxAKDFXvABiW5VPTjUC-rX2W50r0jA0uHa0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-darwin.so" + } + }, + { + "key": "QZW808GkereFSwYVnOCysJsvOrKw5Tn2Q5RY_S9ZD3FQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QZW808GkereFSwYVnOCysJsvOrKw5Tn2Q5RY_S9ZD3FQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QrK5UilDswa_UL8tmTyrVoNgSujZpPvkOMJMQMTrz8Rw", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qz_JkfWYZlmjIj6Mcs5yy05KX47yn-gILpbQYHv7EB2g", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZW808GkereFSwYVnOCysJsvOrKw5Tn2Q5RY_S9ZD3FQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QrK5UilDswa_UL8tmTyrVoNgSujZpPvkOMJMQMTrz8Rw", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179143", + "type": "pypi", + "name": "simplejson", + "files": "Q4AnB56Ddgh5PsodCCW8ZkjJXEeIoSurAOXxDnm-qr0s", + "version": "3.19.3", + "artifact_id": "cp312-cp312-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 229520, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QY48xILZXhxAKDFXvABiW5VPTjUC-rX2W50r0jA0uHa0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QQR-AiZkx7ooX07bzxjq0zCzTyssrux6bwj2QvKUbfKk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QQR-AiZkx7ooX07bzxjq0zCzTyssrux6bwj2QvKUbfKk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QTAkW4MT_L5lwM4pPpVua6_HragVmV3aShOFH8WsBD_o", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QTAkW4MT_L5lwM4pPpVua6_HragVmV3aShOFH8WsBD_o", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QW4Wzr6jn55PQHo7cC-rOoynXgcMeY6jDp7pep2MXCHE", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QQR-AiZkx7ooX07bzxjq0zCzTyssrux6bwj2QvKUbfKk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179144", + "type": "pypi", + "name": "simplejson", + "files": "QWr-mUg_MF2y0xdxYLasOOpxbnx63vRC3ot0kZzLOCqM", + "version": "3.19.3", + "artifact_id": "cp312-cp312-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 257967, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qe8vvvGlSmPVGgsLGx_MAC9mAjpasuixvQ5fhS9nD6PM", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QpteI_-uD6_0_EvrhkIeghK982mSVZtk-KztesR7z7kc", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe8vvvGlSmPVGgsLGx_MAC9mAjpasuixvQ5fhS9nD6PM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFTuLUHImep8EOPW1Ak3OGY-QH9fwdmBKe2_rc0482RI", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QFTuLUHImep8EOPW1Ak3OGY-QH9fwdmBKe2_rc0482RI", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QFTuLUHImep8EOPW1Ak3OGY-QH9fwdmBKe2_rc0482RI", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QY48xILZXhxAKDFXvABiW5VPTjUC-rX2W50r0jA0uHa0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179145", + "type": "pypi", + "name": "simplejson", + "files": "QO1VaRo1J3UxWjK6DLg5riyj0f3_IAqUL6NQDShvLeBY", + "version": "3.19.3", + "artifact_id": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 506239, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QaA7RVX1ZHDY8mJTvHXMZ4D80e3PvD2pXCJ82FTnS3dM", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QI-YXbhYzKEJEbjoMfc6tuxWPrn4OzOB0L0EI3OMW-gY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QOw7EAL-Om4kiq8ArxlcXj9Ze6DBTCEIfOn2NOXL9-UA", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QI-YXbhYzKEJEbjoMfc6tuxWPrn4OzOB0L0EI3OMW-gY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qn5Zq2EI3iGHQBBHocyAZPaKwIbOYKCkXlVyF7L-WLv0", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QOw7EAL-Om4kiq8ArxlcXj9Ze6DBTCEIfOn2NOXL9-UA", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QOw7EAL-Om4kiq8ArxlcXj9Ze6DBTCEIfOn2NOXL9-UA", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179146", + "type": "pypi", + "name": "simplejson", + "files": "Qk2T6JguqlLiabaDiEJWS8ewWjn5cB1eVBTWOVXB0k9k", + "version": "3.19.3", + "artifact_id": "cp312-cp312-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 524035, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QwDxj03_K12Dneqmu1NoZdrBgZZHOkH73yrJGNXHRZD0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QJ4wZGddKL-sJm6s-OVf_EvEubRt-ibsejLhX_Gems0g", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSWPlBY3N8Cb9Jk88sraF3bNKHgHjO0bn1ydlP_Pw3tg", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QPZRIYk3vw7tVIE1fNPQO7tUL9_3bUD34-0jo_mmEpVI", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QSWPlBY3N8Cb9Jk88sraF3bNKHgHjO0bn1ydlP_Pw3tg", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QPZRIYk3vw7tVIE1fNPQO7tUL9_3bUD34-0jo_mmEpVI", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QPZRIYk3vw7tVIE1fNPQO7tUL9_3bUD34-0jo_mmEpVI", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179147", + "type": "pypi", + "name": "simplejson", + "files": "Q42K0Q4hywDx_HRz9EHrua3m3dlTN1UzXBc_d9rHJnxg", + "version": "3.19.3", + "artifact_id": "cp312-cp312-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 417679, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qo0iaN4P3WJD1zwhu8GT3WuDvjEPBXNe6SjibTkQULPs", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qo8EQcVpTeaBmiv09qTSaxQ-gYxJ37nmeC3XmmIOKDiI", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "Qo0iaN4P3WJD1zwhu8GT3WuDvjEPBXNe6SjibTkQULPs", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qo0iaN4P3WJD1zwhu8GT3WuDvjEPBXNe6SjibTkQULPs", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q4cyExPtChFbkvG7MN3Ru0hZK809j81noaLhnezlXFZk", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QzmupmKpaPN0CaYmganWgkW-EeH85OtipAgus5ogoTS0", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q4cyExPtChFbkvG7MN3Ru0hZK809j81noaLhnezlXFZk", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179148", + "type": "pypi", + "name": "simplejson", + "files": "QpunwKI8JRwan4_L2NBXDtl4DQfs9FTJMpQVMtMm1CsY", + "version": "3.19.3", + "artifact_id": "cp312-cp312-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 488157, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qw3Tb7jKI-3KEwU1g-wfls1-YYkLIRgV3p4yG_cPnhjM", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qw3Tb7jKI-3KEwU1g-wfls1-YYkLIRgV3p4yG_cPnhjM", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qw3Tb7jKI-3KEwU1g-wfls1-YYkLIRgV3p4yG_cPnhjM", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QJqcbByQFEQ964zZULs3OIK_PNvPTJRPQiCfe9dWQpMU", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QJqcbByQFEQ964zZULs3OIK_PNvPTJRPQiCfe9dWQpMU", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qw5SrfXp9tqylTDhkAANCbrXpdjwXV0AB0UqkmmkBVKs", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qi1V7teMD8R22uaproDM5q_1-iYufRiRiQwsLxdewNi8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179149", + "type": "pypi", + "name": "simplejson", + "files": "QSuLd8fksRTui0ZsYi9gxhq61ObInOCiZPmwUhv_vQjI", + "version": "3.19.3", + "artifact_id": "cp312-cp312-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 423408, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QC3rj3lCURBDmWLtBDpaKWVPjgcsbKux1BGGPqee8S_8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QC3rj3lCURBDmWLtBDpaKWVPjgcsbKux1BGGPqee8S_8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QK7svL2u_5NVofdPiP1y_TemCLeRSW_oqMtkwFeQZmcg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QaF0K22e2MmSKvQ44aoh-yBTsVEF_9f7kcM35DZoT_w0", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QAEtQf5hXs7qDWl2_c956NG5S9fc-CbLvPpRFP6lSuC8", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QAEtQf5hXs7qDWl2_c956NG5S9fc-CbLvPpRFP6lSuC8", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QC3rj3lCURBDmWLtBDpaKWVPjgcsbKux1BGGPqee8S_8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179150", + "type": "pypi", + "name": "simplejson", + "files": "QftJelnHW12U35tn-Ml-318DmFKJUB-iZ5cye7ziAMkc", + "version": "3.19.3", + "artifact_id": "cp312-cp312-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 403674, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe4pLMsiHZpJdcx9SXvNygNN04_x0_viE4kv1k2ncmCs", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe4pLMsiHZpJdcx9SXvNygNN04_x0_viE4kv1k2ncmCs", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QcotQ-buUdZ9PTOlX4bxwyVLIk2ADzJN9sfxGTUxKTiA", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QU9nXsPzCD7FeB46F1wfd2wkAVOo8KKwtraQDJlMAROg", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe4pLMsiHZpJdcx9SXvNygNN04_x0_viE4kv1k2ncmCs", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QcotQ-buUdZ9PTOlX4bxwyVLIk2ADzJN9sfxGTUxKTiA", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QE3RHTTgRK-yJ2-ltm-0bTZXrRb2CLk0Q0bQD3sQrvkw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-i386-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179151", + "type": "pypi", + "name": "simplejson", + "files": "QIo8-RTMVN3diOuNp3YcFymkYTjhjlWPZBBYUH2uoeYw", + "version": "3.19.3", + "artifact_id": "cp312-cp312-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 437508, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QLd-BdNMp4OsENM4i__m0ZsesAxNodyKegs479CjnHzQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QXL94qGYGXna0PTrPzEBniyQUrBI6lKBMjiFv4iSNIlc", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSlGDAYnQTpEOZ0wcincJ55fdfu4ehuKLiIwdht2Xs0U", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QXL94qGYGXna0PTrPzEBniyQUrBI6lKBMjiFv4iSNIlc", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QNwYzBnlqmjIGGyyDoTSI-PWixJehoJvgi_DmeaEXezk", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QLd-BdNMp4OsENM4i__m0ZsesAxNodyKegs479CjnHzQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QLd-BdNMp4OsENM4i__m0ZsesAxNodyKegs479CjnHzQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179152", + "type": "pypi", + "name": "simplejson", + "files": "QlfOlqn0UuiOjlLXO5ypeVGFb1ZNMMpSpWl8EOrAXkO8", + "version": "3.19.3", + "artifact_id": "cp312-cp312-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 414486, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-Rui-9ezrtIWHHIEOPJvV54OZ3bX1hlmqAlXiTR-MXY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QZMM15F7iHBpYSYlG7kCZQXOvPxwNTXklaPn1JasWNuY", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QBx5u06L4RcQpa9028v2OIkgKsWGCzeP7gYwybmUpyCQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q-Rui-9ezrtIWHHIEOPJvV54OZ3bX1hlmqAlXiTR-MXY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZMM15F7iHBpYSYlG7kCZQXOvPxwNTXklaPn1JasWNuY", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QZMM15F7iHBpYSYlG7kCZQXOvPxwNTXklaPn1JasWNuY", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QOD78hDBSahk29F0YuTbBOW8ZeoHpCqZPllcI0eOWGOU", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-312-x86_64-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179153", + "type": "pypi", + "name": "simplejson", + "files": "Q0qefD-g5FoUdyYl-jlK07MZjXGNsJhY2vC1BrGhX3Ss", + "version": "3.19.3", + "artifact_id": "cp312-cp312-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 227647, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QmTVYvgbz4EWFb5IvnS4mY8HmaRssSryql6ao1r5NeNg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q3oybLwvyh8EwIDwNi5cH6mcnvB_j1-KoId9KqUDndMg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp312-win_amd64.pyd" + } + }, + { + "key": "Qha03KrV6SqxNwUYZRgiyL7IjbRROLkZpz_K2I_QBfxY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QExIbPPW7k55l9U4D0tjL2m-Ov4t-1Gj2doOkMQhjfWI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QmTVYvgbz4EWFb5IvnS4mY8HmaRssSryql6ao1r5NeNg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qha03KrV6SqxNwUYZRgiyL7IjbRROLkZpz_K2I_QBfxY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QmTVYvgbz4EWFb5IvnS4mY8HmaRssSryql6ao1r5NeNg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179154", + "type": "pypi", + "name": "simplejson", + "files": "QHa7MzJ0zLJPiVa2PLUIGh1GHk63tiMSKOXcfRpr3PyI", + "version": "3.19.3", + "artifact_id": "cp312-cp312-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 221494, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qqpwf57Y9GuXhvGcIyUUyY-pd3l_xEQK4qxmxYGrRnV8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qqpwf57Y9GuXhvGcIyUUyY-pd3l_xEQK4qxmxYGrRnV8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qqpwf57Y9GuXhvGcIyUUyY-pd3l_xEQK4qxmxYGrRnV8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QY6k085zJA9SHtSOtIxJIPNu0pMyHh-JYacXN7uoXgw0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp312-win32.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QaGpDsneTLgVjmy3xNQ9P75xluLgx7cUUvixNiHuVv1U", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qb_EsD7ZRuORxNiKlYKNIwWhcEKM2Vv2l53aqYW6z6_E", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaGpDsneTLgVjmy3xNQ9P75xluLgx7cUUvixNiHuVv1U", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179155", + "type": "pypi", + "name": "simplejson", + "files": "Q0h8KKpQCmZSCGghKQGqo7cujSv46l8VqpQuCGTpVv9Q", + "version": "3.19.3", + "artifact_id": "cp313-cp313-macosx-10-13-universal2-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 323510, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QmEoYc6SACJH32AmqepNYtYkNyaDOK1_Zyx9yRBw8f8I", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QAilFGAEOtiLIa4wno4h05kl7Za5lCb12r5t_vFonsog", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QAilFGAEOtiLIa4wno4h05kl7Za5lCb12r5t_vFonsog", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QAilFGAEOtiLIa4wno4h05kl7Za5lCb12r5t_vFonsog", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QUQ7EndinJlEKA0Hvk5hBFuIYEPQWcd1_5URNdtPtoKI", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QqI4N1Hz-lQy3XIegNhKwNrZRIdr8t3E71HsQbPIhMoM", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QUQ7EndinJlEKA0Hvk5hBFuIYEPQWcd1_5URNdtPtoKI", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179156", + "type": "pypi", + "name": "simplejson", + "files": "QaHBa1S-Vrs3b-pZrg3RS7hL6BypTb82ThyLU4Vam7kg", + "version": "3.19.3", + "artifact_id": "cp313-cp313-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 229521, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q-L9H1eRJyiw1z__izotS3MtqAg3HrvgVoG7qdQb2kb4", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q-L9H1eRJyiw1z__izotS3MtqAg3HrvgVoG7qdQb2kb4", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QBlIeXm075JMLSrJbODTx-mhNSjM4UgmUFktQJm8HUBc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QBlIeXm075JMLSrJbODTx-mhNSjM4UgmUFktQJm8HUBc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QBlIeXm075JMLSrJbODTx-mhNSjM4UgmUFktQJm8HUBc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmEoYc6SACJH32AmqepNYtYkNyaDOK1_Zyx9yRBw8f8I", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QH4doGABa_dbKQZD99iTtju6KD1yvN4uv7-ga9oBZkWY", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179157", + "type": "pypi", + "name": "simplejson", + "files": "QwnzYS0_xlG-HBgJWhgpIAh-sdT8D_0t2_jf6PoOy8YI", + "version": "3.19.3", + "artifact_id": "cp313-cp313-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 257967, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q9IEaZRKm8SCX_NT4Z7DcsXV5f86n9NGuokUUUKTjdd0", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRYFpAH2KqiI1wkBJtKUEVn3ebr0NNQJXhbX9YsAgbpA", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRYFpAH2KqiI1wkBJtKUEVn3ebr0NNQJXhbX9YsAgbpA", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QwlwBRgkj0UOi7L0TzXA8a68S5Vza1Vz_XIJq99lz5gc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QwlwBRgkj0UOi7L0TzXA8a68S5Vza1Vz_XIJq99lz5gc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QwlwBRgkj0UOi7L0TzXA8a68S5Vza1Vz_XIJq99lz5gc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmEoYc6SACJH32AmqepNYtYkNyaDOK1_Zyx9yRBw8f8I", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179158", + "type": "pypi", + "name": "simplejson", + "files": "QW2d8BREpmnmsgJWsy5zV_rsqw1u2zeZsnBDkNqCjAwc", + "version": "3.19.3", + "artifact_id": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 506263, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qe0xAXX8lPMP_fqpv854J8BoLfvGIDnXE3tj-xhgxLZ0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qa_wfQImg0rwTBmQjW8kcfOZJihtrCUL1LgEcejxL4eQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qa_wfQImg0rwTBmQjW8kcfOZJihtrCUL1LgEcejxL4eQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qa_wfQImg0rwTBmQjW8kcfOZJihtrCUL1LgEcejxL4eQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QZHcA3Zh7hCTckqTMBSMfHJPYMse_jB483f6N4gvrK_Y", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QLMyuI5uCUoRROUbBI9Pcz0O8LVTENJJ4Ga_M2K2jxOQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZHcA3Zh7hCTckqTMBSMfHJPYMse_jB483f6N4gvrK_Y", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179159", + "type": "pypi", + "name": "simplejson", + "files": "QmlTRFnFq0wXmYGMtlkxpaqBakmcUf2iLsxn361tgQ-4", + "version": "3.19.3", + "artifact_id": "cp313-cp313-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 524139, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QCXQI-Kg6mUmFba17gkgg05QyBxPoHmcmp-XuWntTGi8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qj6BIB8j4qArOuJPTePuQR4jwMLP8yVRRmwfbPx94MRg", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaqJhF_z-EOCwtyrBHqKFLOn2YlKWoFLyn1IdEpFnQKM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaqJhF_z-EOCwtyrBHqKFLOn2YlKWoFLyn1IdEpFnQKM", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QCXQI-Kg6mUmFba17gkgg05QyBxPoHmcmp-XuWntTGi8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QCXQI-Kg6mUmFba17gkgg05QyBxPoHmcmp-XuWntTGi8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QRjZCEq7ohxCJKWXsI_xIMOYtYzJe5QTJzBX2lQxSfRw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179160", + "type": "pypi", + "name": "simplejson", + "files": "QiCrdKKvnaOVw0Pw4_8s-obca2vB_kABm2dCx6NrPYdE", + "version": "3.19.3", + "artifact_id": "cp313-cp313-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 417699, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q5IypoPfN_R0whMoqVnnZaynhkzHIFO4orWXPYz0xA9o", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qv3M7g2Ub3G9joCYH856vzWNPwQn5KUaudlX-07lmhIc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q5IypoPfN_R0whMoqVnnZaynhkzHIFO4orWXPYz0xA9o", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qv3M7g2Ub3G9joCYH856vzWNPwQn5KUaudlX-07lmhIc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QxmYNqbWiDSKPM_ikrteu5c4hD46h7JjM4HnHxyodoPE", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qv3M7g2Ub3G9joCYH856vzWNPwQn5KUaudlX-07lmhIc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QMU21lr1ibHrzBznG2mjkb8epzF25iXSFO6DF9Cc8fDM", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-i386-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179161", + "type": "pypi", + "name": "simplejson", + "files": "QW7A9HomGYe1oVyh0SJfcln5TskQH2ISFaz246QXdNKk", + "version": "3.19.3", + "artifact_id": "cp313-cp313-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 488181, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QiaYIaxS6ByhosN_wDNwIzrNIM1PlgM4zgqNBnuNJlhs", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QiaYIaxS6ByhosN_wDNwIzrNIM1PlgM4zgqNBnuNJlhs", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QiaYIaxS6ByhosN_wDNwIzrNIM1PlgM4zgqNBnuNJlhs", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QgTXQq-WBwZ9phQnPiUYFODAFEtX5Se79DxnOURfgyyQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QgTXQq-WBwZ9phQnPiUYFODAFEtX5Se79DxnOURfgyyQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QYgmeyiRM6aK5MSKWj4w5j_8_hKaKh0Gwr-5e2wVr8AY", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q0aJp9rtMXrS0JhIETM27c44U-Hvb09zMvta93B1g_JE", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179162", + "type": "pypi", + "name": "simplejson", + "files": "QCFasmbeUTVQFMhtax4Chof_dFhy1SnZhKk2_uDUkGJw", + "version": "3.19.3", + "artifact_id": "cp313-cp313-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 423568, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QVjlu8FSz2c7m89ieGC02G4bjfW5JmJy1Oa-nnPaXb38", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QWTjNJTVQ3ju44fes4fvQE44fAzqF3_X8HkkTFXCCei0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qglp1BgV_nSpfnjRvaVtxKrM12cZLwHSaoGCAxrOhbZc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qglp1BgV_nSpfnjRvaVtxKrM12cZLwHSaoGCAxrOhbZc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qglp1BgV_nSpfnjRvaVtxKrM12cZLwHSaoGCAxrOhbZc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qc0lxoDNf9iKeR88l0daK8ADnxCARsWe0VPKXRlqskTs", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QVjlu8FSz2c7m89ieGC02G4bjfW5JmJy1Oa-nnPaXb38", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179163", + "type": "pypi", + "name": "simplejson", + "files": "QHuIM9jimBmMZf68GZzuxoxX-UqLjWUi94XEFZYoHsgs", + "version": "3.19.3", + "artifact_id": "cp313-cp313-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 403834, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QSik6dbyn-iDSxGVRtoAurfLgoqcqBEj3tq85csReqE0", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSik6dbyn-iDSxGVRtoAurfLgoqcqBEj3tq85csReqE0", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qk4V0mEUVgq7YGDKjNTcwXvtrxWeizGI6m9eNvqWk0_E", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QF7FHC8oXcsFmRNerWOHUibiB3fHLK3Dvg7Ki0OT21KA", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-i386-linux-musl.so" + } + }, + { + "key": "QUlMXyYMdk61R4A0hxK_aU1k2hWl5i70YiC2hToAhwhI", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QUlMXyYMdk61R4A0hxK_aU1k2hWl5i70YiC2hToAhwhI", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QUlMXyYMdk61R4A0hxK_aU1k2hWl5i70YiC2hToAhwhI", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179164", + "type": "pypi", + "name": "simplejson", + "files": "QwVlxKBmR-YFb6iYPR8-O1_LH0SUlN63bj9UKwqvrpc0", + "version": "3.19.3", + "artifact_id": "cp313-cp313-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 437652, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qd1xIOi3ODyMGu4qo-bozQojfuU0JB_wvpMLgDfVx4kA", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qd1xIOi3ODyMGu4qo-bozQojfuU0JB_wvpMLgDfVx4kA", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q2Azm7qeA2OzzVsntRA8vXLjcONoKmYQgZJz4XZDs7v4", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QsNyNogA1ou6tAM_mgZ8arXwN5Oj6WVv3pD6g_VGsImk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q2Azm7qeA2OzzVsntRA8vXLjcONoKmYQgZJz4XZDs7v4", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qd1xIOi3ODyMGu4qo-bozQojfuU0JB_wvpMLgDfVx4kA", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qs94JqyWl9Z8L60Dex3H0tcDVHuE92sKoDgT79NT3kfc", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179165", + "type": "pypi", + "name": "simplejson", + "files": "Q5b6pvf8bs5cW1KUHaCCet5CePjpQLH4T-wGgemGobec", + "version": "3.19.3", + "artifact_id": "cp313-cp313-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 414622, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QCu63Gc8Twr7lP3eFNSW1dE6YmTHHRcPARgeqNcZO4hI", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QrLMTvp242de4RpP2uWqPQ4uAckMsXcRCk4pCq5XAS48", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QrLMTvp242de4RpP2uWqPQ4uAckMsXcRCk4pCq5XAS48", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QrLMTvp242de4RpP2uWqPQ4uAckMsXcRCk4pCq5XAS48", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q51IfxWFn1tyHHgpGpD9clBsWBIAAov7_lrfqzo-p_L0", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QqtsvWo7JXSdNXUZYjwGaPsgQhEhzHjVJDxHuXeoOemg", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q51IfxWFn1tyHHgpGpD9clBsWBIAAov7_lrfqzo-p_L0", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179166", + "type": "pypi", + "name": "simplejson", + "files": "QrXZ8Rba8O1b-wlj6Gkt6Wm8D35BO_bxhzdN9J2MdHoA", + "version": "3.19.3", + "artifact_id": "cp313-cp313-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 227647, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QrmysOjNKgAQSR8xtqKDVZLm77PHiAJ0UZLAvjFJSRVM", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qu1h47DGZ_cZKMVwVCiKjMrR4zqPPV0XqvXe3CruY0cg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qi6bzH0JAM3dBI0a54_vPUaObHeLPspqyyBD3OEtSs1A", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QrmysOjNKgAQSR8xtqKDVZLm77PHiAJ0UZLAvjFJSRVM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qu1h47DGZ_cZKMVwVCiKjMrR4zqPPV0XqvXe3CruY0cg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qu1h47DGZ_cZKMVwVCiKjMrR4zqPPV0XqvXe3CruY0cg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QODNctWvLMA2j15bJ86qbT1rugoP2s4uCQ4WxFgrVGFc", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp313-win_amd64.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179167", + "type": "pypi", + "name": "simplejson", + "files": "QJzbGHpZsOgz-RPI2rGxlKI5D-rzPw5oSkufTn7tAZ9Q", + "version": "3.19.3", + "artifact_id": "cp313-cp313-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 221494, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QjTezNHJ3kiEjaOm7blcJ7MQEg9gv3DKFrU0g2DqPz_A", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QjTezNHJ3kiEjaOm7blcJ7MQEg9gv3DKFrU0g2DqPz_A", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QiwDz_07rbgCZn9UH5aWzvLHff0Ciua9EcxFg3xqObhQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QiwDz_07rbgCZn9UH5aWzvLHff0Ciua9EcxFg3xqObhQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QiwDz_07rbgCZn9UH5aWzvLHff0Ciua9EcxFg3xqObhQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q4qcBtfPLpuz62DAgWQ3GWN1xQ0zj0Y9mXbxbbMoFdYs", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QXPWEv9BFEFYKZ-AGlM6HLU9ZQbRBEiqjN6mup5XiDoM", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp313-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179168", + "type": "pypi", + "name": "simplejson", + "files": "Q8p8Us9lmHAwrMzLG6F2bbLqINhqyF0srhM3mFlEZelc", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 224987, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qx3Kwwo7mB7ID-dvlZUyW8x0eneItWuyft2esxquuoF4", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qx3Kwwo7mB7ID-dvlZUyW8x0eneItWuyft2esxquuoF4", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QV94qgEk9JXSZlNeQsdEXqhTz3lOB3BSGQr-IuMYHGDQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QRnqP0EylnuRzFeXrOYf4EsH-BlkfRDyaqzteROi2SXQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QV94qgEk9JXSZlNeQsdEXqhTz3lOB3BSGQr-IuMYHGDQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qx3Kwwo7mB7ID-dvlZUyW8x0eneItWuyft2esxquuoF4", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QqN_JlrbyeubLUQWPxnoSfkSyXArc1TixhaFXyy7IVJE", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179169", + "type": "pypi", + "name": "simplejson", + "files": "Q0rY30edODbEB0PLmQ6zDDNeZ_lkBB7GUFPSuxuERZhk", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 404648, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QD2fDjDmGOMwlTtdyr_rMM9JjdB8TJax4qyFqzIeCaoc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QD2fDjDmGOMwlTtdyr_rMM9JjdB8TJax4qyFqzIeCaoc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QUgCa-xeG9uO8I0wL8jCpRSBtkQ5dqZWz39y7oaQNxPA", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QD2fDjDmGOMwlTtdyr_rMM9JjdB8TJax4qyFqzIeCaoc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QUgCa-xeG9uO8I0wL8jCpRSBtkQ5dqZWz39y7oaQNxPA", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q_mA8PaAcdurjGKy_jK6UiJelEQVsxKI5P04TiX1G-Kw", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QpxZh6KTISW6mSwcLUZXMq1c_XUICfkHJeX27TYXaL8c", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179170", + "type": "pypi", + "name": "simplejson", + "files": "Qv1XV_wrFePwxTUEHJKxfDnfvksvcj0SmQjI1C31Y-6I", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 423852, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QuKNSvgS_VmdeA8Cea6iox9q6V-M2qfJuP-ma1Z-CuJU", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QjQVBxOIDAKPp8eKvLdKaqpj8VuRzvHQqA1zxqnbb9Xg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QjQVBxOIDAKPp8eKvLdKaqpj8VuRzvHQqA1zxqnbb9Xg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QjQVBxOIDAKPp8eKvLdKaqpj8VuRzvHQqA1zxqnbb9Xg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QDGPQclILkHbgA18xg7I5H71aVJKyNp7FwSKTh3MhwDE", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QuKNSvgS_VmdeA8Cea6iox9q6V-M2qfJuP-ma1Z-CuJU", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QWH5ipIr3EtBO3BKJsA_Kno7bO5LMJe8YwuVwnY5XEXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179171", + "type": "pypi", + "name": "simplejson", + "files": "Qls5NaNUfkZBJ4GI3WrXfnNFQFwS93w0MgClRuf3XMdg", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 341530, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q1S3GDqQFZc2fuTPjlsxdphOklIJSvCrwITCnWIdpwmQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QRL4zU98qX_iMs7fw3vDMMx9Zg3L4yf_N9IiHQCGg540", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q1S3GDqQFZc2fuTPjlsxdphOklIJSvCrwITCnWIdpwmQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q1S3GDqQFZc2fuTPjlsxdphOklIJSvCrwITCnWIdpwmQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QwW0FsmVriq7fnuEnJOzT4SFYtcppFgF3WsezGBFmbJs", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QsceopJlqaPZKqDM2UZjm3fCDf-CcEvk2gIif6dY5WNs", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QwW0FsmVriq7fnuEnJOzT4SFYtcppFgF3WsezGBFmbJs", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179172", + "type": "pypi", + "name": "simplejson", + "files": "Q2KWcWmS_lDHETrbbS3--D7VnrNQC85aFVNbvUyiPscg", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 384452, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QGH5RqfqEo9eZP_sw4YkkkztexMkahdoc1I5Y-t1u298", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QDX1RU1CONQZjh2rKhncwLeoqkAQfM-s0I1e_5xx8fhQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFB2yDgSK-6xnOYWcdT8_XRKZq76cFaGOjVzD6XzYQ8A", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QFB2yDgSK-6xnOYWcdT8_XRKZq76cFaGOjVzD6XzYQ8A", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QpRs7w4MdwBJ7cxNfCurItW5fd2mUBR2ZFotBqKQJD08", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QpRs7w4MdwBJ7cxNfCurItW5fd2mUBR2ZFotBqKQJD08", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QpRs7w4MdwBJ7cxNfCurItW5fd2mUBR2ZFotBqKQJD08", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179173", + "type": "pypi", + "name": "simplejson", + "files": "QkqAOzYJ3WxVWqEh9kAPs1jJivo4d5PzM2tzhNt9zlYw", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 365993, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QpxZh6KTISW6mSwcLUZXMq1c_XUICfkHJeX27TYXaL8c", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-aarch64-linux-gnu.so" + } + }, + { + "key": "QcL4enGxRW-BMxArq0AYmPs5Lt6SLJPLt6mX7vtNSNJk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QcL4enGxRW-BMxArq0AYmPs5Lt6SLJPLt6mX7vtNSNJk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QcL4enGxRW-BMxArq0AYmPs5Lt6SLJPLt6mX7vtNSNJk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QoR4rPU-lF8JOAd8TfrANg8Jzna37uNo8ylLkpNeNTto", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QeXk3Gtl1o66REksIYvNd0OMn5aUSjMqSObngL2Nje80", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QoR4rPU-lF8JOAd8TfrANg8Jzna37uNo8ylLkpNeNTto", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179174", + "type": "pypi", + "name": "simplejson", + "files": "QZ4Ta8bBBKpD12gZMAn2i8-6noKcc73rO4Sm0A4b2FQM", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 342935, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qx3EpwMYXNJnLKUkAzruLC4mphJEl0NDVOFDQpOLla-E", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QRL4zU98qX_iMs7fw3vDMMx9Zg3L4yf_N9IiHQCGg540", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QF_OowWzfcenhj2_E4Kb-39kWIaE1LPMiX7WJbPEmPqM", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QF_OowWzfcenhj2_E4Kb-39kWIaE1LPMiX7WJbPEmPqM", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QF_OowWzfcenhj2_E4Kb-39kWIaE1LPMiX7WJbPEmPqM", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qx3EpwMYXNJnLKUkAzruLC4mphJEl0NDVOFDQpOLla-E", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qyw0EnTFFJdgdvncREPoXM1emDeVSV4Uc9EW6uoxnDGA", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179175", + "type": "pypi", + "name": "simplejson", + "files": "QQxIuFKuJaGp_rAnG2qllVeV6WBJIjWiBeNpXtByX6EQ", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 379597, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QWUfdISBW6JAaQMjPKFg8YquL4gzgFuYIdTtuAb5gSSE", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QYNKnbQ9DE0z0ShKkcsuFZqhVL-4kZhxbIQmFHcq9N8s", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QYNKnbQ9DE0z0ShKkcsuFZqhVL-4kZhxbIQmFHcq9N8s", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvwUArr34Cz0xKI7nsFjnvNUoD-_poprm9Kg3tHr9PBk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QvwUArr34Cz0xKI7nsFjnvNUoD-_poprm9Kg3tHr9PBk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QvwUArr34Cz0xKI7nsFjnvNUoD-_poprm9Kg3tHr9PBk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QWH5ipIr3EtBO3BKJsA_Kno7bO5LMJe8YwuVwnY5XEXg", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179176", + "type": "pypi", + "name": "simplejson", + "files": "Qqu-BPH903IvrekIo8EnJ8yYQRtXMFxLblzIsD_bTL_A", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 352303, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QGH5RqfqEo9eZP_sw4YkkkztexMkahdoc1I5Y-t1u298", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QxVKGgfvxplWJkFjAqMwi0OF-tj67k7BdPspvuMq4Efw", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QIz5hh1QDevL3Fy_16ZTz2yvzWp3RDJ-OH-YS94tsQFY", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QxVKGgfvxplWJkFjAqMwi0OF-tj67k7BdPspvuMq4Efw", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QUMtLOdu7N-YQUAutd7eg6jaqRt8kOeLSTN1EmNJBS2w", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QUMtLOdu7N-YQUAutd7eg6jaqRt8kOeLSTN1EmNJBS2w", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QUMtLOdu7N-YQUAutd7eg6jaqRt8kOeLSTN1EmNJBS2w", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179177", + "type": "pypi", + "name": "simplejson", + "files": "Q9aB0RiHMZrwk761E6oSS1eN1ZKl1ARi6bA4PA3fJ9yo", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 231674, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QM_nTVqHH4dSLVxZ8-qKNWvYs167E9jwAuQGyL447Bms", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp36-win_amd64.pyd" + } + }, + { + "key": "Q-IfQ1-UXwUoTzGqC-BvodoEvdBspyy3gVjwQ_zgxY44", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QfR2-RQOawa7j-45txVMfJRvFeyLOrwrQ85dayqc7iVw", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q3FABW5oeTftsdGLTmALX8-DW1v7HhwLQKhjpF-efiXo", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q3FABW5oeTftsdGLTmALX8-DW1v7HhwLQKhjpF-efiXo", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q3FABW5oeTftsdGLTmALX8-DW1v7HhwLQKhjpF-efiXo", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QfR2-RQOawa7j-45txVMfJRvFeyLOrwrQ85dayqc7iVw", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179178", + "type": "pypi", + "name": "simplejson", + "files": "QD7pxXfUbyeKHrLj7kSFgkggEmu1cgybXtttymiE198w", + "version": "3.19.3", + "artifact_id": "cp36-cp36m-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 223985, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QEDfNW7uo0KUt34OB-N8ZCT9593Yua-WRCXAWGq7QJcs", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QD8LveurPzo92b1IxNXzxRsu0iBmkCI4Q0VXfSUTvH-s", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QD8LveurPzo92b1IxNXzxRsu0iBmkCI4Q0VXfSUTvH-s", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QeynUuOI6F5-BI-DLCM9dA0xZfuJV8-tR5RRrcF83sOE", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QD8LveurPzo92b1IxNXzxRsu0iBmkCI4Q0VXfSUTvH-s", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QEDfNW7uo0KUt34OB-N8ZCT9593Yua-WRCXAWGq7QJcs", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QZcXtnRRm20WamTvfahDT-GLXzwHwi0vG4K7UkGSUok0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp36-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179179", + "type": "pypi", + "name": "simplejson", + "files": "QOg880VK-_OtTTfsff4c4yxzV-YrSD0H6jnMUylCzf6o", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 225040, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QZO9LifpFwPsyDHUPI_WTGgQfBiNVrADOV2W0bKZs_ZY", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QZO9LifpFwPsyDHUPI_WTGgQfBiNVrADOV2W0bKZs_ZY", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QZO9LifpFwPsyDHUPI_WTGgQfBiNVrADOV2W0bKZs_ZY", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QrMYqVcvMelYUWX9KtdHLmzE2E2-uSii2ZW2pUL-6_RU", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QRrtRJeraXQpG4mI2MwZu-iLTEhRAspCNR-acwZvvxgo", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRZ-XaYlqHd-zbrQFKySCRCjHVg8N88tVGnl4pMJFyv4", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRrtRJeraXQpG4mI2MwZu-iLTEhRAspCNR-acwZvvxgo", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179180", + "type": "pypi", + "name": "simplejson", + "files": "Q7s0nbile7ujb2sDeoHqO3TiAde1crdg1Ij_e0VhJoFE", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 406462, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q81EynJGbNJgLBjM-MVB5wlJ2lhMJGzDLjST_AFIWscw", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q4GcA2Dgwsz81JHDibnNl4SdqTfI2yn1cEFgtdvDGwR0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Q3gMUMIce1gb-LuVBTKq8r0z_S52V23laGDDONXTRb18", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q3gMUMIce1gb-LuVBTKq8r0z_S52V23laGDDONXTRb18", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QMugl5ttsfbeVQzbQMe42_eby1wouISTcy_OZPAhC5Ts", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q3gMUMIce1gb-LuVBTKq8r0z_S52V23laGDDONXTRb18", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QMugl5ttsfbeVQzbQMe42_eby1wouISTcy_OZPAhC5Ts", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179181", + "type": "pypi", + "name": "simplejson", + "files": "QGKJFgQ1_Wpv3Saoi7p009n7hMchaESNOWMAv7-ryiLc", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 425666, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QX2Pa4NwhGB9pqXBMSXobAh7nONjxbp1Wm6OR12X5Omw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QVZ7XL5NOwjLTRTSD9uIb_VCfBf6BLFATlS6r_RIhnao", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvKNzD1_AHsCsFp-2BqPUUHNIIWC-RWTTiQrYUqoLL2M", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvKNzD1_AHsCsFp-2BqPUUHNIIWC-RWTTiQrYUqoLL2M", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QQAbhWtFmB93U_SgzEX6R1--UmPR8Q5OE1YnKlinvDEg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QQAbhWtFmB93U_SgzEX6R1--UmPR8Q5OE1YnKlinvDEg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QQAbhWtFmB93U_SgzEX6R1--UmPR8Q5OE1YnKlinvDEg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179182", + "type": "pypi", + "name": "simplejson", + "files": "QRlQlnmFBq62nFj6uLkoMgEJWzDdVF_mANaXm1Df5FTU", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 343356, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QvGF5vFayphS3TJDrCJ6ME65WcmKSevLkhLKsuXbKFHc", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "QE06wDcCRFX6DoCJE-vg6A5wdIR5JLCsI_ntyTSkyPVI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QA4SRnFY9hD_Gl4hjUe0I3PKiNIortbKk7HuI8SuB-8g", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QA4SRnFY9hD_Gl4hjUe0I3PKiNIortbKk7HuI8SuB-8g", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QJoHjxe26Zt1niioNxFi-5VXJtuNeeK-kGiM4DpnKzBA", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QJoHjxe26Zt1niioNxFi-5VXJtuNeeK-kGiM4DpnKzBA", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJoHjxe26Zt1niioNxFi-5VXJtuNeeK-kGiM4DpnKzBA", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179183", + "type": "pypi", + "name": "simplejson", + "files": "QeMMhtS2d1a63mGgu5676e4hDTdyUUPRBjqW2fC7Pqvs", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 386266, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QorfRIXqmIxGHfwh7_d6Nwd7IhH8UFMUSRz97488g3Io", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QyAPFw-0fPZ2pk_sGfw28TDOGzlDXrcgvsSJ9b_BHUqo", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QR21BreT_2WUCKhbEYi879DpwOg75_-8L1loWb1r9qyM", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QNGUaGtdoy0J7Ppvtphu8rzhxUZCkHKBljWtqWfuhz5A", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QNGUaGtdoy0J7Ppvtphu8rzhxUZCkHKBljWtqWfuhz5A", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QorfRIXqmIxGHfwh7_d6Nwd7IhH8UFMUSRz97488g3Io", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QorfRIXqmIxGHfwh7_d6Nwd7IhH8UFMUSRz97488g3Io", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179184", + "type": "pypi", + "name": "simplejson", + "files": "QoDz6wA3THI3lLtS0OjYcrsaCm2BLlg4RA88iekIrKTI", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 367823, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q4GcA2Dgwsz81JHDibnNl4SdqTfI2yn1cEFgtdvDGwR0", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-qWVCevna9Z1FdMk73w1nNdwJJJ0SKDdn4eSxLirgTY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q4Mru2zDneMJRskrtsdZcYUiTyQ9gYlYgw-GQbGYhC2E", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QTI3UGJRVYXeAAtw6Ck01qwGSDjP5UbchRgrTNqEPfho", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q-qWVCevna9Z1FdMk73w1nNdwJJJ0SKDdn4eSxLirgTY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q4Mru2zDneMJRskrtsdZcYUiTyQ9gYlYgw-GQbGYhC2E", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q4Mru2zDneMJRskrtsdZcYUiTyQ9gYlYgw-GQbGYhC2E", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179185", + "type": "pypi", + "name": "simplejson", + "files": "QkQh_DfCETygvxG7p6QR_gES_OMjNrWdq6x4BsABHuLY", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 344761, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qi26KYxy5BtLg4b_Erp601rID8uOketpndo612h_SESc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QfLSREBCRhdBcCmdfUXJhQmdBCqwuayUDMEMjp0JL_CY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q59YUAPAPlyoqZsm4VZWo4uMzFCGKDQv3MnEbA_3j6bM", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QfLSREBCRhdBcCmdfUXJhQmdBCqwuayUDMEMjp0JL_CY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qi26KYxy5BtLg4b_Erp601rID8uOketpndo612h_SESc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qi26KYxy5BtLg4b_Erp601rID8uOketpndo612h_SESc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QvGF5vFayphS3TJDrCJ6ME65WcmKSevLkhLKsuXbKFHc", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179186", + "type": "pypi", + "name": "simplejson", + "files": "QuA5g16bnjy2JV9KLAk7aTlea8ptLzKomlFffThO_oG4", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 381427, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QmLAzMuVOgVSZ66-2PtplGiotETdV9TOkRRWYaB89dnA", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QmLAzMuVOgVSZ66-2PtplGiotETdV9TOkRRWYaB89dnA", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmLAzMuVOgVSZ66-2PtplGiotETdV9TOkRRWYaB89dnA", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QX2Pa4NwhGB9pqXBMSXobAh7nONjxbp1Wm6OR12X5Omw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QXEUCYOlCpzH_sXXpNToSaLst0ZKH7EPIW06JXXfw7CI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QnJ7ScilNY9ZdBD9SCKHc1pF5DGknc66Ozt3g-WT4kiM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QnJ7ScilNY9ZdBD9SCKHc1pF5DGknc66Ozt3g-WT4kiM", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179187", + "type": "pypi", + "name": "simplejson", + "files": "QAUvIg0AYXXDvY4FpizbLNaEyd-wBKKwM3HY614TzxoU", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 354133, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QviHwIAn2R0IrPkIGqk8FdE3gpAaPg87KWn61DeeB4Hk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QRcMV0FTJq-PUsqIzurbmSfEPJUzAMaJYa_a9rWgZuos", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QyAPFw-0fPZ2pk_sGfw28TDOGzlDXrcgvsSJ9b_BHUqo", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QviHwIAn2R0IrPkIGqk8FdE3gpAaPg87KWn61DeeB4Hk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QviHwIAn2R0IrPkIGqk8FdE3gpAaPg87KWn61DeeB4Hk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QRcMV0FTJq-PUsqIzurbmSfEPJUzAMaJYa_a9rWgZuos", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFgVOwRpep2jycDMCAb0imeXXFfOMVAV65OF__cHatL4", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179188", + "type": "pypi", + "name": "simplejson", + "files": "QD6t3QSlQkFJK03TtprJK189DIjwDFVtni0zGF0RxAuQ", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 226622, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qv_WZSdKLF0EPKR9z9B9wC5spwO7hFAhjj7w5FO0W57E", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp37-win_amd64.pyd" + } + }, + { + "key": "QOFvFR1oCmK_Ho9IftTCjjWsrWYN-jKeuaKIXJ1k2SIs", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QOFvFR1oCmK_Ho9IftTCjjWsrWYN-jKeuaKIXJ1k2SIs", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QOFvFR1oCmK_Ho9IftTCjjWsrWYN-jKeuaKIXJ1k2SIs", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QV2ErkGcbxf3nw-DOSPASZVqiPSjtz1mXapOwmfWQnNM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QyCmpgP-QIJPDJn8Pp3ulE2jjByEGHo1HDW_t6i5-tO8", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QV2ErkGcbxf3nw-DOSPASZVqiPSjtz1mXapOwmfWQnNM", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179189", + "type": "pypi", + "name": "simplejson", + "files": "QdXnzjnsgg7Ic3faAx9XYy3h3B_YE58oNuNRnMYh2V2E", + "version": "3.19.3", + "artifact_id": "cp37-cp37m-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 220981, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QJEI5asFuhcTUe5HnEKzgCF2X6JB5iwJGoW9h_BVx_fk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJEI5asFuhcTUe5HnEKzgCF2X6JB5iwJGoW9h_BVx_fk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QnYCE4cOR-1uLz8r_dF4aUNPN_KgOGglfN6CH-qwY-Uk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qz41Qqf4OirGbnNEdVDw8BRhfcE4GWFh8ged4g3U7_YQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJEI5asFuhcTUe5HnEKzgCF2X6JB5iwJGoW9h_BVx_fk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qz41Qqf4OirGbnNEdVDw8BRhfcE4GWFh8ged4g3U7_YQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QVEncUtTyso1r0AJYXh-JRsiKhdvOEgaR93MBJLSM7wM", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp37-win32.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179190", + "type": "pypi", + "name": "simplejson", + "files": "QbEpbpc5ilQleEzXtP-ia7xn9fWrAK3cB2N5lKQizuZ0", + "version": "3.19.3", + "artifact_id": "cp38-cp38-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 306898, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QCIXnH6mIslTAmsL2ndH87ASAooyFr6XFY6XnFOd7iD0", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qy5VGE0IFDQ2AAwSWxIRAM8aLgVQC4xPj4o5fkdK_e-8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-darwin.so" + } + }, + { + "key": "QmHpIKB86_3YmuxlY3PIXRa4uSe4cnY0GzK6AUsMc854", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q8UX9pzpH-11wwAND5n0AJm52VcFhQh0gzeKVX49L8vE", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QCIXnH6mIslTAmsL2ndH87ASAooyFr6XFY6XnFOd7iD0", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QCIXnH6mIslTAmsL2ndH87ASAooyFr6XFY6XnFOd7iD0", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q8UX9pzpH-11wwAND5n0AJm52VcFhQh0gzeKVX49L8vE", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179191", + "type": "pypi", + "name": "simplejson", + "files": "QFB9VV0prMBZCt1eYPsjcS_Dqpf0m5n7bn3tj9lXwGbE", + "version": "3.19.3", + "artifact_id": "cp38-cp38-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 225197, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qy5VGE0IFDQ2AAwSWxIRAM8aLgVQC4xPj4o5fkdK_e-8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QJiUI1orcInVWgetfAabl4-Q0Pt51Fj-9JwofR_IOpw0", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJiUI1orcInVWgetfAabl4-Q0Pt51Fj-9JwofR_IOpw0", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJiUI1orcInVWgetfAabl4-Q0Pt51Fj-9JwofR_IOpw0", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Ql5UGeyRxcF9MFMwUbI8hOHzwTBg2tpbHukWPGe4Y_5U", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Ql5UGeyRxcF9MFMwUbI8hOHzwTBg2tpbHukWPGe4Y_5U", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qmr5r3UpeoDpuQDBJuepBlxe9r9FdBrQIWcdVuUFq10U", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179192", + "type": "pypi", + "name": "simplejson", + "files": "Qzj8Jfi-pDVlVDgrquoOIP4tPLTzfVihyLY3CWRsbMYs", + "version": "3.19.3", + "artifact_id": "cp38-cp38-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 257756, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QkpP-9UgzZc1Mmp5h7NnpLYXME8RfYSJhrqbUrBRXYqE", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qy5VGE0IFDQ2AAwSWxIRAM8aLgVQC4xPj4o5fkdK_e-8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-darwin.so" + } + }, + { + "key": "QSWWCy3uPLH7Q4aeXgMDSsqiF46TFlJ75rKmf4UkpiIU", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QSWWCy3uPLH7Q4aeXgMDSsqiF46TFlJ75rKmf4UkpiIU", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QkpP-9UgzZc1Mmp5h7NnpLYXME8RfYSJhrqbUrBRXYqE", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QSWWCy3uPLH7Q4aeXgMDSsqiF46TFlJ75rKmf4UkpiIU", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q4aWDmBZqto4TkbEK37abYysLHWPctBQH6t2M_J7-Wf4", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179193", + "type": "pypi", + "name": "simplejson", + "files": "QDYgOZJs0czqTqtMiLiqrOsE3x-DzqBDA2C4_AhvvjVk", + "version": "3.19.3", + "artifact_id": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 452370, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QvgegVti0zuYpk3jn9D5S7kIu2LlKin304-zT0-C-PZk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QnV8IBdpRiv8594WYxvwAxpcOYQ5kzRrew6a7x_gXQhY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QnV8IBdpRiv8594WYxvwAxpcOYQ5kzRrew6a7x_gXQhY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qx2QoYumTQz98lF72S6OlSFNoE1R9Ur_b8qMvbfXg9sI", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qx2QoYumTQz98lF72S6OlSFNoE1R9Ur_b8qMvbfXg9sI", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qx2QoYumTQz98lF72S6OlSFNoE1R9Ur_b8qMvbfXg9sI", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QHtxOz3YvNTolSMPmJplBqD0oNzphxSNFRNbACJDYCtw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179194", + "type": "pypi", + "name": "simplejson", + "files": "QI9ITYJkee8vfLF2fX22thjsCFPq_vX0RKWBT6Di-nB8", + "version": "3.19.3", + "artifact_id": "cp38-cp38-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 474030, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QP6ZWXWrHncF5tyX3FVhUyJF9hIn2mFt2rxOdHHjFaMQ", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QP6ZWXWrHncF5tyX3FVhUyJF9hIn2mFt2rxOdHHjFaMQ", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QaSHCC9VG6ZNt9zZJpGLFsIO6w57V8bungE8ljaSaHqE", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qt91gRm9dOX33X6HpJ0n91qS887eoXK87HK1rKwjPbKo", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QjZAsofKYUjdcseDUKV6aoLw9Wht2pS4lI0F_U_pOQXU", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaSHCC9VG6ZNt9zZJpGLFsIO6w57V8bungE8ljaSaHqE", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QP6ZWXWrHncF5tyX3FVhUyJF9hIn2mFt2rxOdHHjFaMQ", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179195", + "type": "pypi", + "name": "simplejson", + "files": "QdPHzyTTQ-8gfgwGTE1-vggpRpAVRdyjaSqCiAkvN8Bo", + "version": "3.19.3", + "artifact_id": "cp38-cp38-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 372342, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QNRk_2pVuSVGzsAAsJ2_DqWoZFYAMRKwlasS52aX9G6g", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qr8vaPklUbfuOT1txDs-FWpuJ-igiXMW-FmjbteIntEk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qr8vaPklUbfuOT1txDs-FWpuJ-igiXMW-FmjbteIntEk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q9XUnSyRxoG9SsD05N4jx7Xj0jrqDfqpwQoCcCvheUo8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "Qr8vaPklUbfuOT1txDs-FWpuJ-igiXMW-FmjbteIntEk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QSNox6ahKUacFaJLyyaHLE67_Ya90zY3Jm3q5q42u7rY", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QSNox6ahKUacFaJLyyaHLE67_Ya90zY3Jm3q5q42u7rY", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179196", + "type": "pypi", + "name": "simplejson", + "files": "QKVUZZ3xVcYcTjJqBfQGhvZJ-wwFy0OW_8EcBJpdoYdE", + "version": "3.19.3", + "artifact_id": "cp38-cp38-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 429932, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QvUmIm2wbpOnXq6pHM3HKSSKdOzM8n_xqbxoL48vzsxQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZMH-zr-v_fFekwLh6dei3nF4JSBY2R6gjNlRIncqbjQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaOJ3YE3UIQy7k0aUipaEjNjLjFUh418sk0pVdVEnrLk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QaOJ3YE3UIQy7k0aUipaEjNjLjFUh418sk0pVdVEnrLk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QXZ0cXXe-_MhB5t7PXnN-SomrcWRFG7EToEgUhfw4Ks8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QaOJ3YE3UIQy7k0aUipaEjNjLjFUh418sk0pVdVEnrLk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QZMH-zr-v_fFekwLh6dei3nF4JSBY2R6gjNlRIncqbjQ", + "type": 19, + "file": "simplejson/tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179197", + "type": "pypi", + "name": "simplejson", + "files": "QddoYdos4gAgmmbbstMC6_Z95BeI8W_ljQnnWk4Iyr5c", + "version": "3.19.3", + "artifact_id": "cp38-cp38-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 389228, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QoQHczp6qcbtLZwNHsHB2-hwuPQm68vifk3e-TPIqyuI", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QWrW_I6Mbe-7yEFULvx1M5XYfjbxaPoO0vLUKEpGT8Ps", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QWrW_I6Mbe-7yEFULvx1M5XYfjbxaPoO0vLUKEpGT8Ps", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QWrW_I6Mbe-7yEFULvx1M5XYfjbxaPoO0vLUKEpGT8Ps", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QHtxOz3YvNTolSMPmJplBqD0oNzphxSNFRNbACJDYCtw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QoQHczp6qcbtLZwNHsHB2-hwuPQm68vifk3e-TPIqyuI", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QVSZLW3c6UWst5H77airsE9gOa9oDRkO_UMSDuiKbFoY", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179198", + "type": "pypi", + "name": "simplejson", + "files": "QxmXXSaRXFwbTOFuArmOCE_wMF_wRwN_y_p4-E0RFmfs", + "version": "3.19.3", + "artifact_id": "cp38-cp38-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 365910, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q9XUnSyRxoG9SsD05N4jx7Xj0jrqDfqpwQoCcCvheUo8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QDI-JnIGRqlYUAI9UTIPXD7xlAGfC35xcYmpvqn7PYHg", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDI-JnIGRqlYUAI9UTIPXD7xlAGfC35xcYmpvqn7PYHg", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QmOMzlDV1MPasI6gHt1qc2ccBgJ9Toy-I9-_f-SuvzXw", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QObuE-XxARrp0zHlJyBO6Kk3NT2bff7n4mcSznfFBdP4", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QObuE-XxARrp0zHlJyBO6Kk3NT2bff7n4mcSznfFBdP4", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QDI-JnIGRqlYUAI9UTIPXD7xlAGfC35xcYmpvqn7PYHg", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179199", + "type": "pypi", + "name": "simplejson", + "files": "Q_ti8u5-jNB7gFrssVZtbCc6s4LpTvP8ndz7IJ1Gg2NQ", + "version": "3.19.3", + "artifact_id": "cp38-cp38-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 406392, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qt91gRm9dOX33X6HpJ0n91qS887eoXK87HK1rKwjPbKo", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qx6vpdzwow60h-93kQGHd0ExqCBDhJDIXW7_iTjwfZZg", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q90b_sxMeXJRiDhzGXHglzhBLUc4ZBl28aImF668tCl8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q-kBleFZy8EPbpQ2eXepnovCTUF510AchVo9cYhA4rqk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qx6vpdzwow60h-93kQGHd0ExqCBDhJDIXW7_iTjwfZZg", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q90b_sxMeXJRiDhzGXHglzhBLUc4ZBl28aImF668tCl8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q90b_sxMeXJRiDhzGXHglzhBLUc4ZBl28aImF668tCl8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179200", + "type": "pypi", + "name": "simplejson", + "files": "Q-o-e_-6wUnfaNEhkHLW74EKN-r1SIOg7-WWxgjB5nWQ", + "version": "3.19.3", + "artifact_id": "cp38-cp38-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 374794, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q5hEVklbzp_dFQWZn3FfA5pOVBKuLaJIu0XXCih7N_uA", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q5hEVklbzp_dFQWZn3FfA5pOVBKuLaJIu0XXCih7N_uA", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QrxWvFKj1kILWwfVSY5tEyEXZT9HSZyb2d23ykohfKyk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QrxWvFKj1kILWwfVSY5tEyEXZT9HSZyb2d23ykohfKyk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QrxWvFKj1kILWwfVSY5tEyEXZT9HSZyb2d23ykohfKyk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QXZ0cXXe-_MhB5t7PXnN-SomrcWRFG7EToEgUhfw4Ks8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QFgCBf28XXPjQ0S6eiO4tKBsGl0Wr3dK4NzQ0qpdVI-I", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179201", + "type": "pypi", + "name": "simplejson", + "files": "QTyTUfos7GQcrgHVdZtlU9WQj03DuYKW0Tp6sCjnEBkY", + "version": "3.19.3", + "artifact_id": "cp38-cp38-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 227131, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QD-QEDudcD77w3ekf3BaruscPhcQUtths2q96_Fo7BT8", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp38-win_amd64.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qlc0tsiXvQKq7umEkW4MlO9eoG7MpwYgqkHoROtSc8-8", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QDZYctxz256qF_X94TpvYgjiX-t0bmR6FbbCorVqws64", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qlc0tsiXvQKq7umEkW4MlO9eoG7MpwYgqkHoROtSc8-8", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QzKwqaO1nxK6aWRfM5Tv5O1-nE7J4_SEsl9WqIOoLZsk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QzKwqaO1nxK6aWRfM5Tv5O1-nE7J4_SEsl9WqIOoLZsk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QzKwqaO1nxK6aWRfM5Tv5O1-nE7J4_SEsl9WqIOoLZsk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179202", + "type": "pypi", + "name": "simplejson", + "files": "Qw8j0S11iW3lVReOMh5Ik0cr7e0skKnKdMZkDnbmiils", + "version": "3.19.3", + "artifact_id": "cp38-cp38-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 221491, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QNkFSOXC8tYnRXGwQKqLsnqeSuL5Ka08pd7AmJ85WUUA", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QNkFSOXC8tYnRXGwQKqLsnqeSuL5Ka08pd7AmJ85WUUA", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QNkFSOXC8tYnRXGwQKqLsnqeSuL5Ka08pd7AmJ85WUUA", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q76xjGrUg8PFLi3Wqryx5pn2sSEt0swyhl6JiK8u09us", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp38-win32.pyd" + } + }, + { + "key": "QDy6vOo_L5LxCRN4xVWvEadkLK1Us9P1JvFwM815NNnk", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QhXV81mzIz_S7InyH9eIIGtuCkorYmrSFKws-eB-O69s", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDy6vOo_L5LxCRN4xVWvEadkLK1Us9P1JvFwM815NNnk", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179203", + "type": "pypi", + "name": "simplejson", + "files": "QTCsmizoIGcVdzY0KUHT0pjpbPGieOVffTO3jzbVWXgw", + "version": "3.19.3", + "artifact_id": "cp39-cp39-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 307586, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qd77Vd8WgsXnsGUpYXaDM7TlIdCi8WsxDX6K6nftDYsU", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QGmmJ_bXqwOzW5Fzx4z01aiDA3KuxAPlQpJSA0l06fvI", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QGmmJ_bXqwOzW5Fzx4z01aiDA3KuxAPlQpJSA0l06fvI", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QGmmJ_bXqwOzW5Fzx4z01aiDA3KuxAPlQpJSA0l06fvI", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qd77Vd8WgsXnsGUpYXaDM7TlIdCi8WsxDX6K6nftDYsU", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QHdZhRtW2yakiUmnUH_2R3J5UFYv_e64Wx2UtWeAV9_E", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QSaR5tZbslI2ZHVv8uare9l6LwPJ7AzKWyZoC1N7TsuQ", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179204", + "type": "pypi", + "name": "simplejson", + "files": "Q3HBEFuCOg8lKcY4eNrO6JmOVjYGF5ONkHkuikaC-Heg", + "version": "3.19.3", + "artifact_id": "cp39-cp39-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 225877, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q62w05hULEOQiO2WExZ_mL7Uus96k_y6SgB-zCruCk58", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q62w05hULEOQiO2WExZ_mL7Uus96k_y6SgB-zCruCk58", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QufQmTcZ75xEzzYOAEFDL6VhJCBJYfTNvpdGmFGBa-Uo", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QufQmTcZ75xEzzYOAEFDL6VhJCBJYfTNvpdGmFGBa-Uo", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QYGNQODpreuS05Fx3HymADNOYx7Fi-WkoJnB2DvIKclI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QHdZhRtW2yakiUmnUH_2R3J5UFYv_e64Wx2UtWeAV9_E", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-darwin.so" + } + }, + { + "key": "QufQmTcZ75xEzzYOAEFDL6VhJCBJYfTNvpdGmFGBa-Uo", + "type": 81, + "file": "simplejson/tests/test_fail.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179205", + "type": "pypi", + "name": "simplejson", + "files": "QeyRT4ZaxZ9iBNXJF9A8rKx234vfMil62SNJfXX9bXX8", + "version": "3.19.3", + "artifact_id": "cp39-cp39-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 258444, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QTc4JkiS5maMdop26HE1TpXSgoEIEBmsigXXnApHanvs", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QTc4JkiS5maMdop26HE1TpXSgoEIEBmsigXXnApHanvs", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QHdZhRtW2yakiUmnUH_2R3J5UFYv_e64Wx2UtWeAV9_E", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QY6fwWth-TsRkllo-qRqijPX4ptVTQJF89mA00H_Z_iI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QTQxrnVG0SlXLfyWlcAF0RLfd4_4p2NZS6S3LWlNm_a8", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QTQxrnVG0SlXLfyWlcAF0RLfd4_4p2NZS6S3LWlNm_a8", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QTc4JkiS5maMdop26HE1TpXSgoEIEBmsigXXnApHanvs", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179206", + "type": "pypi", + "name": "simplejson", + "files": "QHFnc8eK4rJCWq9iXfVxM1g0YmPz5WDz7dWwyf8yLW0s", + "version": "3.19.3", + "artifact_id": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 455290, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QYR4ag_emax1wLiUH4U0QYSXHVhI4gOwFi3GyaO20Ph4", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q-7j5gkzQzaYPi6GMpiKMdcVscJw5xg7QyheVzsG-qHQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QaUFxsbNFPC1aIwAaRlc-USJ_o--bX1iSemyA1zKEics", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q-7j5gkzQzaYPi6GMpiKMdcVscJw5xg7QyheVzsG-qHQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QYR4ag_emax1wLiUH4U0QYSXHVhI4gOwFi3GyaO20Ph4", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QYR4ag_emax1wLiUH4U0QYSXHVhI4gOwFi3GyaO20Ph4", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJbZGTxjN295vNsuahD5oTv6Yt8p-vmq1P3ZwyhgeShw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179207", + "type": "pypi", + "name": "simplejson", + "files": "QDdhWnP6G0Mj5mAMYxfDOfbNBNSTyfZ0cZ_j0SeT6KIs", + "version": "3.19.3", + "artifact_id": "cp39-cp39-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 471406, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QnEuJsJduUaK5KKX6ujtzlNacs3aiRR9WjlkKEhLS4v4", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QxpJ5QJ8olkAhXJDSH71nV-rQS7AMoy3Ofe6Yv4W7Qfw", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q66U3T3W87ZOyK0UMR2mceK8aj7HPAWjwrWGiBShUEjo", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QxpJ5QJ8olkAhXJDSH71nV-rQS7AMoy3Ofe6Yv4W7Qfw", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QxpJ5QJ8olkAhXJDSH71nV-rQS7AMoy3Ofe6Yv4W7Qfw", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QnEuJsJduUaK5KKX6ujtzlNacs3aiRR9WjlkKEhLS4v4", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QPNb_A5ivrEXzxyi7Snqxh117ULLEWWIPSDS9dx2IA1A", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179208", + "type": "pypi", + "name": "simplejson", + "files": "QBBKEJbRHpIrnvbbOyecZs2c6PBMonto3XFH8otZozdc", + "version": "3.19.3", + "artifact_id": "cp39-cp39-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 370674, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q_67WqKPxBqIyoN6R_-2uPdxXnlYqc2V4bfNSKmskYEk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q_67WqKPxBqIyoN6R_-2uPdxXnlYqc2V4bfNSKmskYEk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QjcYIVdpGxfS7HuNehwQ33VZ7EkpIrbFLBnmj05Rjytg", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QjcYIVdpGxfS7HuNehwQ33VZ7EkpIrbFLBnmj05Rjytg", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_bbUPEybu9AV4pZssljusj5FMUF9K4Op9jEXNBfTg4Q", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qw_fIwe_0zxRmOzDrKCqTX3MyEcavMkuwV57gLQPib4E", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Q_67WqKPxBqIyoN6R_-2uPdxXnlYqc2V4bfNSKmskYEk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179209", + "type": "pypi", + "name": "simplejson", + "files": "Qe5owuEGobcyOHpcVvYxXDw6-sWnpQPajIOJo6xOPzT0", + "version": "3.19.3", + "artifact_id": "cp39-cp39-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 428068, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q-RxTCNthEjWWb5c5EDNhbR-dysEXAMZDEIE0ka609uc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QwAORK6nV9r10Q3q2bh7NxolL7F_CI4ruTJUrMT9G5Aw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QCSyZSwkCg3Q7N1FM4mNtPRcOMq2TxkHWlWwsQxFIvCQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q-RxTCNthEjWWb5c5EDNhbR-dysEXAMZDEIE0ka609uc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q-RxTCNthEjWWb5c5EDNhbR-dysEXAMZDEIE0ka609uc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QCSyZSwkCg3Q7N1FM4mNtPRcOMq2TxkHWlWwsQxFIvCQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QkGIQsH4bR4SH7xjatklUWKILkHfFVYG7017Ca-ZRpys", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179210", + "type": "pypi", + "name": "simplejson", + "files": "Q1GsajOdWuKEhQIEys2U85i5mgHh5SMTq_QAC4LHKOz4", + "version": "3.19.3", + "artifact_id": "cp39-cp39-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 393124, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Q_piIk3iT9_g7HWtUHtncQj5vNiSe2OvocHKEExk7BE8", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q4dzhzXKFbXdUWHUB1EY6QUwhvzH7R2eTbJGCWOhuvfQ", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Q_HkqENJkQ7Yt4WMhegDeX4kRutcg2WjRXDWKZ9yFs0k", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q4dzhzXKFbXdUWHUB1EY6QUwhvzH7R2eTbJGCWOhuvfQ", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_piIk3iT9_g7HWtUHtncQj5vNiSe2OvocHKEExk7BE8", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q_piIk3iT9_g7HWtUHtncQj5vNiSe2OvocHKEExk7BE8", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJbZGTxjN295vNsuahD5oTv6Yt8p-vmq1P3ZwyhgeShw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179211", + "type": "pypi", + "name": "simplejson", + "files": "QDMXNGTc7Q5szclQhRhRnXhdnz1dAJh1-97YqulUFksM", + "version": "3.19.3", + "artifact_id": "cp39-cp39-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 369970, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qw_fIwe_0zxRmOzDrKCqTX3MyEcavMkuwV57gLQPib4E", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QjORCHnznhzX81HQrAq9HWUk5NsAIGGofOhdJO9-DRf4", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QjORCHnznhzX81HQrAq9HWUk5NsAIGGofOhdJO9-DRf4", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QdiWd4Qz7mJn3z7Iw1wY2B9KUtSHjgZeqlmifjALvgVA", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q2wsYBkXQmaJ6zg8E9yYeZvUFszRv43Wk4B19At9Fbw4", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q2wsYBkXQmaJ6zg8E9yYeZvUFszRv43Wk4B19At9Fbw4", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q2wsYBkXQmaJ6zg8E9yYeZvUFszRv43Wk4B19At9Fbw4", + "type": 81, + "file": "simplejson/tests/test_decode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179212", + "type": "pypi", + "name": "simplejson", + "files": "QzJf1hE5yvUUMunhvYl972W08P1FOWHx_zPv5IbZcS9c", + "version": "3.19.3", + "artifact_id": "cp39-cp39-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 406784, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QqbKFVQomBkVkGjluAe1KAyAitJKFZiXhrJNT0CPZkeY", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QDDqM3yBVbHfaCzaQH30r8w1ymId_PQS90JiSFVaU2Zw", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q66U3T3W87ZOyK0UMR2mceK8aj7HPAWjwrWGiBShUEjo", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qmv0cnRahnEZeaeQReOZ3r1ZXen8rCTEUNkQbgYreFqA", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QqbKFVQomBkVkGjluAe1KAyAitJKFZiXhrJNT0CPZkeY", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QqbKFVQomBkVkGjluAe1KAyAitJKFZiXhrJNT0CPZkeY", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QDDqM3yBVbHfaCzaQH30r8w1ymId_PQS90JiSFVaU2Zw", + "type": 19, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179213", + "type": "pypi", + "name": "simplejson", + "files": "QDZaV4D4gGHLTYOt5yBMuYaJ7lrmAWEVMQVtSaSZ7ZzM", + "version": "3.19.3", + "artifact_id": "cp39-cp39-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "size": 377810, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qr7130Oj2fHKrTJ9u-d8EfDIPEiXG5buru4k5iheHJiU", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QwAORK6nV9r10Q3q2bh7NxolL7F_CI4ruTJUrMT9G5Aw", + "type": 25, + "props": { + "source": "simplejson/_speedups.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJ_UtZLQCoYWSBNNObfiJ4DBlSVFRpuPd2bXMOvwVtxk", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJ_UtZLQCoYWSBNNObfiJ4DBlSVFRpuPd2bXMOvwVtxk", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qr7130Oj2fHKrTJ9u-d8EfDIPEiXG5buru4k5iheHJiU", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QbrhvRTah_KRAPnHVuIZD_rh-kBxP3jW2wZcWhFTlPpk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJ_UtZLQCoYWSBNNObfiJ4DBlSVFRpuPd2bXMOvwVtxk", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179214", + "type": "pypi", + "name": "simplejson", + "files": "QJFzOxO_bHyL0M9PPkvuS4EkTqiiOU5cm_iNe4unEv6w", + "version": "3.19.3", + "artifact_id": "cp39-cp39-win-amd64-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 227131, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "Qpmwvg0oLmMRNDKTFQ_9kIMSBxXT1iiLpwvuOJvUmsvM", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QPH5Q9kZLRNJ1iYL4yZ_JJce4Vp9xtkwvoKD_jWysOUU", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QDuJnFrGk9u6s-3wkP0yOnurWo9yDxF0WABfCrJD3fX4", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp39-win_amd64.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QPH5Q9kZLRNJ1iYL4yZ_JJce4Vp9xtkwvoKD_jWysOUU", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QPH5Q9kZLRNJ1iYL4yZ_JJce4Vp9xtkwvoKD_jWysOUU", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qpmwvg0oLmMRNDKTFQ_9kIMSBxXT1iiLpwvuOJvUmsvM", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QV56H8efyY4xvDF2ES-o9ncsyXH8WTE3jqFVvnX88REk", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15861179215", + "type": "pypi", + "name": "simplejson", + "files": "QT4QInYfqHUFa6Hg6Gi1Cek3kOlrcleqd5aDhn2U-BhE", + "version": "3.19.3", + "artifact_id": "cp39-cp39-win32-whl", + "scores": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-2.1 AND MIT", + "size": 220979, + "author": "bob, florentaide, quodt", + "state": "revalidate", + "alerts": [ + { + "key": "QjZwyNIVU6Qij1u9M55FggnBcoGKzNem0hU8kbInmDFw", + "type": 19, + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q2XVNLH8jPluj_Rru9ER1S5zeZsF4Evmfg9eV3Q9_n74", + "type": 25, + "props": { + "source": "simplejson/_speedups.cp39-win32.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": 15586191, + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QHxPCbwNBMLTFnUCEU4SjpB3a6SQF6eibjI8GL89UuOc", + "type": 81, + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QHxPCbwNBMLTFnUCEU4SjpB3a6SQF6eibjI8GL89UuOc", + "type": 81, + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QHxPCbwNBMLTFnUCEU4SjpB3a6SQF6eibjI8GL89UuOc", + "type": 81, + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QjZwyNIVU6Qij1u9M55FggnBcoGKzNem0hU8kbInmDFw", + "type": 19, + "file": "simplejson/tool.py" + }, + { + "key": "QI33t9srjZY9D53sBUvjUiJWChMFwncCLbz61hy0kvWI", + "type": 63, + "file": "simplejson/tests/test_tool.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15864918404", + "type": "pypi", + "name": "markdown", + "files": "Q91kAzDjyox1ILIuA4Bh23ENdEmdWoHhoa8HrKL9sFj4", + "version": "3.7", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.8688956, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8688956 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 1786020, + "author": "facelessuser, qaramazov, waylan", + "state": "revalidate", + "alerts": [ + { + "key": "QHPY0c7FoMumo0m3uZKKm5e6H3dSUlb6m2g7gemVxyms", + "type": 19, + "file": "markdown-3.7/markdown/test_tools.py" + }, + { + "key": "QPZD9IQq9mMW4CaVCJfPRhko-AHimt4awRiSr8orY61E", + "type": 81, + "file": "markdown-3.7/scripts/griffe_extensions.py" + }, + { + "key": "QHPY0c7FoMumo0m3uZKKm5e6H3dSUlb6m2g7gemVxyms", + "type": 19, + "file": "markdown-3.7/tests/test_apis.py" + }, + { + "key": "QHPY0c7FoMumo0m3uZKKm5e6H3dSUlb6m2g7gemVxyms", + "type": 19, + "file": "markdown-3.7/tests/test_syntax/blocks/test_headers.py" + }, + { + "key": "QLMkXm4XeJSSC6oTzORkztPJHM3U4C_KgDcpEZEzB-FM", + "type": 16, + "file": "markdown-3.7/tests/test_syntax/extensions/test_code_hilite.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLMkXm4XeJSSC6oTzORkztPJHM3U4C_KgDcpEZEzB-FM", + "type": 16, + "file": "markdown-3.7/tests/test_syntax/extensions/test_fenced_code.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOn1dpvusEpSb1t0oshawImGl5yw_qzU9SvlpigVd8EU", + "type": 25, + "props": { + "source": "markdown-3.7/docs/favicon.ico" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15864918405", + "type": "pypi", + "name": "markdown", + "files": "QYA7h3ozGLrmoxfRuPqJhWLXl2z7BbmXPfaSOIPlpnBM", + "version": "3.7", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98156816 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "BSD-3-Clause", + "size": 323679, + "author": "facelessuser, qaramazov, waylan", + "state": "revalidate", + "alerts": [ + { + "key": "QWGyz2AHaOwRFuRHrC1xYrAr1LaHIJkQ9wIEiNmBr1qY", + "type": 19, + "file": "markdown/test_tools.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15887362628", + "type": "pypi", + "name": "pytz", + "files": "Qcp66SiXaP5X-X-H0hjWGYl01oRxTzhD1Hrv-FokBy7E", + "version": "2024.2", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "MIT", + "size": 1057405, + "author": "stub", + "state": "revalidate", + "alerts": [ + { + "key": "Q-uhGHE5PUbSWbaD-rCQ83YY7kVyeMeq9QCb10hMnlvQ", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Mexico/BajaSur" + } + }, + { + "key": "Q5n7CX2BWk4l-0uSxsR8zyaucZngZTmCG8P6NnjAD-ok", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/WET" + } + }, + { + "key": "Q5QVJ_lTFKvtp0cb9r9BNk-D4dpVJO-uKInWn8T3Jl7I", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Ojinaga" + } + }, + { + "key": "Q8aI_Nki-TIrC3vUchRC6z9nFPes8aHBn-Iw345ZPL5M", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Kigali" + } + }, + { + "key": "Q9LiJ5eMyZU1_9ogG6CZDj0m_GxEuPujjcDs1ZgHqc74", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Mexico_City" + } + }, + { + "key": "QAE_iqP6IJRlenvxKiVSbuoHa8cvGt9lBUooWumrqn5s", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Mexico/General" + } + }, + { + "key": "Qcqy6SqD2T1U2Yh-_z4dcr9Vnb66VufxnInckNpEXnTU", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Mazatlan" + } + }, + { + "key": "QDdtdIx12tdMh_iI7AJaTpiR8HqRRnug43IUAiW6QXu8", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Ciudad_Juarez" + } + }, + { + "key": "Qe7kf3G56aI0Z2lwJ9KGMSmASLns942rn9WYutojfo8k", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Santa_Isabel" + } + }, + { + "key": "QHmBfNBY066ivzTD-EJk0k94zDtk49yuEhPR-J-BuFro", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Bujumbura" + } + }, + { + "key": "QifpgRzNtLmD7vEXcInEEcwYD_Mr96fvdJx1_BRwHGCI", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Asia/Dili" + } + }, + { + "key": "QJamvfYrT5qsXrCfvI_sD65EW_e7M4Ux9rxRRF0dFIt4", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Harare" + } + }, + { + "key": "QLPQA7fHEHZVQuDRyyzQR02SuAwOJxWA9M944L1OGLaY", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Mexico/BajaNorte" + } + }, + { + "key": "QMXTKIyMoiveLaKkCl6ktAQmBXyVVTXLqtoy1n7Omvjw", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Cancun" + } + }, + { + "key": "QoBe3OA8PMj0CmQRb0BUPZNEmDeupGoeXux74CUBwEG0", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Gaborone" + } + }, + { + "key": "QoMLOVUqGFOnWXyBX7BRJcDcM21RHbuqEFwhDVe4UXJc", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Tijuana" + } + }, + { + "key": "QP3vBTluvut00BI4NOoJvgoxySICg_JchdFuNWN2czcY", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Chihuahua" + } + }, + { + "key": "QPRNqWpP-9U7dkNrgYmyz5FVrYDNX35IEEsts_Pa4dDo", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Ensenada" + } + }, + { + "key": "QqkgM3R5w5LF0zj-LdfX8_gqyIbSxzVyEQpZsFI_3Tdg", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Merida" + } + }, + { + "key": "QS7GdU4um1InC7E5YmT4b17GMGEp2vDx8Il0ljCCLC1c", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Portugal" + } + }, + { + "key": "Qt58mCnWe4pLm4qlvYWvlcI6BED9hRL4RBt7us13UBZs", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Blantyre" + } + }, + { + "key": "QTa3OXowibYcJCOB3ziASlF8_vdPYSs0ZQ5R2bvrqntI", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Bahia_Banderas" + } + }, + { + "key": "QtOPxebS7mZDD-6jAIlMRrfxP_2nK2AdaeQh3Kw8xuNc", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Monterrey" + } + }, + { + "key": "QUSzHcmezkfDDl89SoPyF4XS8zc61YbRqvARQBs0wO0A", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Lusaka" + } + }, + { + "key": "QVEQVH2wigTViYgrIAkgMslkDsAJPpOFev3eSuybm_hM", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Hermosillo" + } + }, + { + "key": "QwshVaEp5KPlCTHYYthZGuf3E7F-cM0-Cc81z70XuH7Y", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Lubumbashi" + } + }, + { + "key": "Qwuwg3WGcigoraQeJCAr1zmP-UKrlugfmgYwdK38j_2I", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Atlantic/Azores" + } + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": 19, + "file": "pytz-2024.2/pytz/tzfile.py" + }, + { + "key": "QxQNKWyiHZ0vcRswhvwG4Qn1zthjprue89VRS3odTL4M", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Maputo" + } + }, + { + "key": "QXRlrNsTSu4Kej--ht4c6CqQuSO1miHzDHEUDEprr9UQ", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Europe/Lisbon" + } + }, + { + "key": "Qxude3eyvSApoIz6tWaq8AM8AonT9Uh3WMG1lqEVC9Us", + "type": 25, + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Atlantic/Madeira" + } + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": 19, + "file": "pytz-2024.2/pytz/__init__.py" + }, + { + "key": "QRhUn4ZwSR-PqpZLcLs5Hy289lEbVBGwG1adZSnFSDCc", + "type": 16, + "file": "pytz-2024.2/pytz/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": 19, + "file": "pytz-2024.2/pytz/tests/test_docs.py" + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": 19, + "file": "pytz-2024.2/setup.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15921473454" + ] + }, + "id": "15887362629", + "type": "pypi", + "name": "pytz", + "files": "QcpvHExxTkQLziIykUp6lGxC_J5o9a8F3gEqTrT9n6Ak", + "version": "2024.2", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 1007094, + "author": "stub", + "state": "revalidate", + "alerts": [ + { + "key": "Qeqf9MNYKlZLXJMPYRAMcT-Y0vPGB1HrMFjLnHt-9TNE", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Tijuana" + } + }, + { + "key": "QCHabsO8IlR86gEx9Ibf8cltlFPKApk5sNvCX2dgSAvU", + "type": 16, + "file": "pytz/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QL9zueFdZvuIRhuZf3xG9fbA5XfvRM-m9rO7FvqiiJPA", + "type": 19, + "file": "pytz/__init__.py" + }, + { + "key": "QL9zueFdZvuIRhuZf3xG9fbA5XfvRM-m9rO7FvqiiJPA", + "type": 19, + "file": "pytz/tzfile.py" + }, + { + "key": "QYZ69zmu8MhQTVX4CSGDCwgYU91BPaTDCXpDh74PMf5I", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Mexico/General" + } + }, + { + "key": "QXmcfZKSFXItk1yiQAg15QEAuZ6AxD9vUwWNLoNjVFlM", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Lusaka" + } + }, + { + "key": "QXjKXkZ4O2gTBIDBo-Y381ndvKvCexA93DvDyfuQ_qSg", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Atlantic/Azores" + } + }, + { + "key": "QW1wf0wgytLFeR5M4MK66qwYpMGwI2BLxmGpGPOCHjSk", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Bujumbura" + } + }, + { + "key": "QtUEKTkq3Zw2v75vvNOu55zaIKeJF64bw7JqpdH6hkx0", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Cancun" + } + }, + { + "key": "QsBmxqkaOCf6lDHgGEJ6bB1RN9ozoCHh1K_x_Oez0olk", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Maputo" + } + }, + { + "key": "QOqMpKmvs6Qj2kaXl-f-IhsHSR9UiZBVOsPJHzoNd-ec", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Merida" + } + }, + { + "key": "QOe64R69J3nuNoFNPUT96_xD6JUE6uDO56w12aRcMsfI", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Lubumbashi" + } + }, + { + "key": "QnvVZIQkFFA36HuVBJ3SUdRvbVXM_r6SX8_uPUkOnYNI", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Hermosillo" + } + }, + { + "key": "QmpV_6aqJ87y-SIlYA9zH5h6L6FKwL6w3_-P3RTxoLjo", + "type": 25, + "props": { + "source": "pytz/zoneinfo/WET" + } + }, + { + "key": "QmFMaAahiXR1TAJya8YGi7w_bTgAd0iuLQtKpAm6g-68", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Mazatlan" + } + }, + { + "key": "QieQjRGAiuC14pW5TfjtVopiycpwvL1TEsqmzOQHGFNA", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Mexico/BajaNorte" + } + }, + { + "key": "QGoGF-2IYJo4pS_p0aR4ckLLaez6o64of60u1qewY9S0", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Atlantic/Madeira" + } + }, + { + "key": "QeyuAFApDjg78SXLgRwr-RnLz2S6FTK2vHZo2vxK4sns", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Blantyre" + } + }, + { + "key": "QEOGm67lx3wN6VUKMcq_TMba_vViMd6jZVoyNI1VVVy8", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Portugal" + } + }, + { + "key": "QeboHwEyjlHcMKkp5yPraufJFFj-aUwTY-hYn-hreXkU", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Gaborone" + } + }, + { + "key": "QdxvfqabC2OM6alOjugT8B7BEIdKKhQfj4corCYwI08w", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Santa_Isabel" + } + }, + { + "key": "QDCqEoN6c33-VPtje4ppugPII9ewyGtL9KkGr-lgl3ok", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Kigali" + } + }, + { + "key": "QDcnb3-0lgOyWVwxqTPUHM6JfmPkzFhrQQCjXzywiyrg", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Africa/Harare" + } + }, + { + "key": "QcmhVITUkRPrhuee_yYPYnqw72BjTUEEYHUfpoQbZOE8", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Ojinaga" + } + }, + { + "key": "Qcjbcwyx7-WwG5PKd8JhaR2VsRxVBV5Xg4caoCgs2ues", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Asia/Dili" + } + }, + { + "key": "Q9_Q-dvX8eOH0VnMgY2ENsGYY-1WU04zWAumDO3prdWY", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Chihuahua" + } + }, + { + "key": "Q7itDm415anvyciW07KLL50tXMb9ncC6eEC-xo475JuY", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Monterrey" + } + }, + { + "key": "Q5LjrpI50qSGlH6zKx7LebpJ1CPnJUZL6MgAEkw55E48", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Europe/Lisbon" + } + }, + { + "key": "Q3Sr4MlQRIb_RV4aAYqrApKCwM_LOOi-s4-N8U-8znKo", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Ciudad_Juarez" + } + }, + { + "key": "Q0ZQeYEyT69gjp1sKbcdNEb6B5EyAQYY2tcYGZH47rc0", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Ensenada" + } + }, + { + "key": "Q0wMJsQgwcxep1u-ygGt7oaf3VNCFUmbgp59g2GeQPGs", + "type": 25, + "props": { + "source": "pytz/zoneinfo/Mexico/BajaSur" + } + }, + { + "key": "Q0nWQkwDjI-qMqtO_n1Fn86RHCQ4U9lHxhir8kNNW7o4", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Mexico_City" + } + }, + { + "key": "Q-74e-V54skJJ9jMBcgYspjxc8caRKbCY8Xu-wjXRyFM", + "type": 25, + "props": { + "source": "pytz/zoneinfo/America/Bahia_Banderas" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15887609471", + "type": "pypi", + "name": "sphinx-lint", + "files": "QVpOW3I_ni_UYbYFpk0bgwSaFhdU5dWiHRlK1yRQfmPk", + "version": "1.0.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.9399659, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9399659 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "PSF-2.0", + "size": 107555, + "author": "ezio.melotti, hugovk, JulienPalard", + "state": "revalidate", + "alerts": [ + { + "key": "QItp8vAiLS-AHGpFNDms2cz7uOHSJ_gvMBfizG1B5nPA", + "type": 19, + "file": "sphinx_lint-1.0.0/sphinxlint/sphinxlint.py" + }, + { + "key": "QItp8vAiLS-AHGpFNDms2cz7uOHSJ_gvMBfizG1B5nPA", + "type": 19, + "file": "sphinx_lint-1.0.0/tests/test_sphinxlint.py" + }, + { + "key": "QeHuG_SPAdX3PNXFMHjoCxbYqCwKCcJ1FbkDazfKnJD8", + "type": 81, + "file": "sphinx_lint-1.0.0/sphinxlint/checkers.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15887609472", + "type": "pypi", + "name": "sphinx-lint", + "files": "QI5Rw8F3w37hwUZgpyEVEb_b71uB34KYg6MufZ5Efvm8", + "version": "1.0.0", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.9575573, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9575573 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "PSF-2.0", + "size": 56732, + "author": "ezio.melotti, hugovk, JulienPalard", + "state": "revalidate", + "alerts": [ + { + "key": "QFGsN8T31iPxcMBCFU03w0yuf1cE4lnZ4QTXckjbLomI", + "type": 19, + "file": "sphinxlint/sphinxlint.py" + }, + { + "key": "QtcQIQ6QignwWkxY34dfUuqZUxwdTF1QADvaWKsrw5TU", + "type": 81, + "file": "sphinxlint/checkers.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15897470441", + "type": "pypi", + "name": "types-docutils", + "files": "Q9OxniTbzf8CyAGfPaYCRND-BcrqP1OwdK5_gJ8XS6Y8", + "version": "0.21.0.20241005", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9907412 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "Apache-2.0", + "size": 84455, + "author": "typeshed_bot", + "state": "revalidate", + "alerts": [ + { + "key": "QYRN9fgKexgkDL6FxdQhac--U4LfyH2SSdOgCOVUWv-w", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "types-docutils-0.21.0.20241005/types_docutils.egg-info/PKG-INFO" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15897470442", + "type": "pypi", + "name": "types-docutils", + "files": "QQkRMb5Y8xejDlUMSjpaK44F3d-QC7ZDUNKWgYbclFec", + "version": "0.21.0.20241005", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "Apache-2.0", + "size": 75044, + "author": "typeshed_bot", + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15901037714", + "type": "pypi", + "name": "sphinx", + "files": "null", + "version": "8.1.3", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.1603496, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.1603496 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": true + }, + "license": "BSD-2-Clause", + "size": 20662331, + "author": "AA-Turner, tk0miya", + "state": "revalidate", + "alerts": [ + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/testing/fixtures.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/sphinx/testing/fixtures.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/testing/path.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/testing/path.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/themes/basic/static/doctools.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/themes/basic/static/searchtools.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/themes/bizstyle/static/css3-mediaqueries.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/themes/bizstyle/static/css3-mediaqueries_src.js" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/theming.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/theming.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/transforms/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/transforms/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/transforms/post_transforms/images.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/transforms/post_transforms/images.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/console.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/console.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/docfields.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/docutils.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/util/docutils.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/docutils.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/exceptions.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/fileutil.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/i18n.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/images.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/inventory.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/inventory.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/nodes.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/osutil.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/util/png.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/util/requests.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/tags.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/util/template.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/versioning.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/writers/html5.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/tests/js/fixtures/titles/searchindex.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/tests/js/jasmine-browser.mjs" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/tests/js/searchtools.spec.js" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/tests/js/searchtools.spec.js" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/roots/test-apidoc-toc/mypackage/main.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/roots/test-ext-imgmockconverter/mocksvgconverter.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_application.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_application.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_builders/test_build.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_builders/test_build.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/tests/test_builders/test_build_epub.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_builders/test_build_epub.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/tests/test_builders/test_build_gettext.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_builders/test_build_linkcheck.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/tests/test_builders/test_build_linkcheck.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_builders/test_build_linkcheck.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/tests/test_builders/test_build_texinfo.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_directives/test_directives_no_typesetting.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/tests/test_domains/test_domain_py.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/tests/test_domains/test_domain_py_pyfunction.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_domains/test_domain_std.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_environment/test_environment.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_environment/test_environment.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_environment/test_environment_indexentries.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_environment/test_environment_record_dependencies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_environment/test_environment_toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_extensions/autodoc_util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_apidoc.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_autodoc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_imgconverter.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_intersphinx.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_math.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_math.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_viewcode.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_intl/test_catalogs.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_intl/test_intl.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_intl/test_locale.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_markup/test_markup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_pycode/test_pycode_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/tests/test_quickstart.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_theming/test_theming.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_theming/test_theming.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/tests/test_transforms/test_transforms_move_module_targets.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/tests/test_transforms/test_transforms_post_transforms.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_util/test_util.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_util/test_util_i18n.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/tests/test_versioning.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/tests/utils.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/utils/babel_runner.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/utils/babel_runner.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/directives/other.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/directives/code.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/config.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/config.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/cmd/quickstart.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/cmd/quickstart.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/cmd/make_mode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/builders/linkcheck.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/texinfo.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/text.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/xml.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/_domains_container.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/c/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/c/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/c/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/changeset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/citation.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/cpp/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/cpp/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/cpp/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/index.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/javascript.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/math.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/python/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/latex/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/latex/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/html/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/html/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/gettext.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/gettext.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/epub3.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/changes.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/domains/python/_annotations.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/python/_annotations.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/python/_object.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/domains/std/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/environment/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/adapters/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/adapters/indexentries.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/adapters/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/collectors/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/collectors/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/collectors/dependencies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/collectors/metadata.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/_epub_base.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/builders/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/application.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/application.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/_cli/util/errors.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/_cli/util/colour.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/collectors/title.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/environment/collectors/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/events.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/apidoc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/autodoc/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/ext/autodoc/directive.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/autodoc/directive.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/autodoc/importer.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/ext/autosummary/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/autosummary/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/ext/autosummary/generate.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/autosummary/generate.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/cmd/build.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/cmd/build.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/cmd/make_mode.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/sphinx/cmd/make_mode.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/ext/coverage.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/ext/doctest.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/ext/githubpages.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/githubpages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/builders/singlehtml.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/sphinx/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/doc/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/ext/graphviz.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/sphinx/ext/graphviz.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/sphinx/ext/imgconverter.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/ext/imgmath.py" + }, + { + "key": "QFdBFEk6HK1nRwGc3uTLcwP7Up5aKP3wRhBfNxhyzTtg", + "type": 25, + "props": { + "source": "sphinx-8.1.3/tests/roots/test-locale/locale1/en/LC_MESSAGES/myext.mo" + } + }, + { + "key": "Q2s8fBgZYpB4kk_A9Dv1I9xFptbI7ODBk7BItUVcVoOI", + "type": 25, + "props": { + "source": "sphinx-8.1.3/tests/roots/test-locale/locale1/et/LC_MESSAGES/myext.mo" + } + }, + { + "key": "Q0DzbsTcAevF3-tdyaJIkEk9xEVJ7lH0aWJqlEpxHpPw", + "type": 25, + "props": { + "source": "sphinx-8.1.3/tests/roots/test-apidoc-duplicates/fish_licence/halibut.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/utils/generate_js_fixtures.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/utils/generate_js_fixtures.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/utils/bump_version.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/utils/bump_docker.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/utils/babel_runner.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": 63, + "file": "sphinx-8.1.3/sphinx/ext/imgmath.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/inheritance_diagram.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/__init__.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_cli.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_resolve.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_shared.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_shared.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/mathjax.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/todo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/ext/viewcode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/io.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/jinja2glue.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/locale/lt/LC_MESSAGES/sphinx.js" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": 81, + "file": "sphinx-8.1.3/sphinx/locale/et/LC_MESSAGES/sphinx.js" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/parsers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": 47, + "file": "sphinx-8.1.3/sphinx/pycode/parser.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/roles.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": 19, + "file": "sphinx-8.1.3/sphinx/search/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": 16, + "file": "sphinx-8.1.3/sphinx/search/minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15901037715", + "type": "pypi", + "name": "sphinx", + "files": "null", + "version": "8.1.3", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.20731574, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.20731574 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": true + }, + "license": "BSD-2-Clause", + "size": 12958131, + "author": "AA-Turner, tk0miya", + "state": "revalidate", + "alerts": [ + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/intersphinx/_shared.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/mathjax.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/todo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/viewcode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/io.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/jinja2glue.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/locale/et/LC_MESSAGES/sphinx.js" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/locale/lt/LC_MESSAGES/sphinx.js" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/parsers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/pycode/parser.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/roles.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/search/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/non-minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/non-minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/non-minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/search/non-minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/testing/fixtures.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": 63, + "file": "sphinx/testing/fixtures.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/testing/path.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/testing/path.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/themes/basic/static/doctools.js" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/themes/basic/static/searchtools.js" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/themes/bizstyle/static/css3-mediaqueries.js" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/themes/bizstyle/static/css3-mediaqueries_src.js" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/theming.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/theming.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/transforms/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/transforms/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/transforms/post_transforms/images.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/transforms/post_transforms/images.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/console.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/console.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/docfields.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/docutils.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/util/docutils.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/docutils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/exceptions.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/fileutil.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/i18n.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/images.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/inventory.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/inventory.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/nodes.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/osutil.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/util/png.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/util/requests.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/tags.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/util/template.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/versioning.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/writers/html5.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/adapters/indexentries.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/adapters/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/environment/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/std/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/python/_object.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/python/_annotations.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/domains/python/_annotations.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/python/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/math.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/javascript.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/index.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/cpp/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/cpp/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/cpp/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/citation.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/changeset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/c/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/c/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/c/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/_domains_container.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/domains/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/directives/other.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/directives/code.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/config.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/config.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/cmd/quickstart.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/cmd/quickstart.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/cmd/make_mode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": 63, + "file": "sphinx/cmd/make_mode.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/cmd/make_mode.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/cmd/build.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/cmd/build.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/xml.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/text.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/texinfo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/singlehtml.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/builders/linkcheck.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/latex/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/latex/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/html/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/html/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/gettext.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/gettext.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/epub3.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/changes.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/_epub_base.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/builders/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/builders/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/application.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/application.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/_cli/util/errors.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/_cli/util/colour.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": 63, + "file": "sphinx/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/adapters/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/collectors/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/collectors/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/collectors/dependencies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/collectors/metadata.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/collectors/title.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/environment/collectors/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/events.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/apidoc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/autodoc/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/ext/autodoc/directive.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/autodoc/directive.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/autodoc/importer.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/ext/autosummary/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/autosummary/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/ext/autosummary/generate.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/autosummary/generate.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/ext/coverage.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": 81, + "file": "sphinx/ext/doctest.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/ext/githubpages.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/githubpages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/ext/graphviz.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": 63, + "file": "sphinx/ext/graphviz.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": 63, + "file": "sphinx/ext/imgconverter.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/ext/imgmath.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": 63, + "file": "sphinx/ext/imgmath.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/inheritance_diagram.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/ext/intersphinx/__init__.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/ext/intersphinx/_cli.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": 19, + "file": "sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": 16, + "file": "sphinx/ext/intersphinx/_resolve.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": 47, + "file": "sphinx/ext/intersphinx/_shared.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15907378942", + "type": "pypi", + "name": "pytest-cov", + "files": "null", + "version": "6.0.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.7823342, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.7823342 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND MIT", + "size": 246669, + "author": "ionel", + "state": "revalidate", + "alerts": [ + { + "key": "Q-YUSPRfsZetQ55D1g_AQDaY_IDt8uw0Ed_RJuN2fDFk", + "type": 81, + "file": "pytest-cov-6.0.0/setup.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": 16, + "file": "pytest-cov-6.0.0/src/pytest_cov/embed.py", + "props": { + "envVars": "" + } + }, + { + "key": "QHI01dqQv_jU5fXaH8-v73dmt07Q8A_fCE53tj-22tPA", + "type": 47, + "file": "pytest-cov-6.0.0/src/pytest_cov/engine.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": 16, + "file": "pytest-cov-6.0.0/src/pytest_cov/engine.py", + "props": { + "envVars": "" + } + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": 16, + "file": "pytest-cov-6.0.0/src/pytest_cov/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_SmhNHM9MJOJAweavi7jr3Z1cnOMvvy2iDVeTkCvR_A", + "type": 19, + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py" + }, + { + "key": "QNS6-zfk8JWUrT1TaC4gzxiTImp8EDaiwINIbxsBX63Q", + "type": 63, + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py" + }, + { + "key": "Q-YUSPRfsZetQ55D1g_AQDaY_IDt8uw0Ed_RJuN2fDFk", + "type": 81, + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": 16, + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNS6-zfk8JWUrT1TaC4gzxiTImp8EDaiwINIbxsBX63Q", + "type": 63, + "file": "pytest-cov-6.0.0/ci/bootstrap.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": 16, + "file": "pytest-cov-6.0.0/ci/bootstrap.py", + "props": { + "envVars": "" + } + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": 16, + "file": "pytest-cov-6.0.0/docs/conf.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15907378943", + "type": "pypi", + "name": "pytest-cov", + "files": "null", + "version": "6.0.0", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.92296594, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.92296594 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": true, + "shell": false, + "unsafe": false + }, + "license": "AFL-1.1 AND MIT", + "size": 70358, + "author": "ionel", + "state": "revalidate", + "alerts": [ + { + "key": "Q-fUfKQ83XtKa81DsgTeT2aCmguuKezEWvnoxBsQic5c", + "type": 16, + "file": "pytest_cov/embed.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5TdHTSifRiNvWKftpg_5Hk43J6NgGUojbYNfOgAhkdA", + "type": 47, + "file": "pytest_cov/engine.py" + }, + { + "key": "Q-fUfKQ83XtKa81DsgTeT2aCmguuKezEWvnoxBsQic5c", + "type": 16, + "file": "pytest_cov/engine.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q-fUfKQ83XtKa81DsgTeT2aCmguuKezEWvnoxBsQic5c", + "type": 16, + "file": "pytest_cov/plugin.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541591", + "type": "pypi", + "name": "regex", + "files": "QbIbYEblCizBhlOkMnZYyrTCcrGdbGGliHvV6-7iLcwY", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2009614, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QKYJ5JA93QGRO4AvPYEDp4VANKF1woB2-vjKdmeHbeKw", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QiSIvm6BbwtJDap5L5DVsitmNiDroGKLdkZ4NvVg3bUU", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-darwin.so" + } + }, + { + "key": "QKYJ5JA93QGRO4AvPYEDp4VANKF1woB2-vjKdmeHbeKw", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541592", + "type": "pypi", + "name": "regex", + "files": "QYTrNo4J8obAC2Dji5EpamawSIa2AX36oaBN0OhmRll4", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1222297, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QiSIvm6BbwtJDap5L5DVsitmNiDroGKLdkZ4NvVg3bUU", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-darwin.so" + } + }, + { + "key": "QNjkMEFxTec0b2j4PT_859wX5V42ZA4htAHKXrEcroHI", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QNjkMEFxTec0b2j4PT_859wX5V42ZA4htAHKXrEcroHI", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541593", + "type": "pypi", + "name": "regex", + "files": "QVncrfBe_obNcyI-xtqUG_2CKPKBntpamO0LeijmScRY", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1223176, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QiSIvm6BbwtJDap5L5DVsitmNiDroGKLdkZ4NvVg3bUU", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-darwin.so" + } + }, + { + "key": "Qoi-5v7U9A0kHlBEn4rQnKLqqKCBvRvwT_H1kIXIWQUI", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qoi-5v7U9A0kHlBEn4rQnKLqqKCBvRvwT_H1kIXIWQUI", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541594", + "type": "pypi", + "name": "regex", + "files": "QEpjrfLqdNEJW6w7cPhT7pUIeuRREl39AhGBqd2kAFAM", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3104200, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QqtG4hYYx0SfDUpcPh98hMixXaYtEwCNGqT-S7OF91oc", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q2WfgQmRIEOFHkZ2Buiie20h7WbzPeZHmncwECUB_rlM", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q2WfgQmRIEOFHkZ2Buiie20h7WbzPeZHmncwECUB_rlM", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541595", + "type": "pypi", + "name": "regex", + "files": "QL0YG2gMsururJNcBTxky4v5-nGRYUWcEQFRvOGZGaIw", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3171524, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QKaWD6szi_9w7XjGv6qk4vR5U-uwyuhZI9wYCiC4GC88", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QYdfOOhbOjsCbMuuhfBb9xCarrp-FHMRcMuag-bhFdog", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QKaWD6szi_9w7XjGv6qk4vR5U-uwyuhZI9wYCiC4GC88", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541596", + "type": "pypi", + "name": "regex", + "files": "QZMVC5L-hBYE69Zx8NHz_-EC0R9FTtGLrQQM-P8rkDwg", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3062194, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QKgFaCEMZuZvodNa1FQ6qlAbM7nPEAlZv98RX9qITqlI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QuIc9volNTJQC5e-NIfhFu1JeJinZIfdArCgJHGWhs_o", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QuIc9volNTJQC5e-NIfhFu1JeJinZIfdArCgJHGWhs_o", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541597", + "type": "pypi", + "name": "regex", + "files": "Qt60LltmzVhkY7xmFZHIzkrJ_kWqWHqkZWrzwWM5V3B8", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2997877, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qk-rfG9jepVO1nOdFL0lskcXi3uv7XrvtVUGrGheCHrw", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qk-rfG9jepVO1nOdFL0lskcXi3uv7XrvtVUGrGheCHrw", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QiUcsVUN3ANZEvvEAP7rb4Q379DzmqVgZC6ZaBORf9Ds", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541598", + "type": "pypi", + "name": "regex", + "files": "Qqxdz8bktgAZ7SjphLiryi_Vc750l4bPknvpjQH91Rhs", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2530580, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qwg9HdaT9RNH1rIRrRuxF1jAkyI9P9CGXijFwsbLOY5A", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qwg9HdaT9RNH1rIRrRuxF1jAkyI9P9CGXijFwsbLOY5A", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QLkAJrkdEv03BOaWWQkGx6ZFmnWXOP2ZqyWgRHeKSPRo", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-i386-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541599", + "type": "pypi", + "name": "regex", + "files": "QGtoVGF3obIuaZLmaRnHRTKuNBp117vg7ijJIpVzcKjs", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-12-x86-64-manylinux2010-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2655494, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QhWcYQPU1Y8wP7N5yut3ZU_3A50HYJbuT44Dt7ka-0cs", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QiUcsVUN3ANZEvvEAP7rb4Q379DzmqVgZC6ZaBORf9Ds", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QhWcYQPU1Y8wP7N5yut3ZU_3A50HYJbuT44Dt7ka-0cs", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541600", + "type": "pypi", + "name": "regex", + "files": "Q47iTi5kGMyNYkIFaRp6CmKCdDjD2MSaEZ3HUV8AS1d0", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2499224, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q5bt8Yoj3F1mgZNrScLHwSkTCGO9cQaZGz5Zg7Z6Dpmk", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q5bt8Yoj3F1mgZNrScLHwSkTCGO9cQaZGz5Zg7Z6Dpmk", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QqtG4hYYx0SfDUpcPh98hMixXaYtEwCNGqT-S7OF91oc", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541601", + "type": "pypi", + "name": "regex", + "files": "QM74ylly5dm6M4Ok32cDVxiHZieHilaI7jXwLlSoMUpc", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2371770, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q-T-dXUxW0reM3ImKx7mfftOWvhoM110d_wiW9NZt-tU", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QLkAJrkdEv03BOaWWQkGx6ZFmnWXOP2ZqyWgRHeKSPRo", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Q-T-dXUxW0reM3ImKx7mfftOWvhoM110d_wiW9NZt-tU", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541602", + "type": "pypi", + "name": "regex", + "files": "Q_3rnCfgemgiuSg6DX4x07i_jNfCkFB0BREOekS_jQp8", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2647804, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q5Q44sy6Dl5JH9GQu2PrOmacPTDAS3-LTVLw2g46RYUY", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q5Q44sy6Dl5JH9GQu2PrOmacPTDAS3-LTVLw2g46RYUY", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QYdfOOhbOjsCbMuuhfBb9xCarrp-FHMRcMuag-bhFdog", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541603", + "type": "pypi", + "name": "regex", + "files": "null", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2629228, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QvggaDis5AhgNVa78_yFE6IzULuBr0-Dy2O6RD96h20Q", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QKgFaCEMZuZvodNa1FQ6qlAbM7nPEAlZv98RX9qITqlI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QvggaDis5AhgNVa78_yFE6IzULuBr0-Dy2O6RD96h20Q", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541604", + "type": "pypi", + "name": "regex", + "files": "null", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2427054, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QyftYulfPvgP0nM--LkHTwV_z06WuVG0L3EG5Hje8MUk", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QiUcsVUN3ANZEvvEAP7rb4Q379DzmqVgZC6ZaBORf9Ds", + "type": 25, + "props": { + "source": "regex/_regex.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QyftYulfPvgP0nM--LkHTwV_z06WuVG0L3EG5Hje8MUk", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541605", + "type": "pypi", + "name": "regex", + "files": "QLaFD1wkl9k1H9v3xXBp_rGrw8Ig71MSMWurzmLZnn8Y", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-win-amd64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1181196, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QNYKUjsryJ_08S-zYYohVJ2BNC2dMfRi-7DJCkkSE95w", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QXz2L2gvRuAZQrk2ERJ3vBO2fG72VurdC3nSty4MCLlo", + "type": 25, + "props": { + "source": "regex/_regex.cp310-win_amd64.pyd" + } + }, + { + "key": "QNYKUjsryJ_08S-zYYohVJ2BNC2dMfRi-7DJCkkSE95w", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541606", + "type": "pypi", + "name": "regex", + "files": "QvnKoiGwPvK_FB47mSZyG2nu6PYqLOQEBWJbdfvFg8ao", + "version": "2024.11.6", + "artifact_id": "cp310-cp310-win32-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1136643, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QjiVXOZ-z7MPI-PJ89JQOyR5_4Cf_-9auOuV9QSmQH5U", + "type": 25, + "props": { + "source": "regex/_regex.cp310-win32.pyd" + } + }, + { + "key": "Q-nIm73kK_hxLffplhPGHJiMy9qiLT3SJtYUD65P0Xss", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q-nIm73kK_hxLffplhPGHJiMy9qiLT3SJtYUD65P0Xss", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541607", + "type": "pypi", + "name": "regex", + "files": "QokFKRQflBYZH50YOfm49sWLNmBqQzsop-bQY19y4i9U", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2009614, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q5_JTElNM8g8B2R5aWUCHyIJqNWoIgvidyEt1mx7MeSg", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-darwin.so" + } + }, + { + "key": "QO_PKnkprw7XSAQTvab7BxvYO7Con01aUzhx8A6pipzQ", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QO_PKnkprw7XSAQTvab7BxvYO7Con01aUzhx8A6pipzQ", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541608", + "type": "pypi", + "name": "regex", + "files": "QnG0uBxAYkZIb21U-m0tXJ93i1kCFmd30uvWBadszPWc", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1222297, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q5_JTElNM8g8B2R5aWUCHyIJqNWoIgvidyEt1mx7MeSg", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-darwin.so" + } + }, + { + "key": "QoVQHGqhwbJ3J17JjnFoSoitj58EiTOCPIL27SqH6YMA", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QoVQHGqhwbJ3J17JjnFoSoitj58EiTOCPIL27SqH6YMA", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541609", + "type": "pypi", + "name": "regex", + "files": "Q7oBtKY7BNcppq2QAKAZ0mL_SQgrZKz1bXMaqaX32lkA", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1223176, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QCxeywETrNWtGsMaZwzEAOY4sGardwbEtZcsnCyNv0OA", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q5_JTElNM8g8B2R5aWUCHyIJqNWoIgvidyEt1mx7MeSg", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-darwin.so" + } + }, + { + "key": "QCxeywETrNWtGsMaZwzEAOY4sGardwbEtZcsnCyNv0OA", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541610", + "type": "pypi", + "name": "regex", + "files": "null", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3147088, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QIBam7WKrd-ysZp37AIERtKmtoMO4uZv1JU-bNLfbeoM", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Q2k4hUm6635mtxRVhtvY9bLXlWVGTPhWL3dyhbBI6B4g", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q2k4hUm6635mtxRVhtvY9bLXlWVGTPhWL3dyhbBI6B4g", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541611", + "type": "pypi", + "name": "regex", + "files": "null", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3212284, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QPS1JDAoSKoG8EDHFNneqOMs-95kVdLtiv4t6tKT7Owc", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q8bb4TzgtUkVpngwn4f67xQote4Hw56pbl9ExepsKdqM", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q8bb4TzgtUkVpngwn4f67xQote4Hw56pbl9ExepsKdqM", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910541612", + "type": "pypi", + "name": "regex", + "files": "null", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3099850, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QOEZlMJAeQEu62PB3RUYB9KLr1eMzhR7gQBeQKl8mqCA", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QFYR8_VMIvNgz1N7Kt6R7Xbq53GeU9FdzWgcgKtJLS-k", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QOEZlMJAeQEu62PB3RUYB9KLr1eMzhR7gQBeQKl8mqCA", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542692", + "type": "pypi", + "name": "regex", + "files": "Q_wjS0z0bJmx3nI8qOsTSSdYXD-9U17nAviw_XPcRLD8", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3037581, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QPpoJENl65rs2P88k5JaQlKOGGIaKhmWFrPC7Xr8hwCI", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QPpoJENl65rs2P88k5JaQlKOGGIaKhmWFrPC7Xr8hwCI", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QtoBXLqnEwCSDh-62sNYIxBtLlGgyy4T4zemy6T3F3nA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-x86_64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542693", + "type": "pypi", + "name": "regex", + "files": "QJ-68aZY4UHnv8fo7WVeaYyiIsdgr-Z0JTLAceNvoBA0", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2557432, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QTV7Ew9ZsRidfgv1v6yttQgi6eUiVaJ8xdQdNwleMMS4", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qe-FALem0oYBmq-BiaI_nqfIhdCpZxDkjk-nhD3lNprY", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QTV7Ew9ZsRidfgv1v6yttQgi6eUiVaJ8xdQdNwleMMS4", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542694", + "type": "pypi", + "name": "regex", + "files": "QQsakPIHB1WddlLkDu1PhD_8v2-J1pZqMyI5P4oRC6zg", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2525009, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QDDRdTpYa7tq385RfLH5Tvt60XT3rA8DPmWzdKfZL4Jk", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QXTVMFbMaknI8z22RDs1-j0kxANad1PEWt-7j9zDw8QI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QDDRdTpYa7tq385RfLH5Tvt60XT3rA8DPmWzdKfZL4Jk", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542695", + "type": "pypi", + "name": "regex", + "files": "QaiXXmMt-RRpAC8Vwkz8jQAfAQ2gT5fRBL68S1CUuPbE", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2393767, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qxr2Xu4tWIsC7hf7_gs9h7DDp3KUwORCgtudeAVcX6tc", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-i386-linux-musl.so" + } + }, + { + "key": "Q1SK5HoJ2aq6toatnz9IZ8HNtG39cAcZR1sUfIy9FXc0", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q1SK5HoJ2aq6toatnz9IZ8HNtG39cAcZR1sUfIy9FXc0", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542696", + "type": "pypi", + "name": "regex", + "files": "QI-2OPC0BNWs7G0kU_EOUB5OiL4yvwH8zJGSIcaqqfKU", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2674421, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QCFIWPlyob4nfs6f1cX5v-9hF9x4DlRUwFfN_-5Vu3J0", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QF6jZ-Pyle5pTdlCCRt5pmViBy5IIGYu7Om_x9E5bsYM", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "QCFIWPlyob4nfs6f1cX5v-9hF9x4DlRUwFfN_-5Vu3J0", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542697", + "type": "pypi", + "name": "regex", + "files": "QRUXwn1uxZvFlMepCgyxcVfKiikB7wpTAypHi3kkuoqc", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2656381, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q_XGgeJQJGv5tGHmK4tMLadJx6ibMIRsP8MIEiYSvEIA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Qehugo1yyLKdDQmFBG5CAjp7HMtuK0bT0Da9h-FnGRVU", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qehugo1yyLKdDQmFBG5CAjp7HMtuK0bT0Da9h-FnGRVU", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542698", + "type": "pypi", + "name": "regex", + "files": "QdL-SulGOCqgGwSCAPrLg4l8wS7eIb5C5BagN__OO8bU", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2452311, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QXNfvzOQmc19sHArzvVzLQ6ke14MS8KUWg-T49vzqUyQ", + "type": 25, + "props": { + "source": "regex/_regex.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QU_8CbZFXlm36YJ78I-ArnWIualjaRJYv85RNrMCsNLA", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QU_8CbZFXlm36YJ78I-ArnWIualjaRJYv85RNrMCsNLA", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542699", + "type": "pypi", + "name": "regex", + "files": "Qwzf0kG2VcPOsPtAz2z999m5M04FMkvEwXxQB1qcaMU0", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-win-amd64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1181196, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QkcemC1ngSHQfcotOMMp8MBnaup3NdIp169gJoHDU43E", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QUnOvOCvi9Jwn9yXt8Mzrxy8s0RF6pcNZLbEzInDTH4Y", + "type": 25, + "props": { + "source": "regex/_regex.cp311-win_amd64.pyd" + } + }, + { + "key": "QkcemC1ngSHQfcotOMMp8MBnaup3NdIp169gJoHDU43E", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542700", + "type": "pypi", + "name": "regex", + "files": "QAWt0e9KEzIHhcjJ0z02UFUEDZrdKLnwWis2JX34Snyw", + "version": "2024.11.6", + "artifact_id": "cp311-cp311-win32-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1136643, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QEDH7RAIxWWQ5b9xPfVKIwLBOaem-RTeccnqLu6r6vao", + "type": 25, + "props": { + "source": "regex/_regex.cp311-win32.pyd" + } + }, + { + "key": "Qu0-HMz9byt2C7-mbNs9ILGbVv8sbeZ0_CxZwDboaW38", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qu0-HMz9byt2C7-mbNs9ILGbVv8sbeZ0_CxZwDboaW38", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542701", + "type": "pypi", + "name": "regex", + "files": "Q1gu47bAJ75Pr2Y_UVb9inXq96j25cJC3DhNUeaIyA_c", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-macosx-10-13-universal2-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2009647, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QuJprSSjOtctJH716BtlKHSny1k5zsLqMD6RmDjrH-l0", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QuJprSSjOtctJH716BtlKHSny1k5zsLqMD6RmDjrH-l0", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QdpH2BBN4xPrQISMaLTyVp01m7mnRk0JVOyWsp6KQGNA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542702", + "type": "pypi", + "name": "regex", + "files": "QIczT9CRjLTs9GneHNvJGxroHw6FPvl_qMbYIArOi0Xw", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1226434, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QlfAaTLH09kjCPBFFPSf9GWoyhnrIKecMlTNVn_nQH2A", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QdpH2BBN4xPrQISMaLTyVp01m7mnRk0JVOyWsp6KQGNA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-darwin.so" + } + }, + { + "key": "QlfAaTLH09kjCPBFFPSf9GWoyhnrIKecMlTNVn_nQH2A", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542703", + "type": "pypi", + "name": "regex", + "files": "QgjHYlKVeTJijme4LhHwUgxrlbljazgm2P5pH10CUo38", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1223224, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QdpH2BBN4xPrQISMaLTyVp01m7mnRk0JVOyWsp6KQGNA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-darwin.so" + } + }, + { + "key": "QQW3qfnUgEkUUTpquHf6tWxk9jyWjH-d0Foq5M-i8F94", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QQW3qfnUgEkUUTpquHf6tWxk9jyWjH-d0Foq5M-i8F94", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542704", + "type": "pypi", + "name": "regex", + "files": "Q4op-d2cuGPgk_elUQGD3xXNNgY-ieN2CmSl-t7GQY4U", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3156528, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q1h5nFTsgvb-jyw0BF55hxNr9kYxx56xhi3q3m8IwEts", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q1h5nFTsgvb-jyw0BF55hxNr9kYxx56xhi3q3m8IwEts", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QX4eo8PTsZdRxsmkm6BYF0g-6PQ58VIplZS5_7j7e-JY", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542705", + "type": "pypi", + "name": "regex", + "files": "QtITgCSEJlIGDVMX3-nf5r-G2sPQ3X7ux8-n5A84oZis", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3221324, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QXEAVt6dK_SYij_Wat1WCdCp9yOfA2sPdR_EbZvuRQJY", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QXEAVt6dK_SYij_Wat1WCdCp9yOfA2sPdR_EbZvuRQJY", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QCEZu_cHwOnCQx6VxbQdIGVqABBx3WTvmXQ6YbJ5ZrA4", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542706", + "type": "pypi", + "name": "regex", + "files": "QHC9c8AbNVcaIB_Yx4gmcI_hvygnsPONaTiGHpgyzhnM", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3125114, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QkAiKItv2BH03t2CLwHw9Lk87a4kQiUxuol-tDVZDrng", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QkAiKItv2BH03t2CLwHw9Lk87a4kQiUxuol-tDVZDrng", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QW18JBQkQ4CpLvPWqtfkyZRBpisvfqVZg-gqBM1B83ug", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-s390x-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542707", + "type": "pypi", + "name": "regex", + "files": "QzG0KYVKb7wTPnikvTMKsJ8GN-IqiU0WO2WROejaCVyk", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3054373, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QOn60RHftiVNl7ME9O8zKIDgRZCSc7M0zf1w0al8_8nI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QQbD7VYX23xuyIKe5dGGaHTd59gES1vWVcwEMBXc7ZVY", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QQbD7VYX23xuyIKe5dGGaHTd59gES1vWVcwEMBXc7ZVY", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542708", + "type": "pypi", + "name": "regex", + "files": "QNWmHxGluH59EHkMT5XugtlRUyLrbT50Mc0qjvxVRdg0", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2574800, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qq8F9HtUbcxg8JzUPpvrBTA3wmhrdiNVTlBtXN8RS6_c", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QKqM5zCuPh9r5tEHYtqW4fXJuHY7d-byFmiJeE-3H7Fs", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "Qq8F9HtUbcxg8JzUPpvrBTA3wmhrdiNVTlBtXN8RS6_c", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542709", + "type": "pypi", + "name": "regex", + "files": "Q3F2Us6ou5y90auPn2fZG80TKeAhOGWPocDtv4Eue5VY", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2545065, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q7uTqUV99ah0nvMfYtfkTifv8A-vVi5K3y8pwgeXff3g", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q7uTqUV99ah0nvMfYtfkTifv8A-vVi5K3y8pwgeXff3g", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QJ5RdD6ZOpprPg7BlbuBjt343W7kMdpuG7BavZ469CAE", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-aarch64-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542710", + "type": "pypi", + "name": "regex", + "files": "QP9UMH4qoGz4TIVcUHRpweA-6NWQ-BuufHlm0m-V6zvA", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2417507, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qq313_T4ulrhc_g1K5ZhYReha0QYYqpa9Ir1OjDF3hMk", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qq313_T4ulrhc_g1K5ZhYReha0QYYqpa9Ir1OjDF3hMk", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qej9SankUCJoY0OW-WxY6QZPC5jyDixDcqZPTBHBzxrA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-i386-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542711", + "type": "pypi", + "name": "regex", + "files": "QZevTkDPLTroT0ShPLRwszDB-km4uTEzMnp6Fp_TQbYs", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2691029, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qu5YTtnL496P9175d4jWJxT-0xE4VPnhLK_XIrnI_NH0", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qu5YTtnL496P9175d4jWJxT-0xE4VPnhLK_XIrnI_NH0", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QRsO09uiOKc0b9z7WEOfT8Nnaeh30ot-I7eJE1pNxYEs", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-powerpc64le-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542712", + "type": "pypi", + "name": "regex", + "files": "QQcpNUgukMDA627yFoxUAnmvihtTAHNd0nYzKVZatPqc", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2678429, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QPZwyDu7b72mEN6chRT8nDpUM9mq6fc0bfRud3-FFFA8", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QoZgTRnpm2D2esWr7HCZk1ICcTRYQK1_1uIfqsekuPOM", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QoZgTRnpm2D2esWr7HCZk1ICcTRYQK1_1uIfqsekuPOM", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542713", + "type": "pypi", + "name": "regex", + "files": "QYRa_mAyJ-9ImB4XtkxWXgLC1SKhDjmsAagagAYzW-z4", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2476223, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QOnQKG_WYXPzqY4-7sURPEy6nhWzJnv2Y7vQTmGChVK4", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QOnQKG_WYXPzqY4-7sURPEy6nhWzJnv2Y7vQTmGChVK4", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QmUbiLnbSIUki2ZRbaPpd7vd932mq-MyMIR7ceFnsJt4", + "type": 25, + "props": { + "source": "regex/_regex.cpython-312-x86_64-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542714", + "type": "pypi", + "name": "regex", + "files": "Qam6Wz8pW6vJ-6OdqEONBV5iCQCzuNm_-IV7b1rup65k", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-win-amd64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1180684, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q2DX-D8UbOY3kYqmFAJJtl2OZaOy6gwS6XUNQrrEgRac", + "type": 25, + "props": { + "source": "regex/_regex.cp312-win_amd64.pyd" + } + }, + { + "key": "QqPJJDXV2OD9iP0HXfLaOHQpws30BKUdSBXOTXoXGNs0", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QqPJJDXV2OD9iP0HXfLaOHQpws30BKUdSBXOTXoXGNs0", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542715", + "type": "pypi", + "name": "regex", + "files": "QadjPmuYzcGRCurQd7FueGKtRwl9oYdrnMFC_Pp3zzzg", + "version": "2024.11.6", + "artifact_id": "cp312-cp312-win32-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1138691, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q4zWphDJyVrf2DruA_bggS1ji8if0boPRXIE8u6MVeog", + "type": 25, + "props": { + "source": "regex/_regex.cp312-win32.pyd" + } + }, + { + "key": "QL3az8frM8UqLUPxAHbG2gvJh9HfV0qgzKmIsJh3gLJQ", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QL3az8frM8UqLUPxAHbG2gvJh9HfV0qgzKmIsJh3gLJQ", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542716", + "type": "pypi", + "name": "regex", + "files": "Q6wtPlhWcXZVmx6wNFEtFfhmpWW6joyAtcw1Ogvc9xes", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-macosx-10-13-universal2-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2009551, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QX6hD4A42hFq2xelCyXGDb1nSAKgWafhwA7M_-FraZA8", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QHliHOXDtbkIP-aDa6YxI843atDz9GElq7ysGmDbwAxY", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-darwin.so" + } + }, + { + "key": "QX6hD4A42hFq2xelCyXGDb1nSAKgWafhwA7M_-FraZA8", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542717", + "type": "pypi", + "name": "regex", + "files": "QPsL1rQSfrC6aSt7AQ8fVzcd8F3zTec_-otq9a9GX1vI", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1222242, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QPGbNj88CRb5kr7WEzqhUD3PGSOtwIjpo1-Vp1zLya-Q", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QHliHOXDtbkIP-aDa6YxI843atDz9GElq7ysGmDbwAxY", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-darwin.so" + } + }, + { + "key": "QPGbNj88CRb5kr7WEzqhUD3PGSOtwIjpo1-Vp1zLya-Q", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542718", + "type": "pypi", + "name": "regex", + "files": "QusjMCTGqa4b7xDVeFZcQ-_6z4WDGsa2jayiDIKK7-RU", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1223128, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QL36o2PA0d2yS4sdPxzZ1FIcKbMCN0oe5ozeD9QkfvVI", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QHliHOXDtbkIP-aDa6YxI843atDz9GElq7ysGmDbwAxY", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-darwin.so" + } + }, + { + "key": "QL36o2PA0d2yS4sdPxzZ1FIcKbMCN0oe5ozeD9QkfvVI", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542719", + "type": "pypi", + "name": "regex", + "files": "QbbVrzpCdCN8MiCUX2XteFEbF1z_KSdxSZLHRBdNaZRo", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3156952, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qyua4nS6tE33QMJ4PpuGAK5FrF4JJbjyOxzMV07xOOOI", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QbQqZfCs7SpTlKz9xQtuHtmOE_wYxj-wB1UxyXb5tSvo", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qyua4nS6tE33QMJ4PpuGAK5FrF4JJbjyOxzMV07xOOOI", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542720", + "type": "pypi", + "name": "regex", + "files": "QsF92M4KpIA6eJg5HEJTcMKNbmxVEchu6-2OA9SDdCok", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3221836, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QLCHcrJoan7OQFg9ph8ZBEllCWpC-2qkQ1Wh0KLMJVug", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QLCHcrJoan7OQFg9ph8ZBEllCWpC-2qkQ1Wh0KLMJVug", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QKAF2WREx3TjysgR-Z8kNVZjRy1CGkWyU6riU4BNq24M", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-powerpc64le-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542721", + "type": "pypi", + "name": "regex", + "files": "QCSDtQeejDoksRv7apS2ubG8Zhr0waY9zL4xevwGzmQA", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3125586, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QbYaxoiQ4Uei_O7sP6F5LB-GfXB07QIvNdhd9S0Fsj3w", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QQP9JdxbrpkPfYumxnTKccT-jCQoKguTu4Euskw52kQA", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QbYaxoiQ4Uei_O7sP6F5LB-GfXB07QIvNdhd9S0Fsj3w", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542722", + "type": "pypi", + "name": "regex", + "files": "Q3tEnz-Jamdd5k80JgIC2pUhHnZaqJJo8cFLqa_i-93k", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3054805, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q35cdtOvIlzM_D5oBl_50S9Wdbon04aSn1gLfdO_2Tjs", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q51cU1xEqOV_IQ1GddOQ8erlMv78Tp2aDGbpft5ZlvgQ", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q35cdtOvIlzM_D5oBl_50S9Wdbon04aSn1gLfdO_2Tjs", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542723", + "type": "pypi", + "name": "regex", + "files": "Q51TuhuQKQziA-0IKPV8LFQiKoGKirQIdBVbQOAwB4SE", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2575244, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q8SZYqQvUoGYQrSDBnMS_J_JtOT4phGy-5Woq18WXbMY", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QDXh7FAq9GaQZ0YUPo7VIu-uzlKLk4tEhBtbdKy4n8EA", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QDXh7FAq9GaQZ0YUPo7VIu-uzlKLk4tEhBtbdKy4n8EA", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542724", + "type": "pypi", + "name": "regex", + "files": "Qqltm4DgauyG4rG4-uZeMdSWUEFFAQ3z92P-7pTDK6xA", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2545473, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qti-D1gHzOZIZk-Kp04FD10pGNWlIAcgaK76YxhJAY9s", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q7nE7fjLpt5lsLR4BQ9Iwe4o7OF2fLIPAw607TMrIDI0", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qti-D1gHzOZIZk-Kp04FD10pGNWlIAcgaK76YxhJAY9s", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542725", + "type": "pypi", + "name": "regex", + "files": "QmMvhVRvMJ1s7WIAGWz9Qa8O8IyXvVWAx27hPQ0OvR4Y", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2417903, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QSOlZ1wJocT7XGQ9sg9sOg4VTIBoOKIZeEfMSHyRsg7E", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QZmZkpdOzGzxXQwNVz5Q8BC_bkMVcFEwMCc-tLVSYXwk", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-i386-linux-musl.so" + } + }, + { + "key": "QSOlZ1wJocT7XGQ9sg9sOg4VTIBoOKIZeEfMSHyRsg7E", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542726", + "type": "pypi", + "name": "regex", + "files": "Q636po2wq7zPHzFThP6jnuJs_EObz0AnSupg0oh7M3NM", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2691501, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qrax-gxVzt6EhaIdYbShzGU7jkDiCKPXuxO9hM5wbEwg", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qrax-gxVzt6EhaIdYbShzGU7jkDiCKPXuxO9hM5wbEwg", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qh-7WP3Ku3KfAIfY6gN_dcKZx3NQtmFNVgYxuPLrq4QI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-powerpc64le-linux-musl.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542727", + "type": "pypi", + "name": "regex", + "files": "Q4_zzrASLgkUQcJsXXfoX8byLuhRTJba04xxq2sdZQLo", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2678717, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QFiShgFazSVnztZoYBy47XEAOOX8wAkfhibKmsW2wNTI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QLX9vz9wNbUPHAmdogCe7a2sG4gIBKsg3JeXi5WaGjMs", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QLX9vz9wNbUPHAmdogCe7a2sG4gIBKsg3JeXi5WaGjMs", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542728", + "type": "pypi", + "name": "regex", + "files": "Qv396gMGJSlCNfvRXKqY2vD4qhWdIwj2oGP1DTmLicM0", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2476599, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QDa2P7MYVW9sHeP9YgVDiwWvyrn6hKw0uOnpdhl7Mk1s", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Q3nr05K4lWmERLyLZ2aN9CgeyRfNimNjTdwyjAKDb0_o", + "type": 25, + "props": { + "source": "regex/_regex.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QDa2P7MYVW9sHeP9YgVDiwWvyrn6hKw0uOnpdhl7Mk1s", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542729", + "type": "pypi", + "name": "regex", + "files": "Q_XB-rIhNLg1-raQIyFBAnhTg8wrc8r774uahW50Ra2I", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-win-amd64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1180684, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QzMECeSFU7Yik3KbZ1qEZF3jNmEa4mkA5W_5WJWdechU", + "type": 25, + "props": { + "source": "regex/_regex.cp313-win_amd64.pyd" + } + }, + { + "key": "Qdk0iPnhUUPyle4nrcXjs8oRwLbNuhUanQ1alQfz8ezI", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qdk0iPnhUUPyle4nrcXjs8oRwLbNuhUanQ1alQfz8ezI", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542730", + "type": "pypi", + "name": "regex", + "files": "QVlA1FSvFiwdafJtbYJyLYQS69bv-IJrT9KH43YbCx08", + "version": "2024.11.6", + "artifact_id": "cp313-cp313-win32-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1138691, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QOUyyvpwK4aC1H-sXzEPivBr0YfTZWmsSKjHsXETZqMw", + "type": 25, + "props": { + "source": "regex/_regex.cp313-win32.pyd" + } + }, + { + "key": "QVyxarnltCxt4CAqnQAfipl7O6x3L_vFXiId9_Zy7WR4", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QVyxarnltCxt4CAqnQAfipl7O6x3L_vFXiId9_Zy7WR4", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542731", + "type": "pypi", + "name": "regex", + "files": "QQdFyX9_Xef_3TKaBP3oot_Vd7eZhrzjJoWjYrY-AAgI", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2009611, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q5vISX6FFTIIz-U8Y5Nns_9aN_0TM237x1HXD4gUphVY", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q8493X67eZs-GmJpfwyJzLQp2VBXp4k7OG82CkxFqaSM", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-darwin.so" + } + }, + { + "key": "Q5vISX6FFTIIz-U8Y5Nns_9aN_0TM237x1HXD4gUphVY", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542732", + "type": "pypi", + "name": "regex", + "files": "Q-yUKETmFe-a-Uwlyo6-vJcN_KHuzmgsN2eS0UI1w5CE", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1222286, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q8493X67eZs-GmJpfwyJzLQp2VBXp4k7OG82CkxFqaSM", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-darwin.so" + } + }, + { + "key": "QSBxZ_1MdYkc8uVpzVcLA-UULw7NMUpkaOnBMp3loMSs", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QSBxZ_1MdYkc8uVpzVcLA-UULw7NMUpkaOnBMp3loMSs", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542733", + "type": "pypi", + "name": "regex", + "files": "QXQBJIbQAHAWEu2gzDqkf2RrEpP8cHbcrTzdNgYGFA4w", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1223165, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q8493X67eZs-GmJpfwyJzLQp2VBXp4k7OG82CkxFqaSM", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-darwin.so" + } + }, + { + "key": "QzZgx_Vvzi-0tKAvLr-gV5S_N046An7XHMPNC94IMFtc", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QzZgx_Vvzi-0tKAvLr-gV5S_N046An7XHMPNC94IMFtc", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542734", + "type": "pypi", + "name": "regex", + "files": "Q8gDDmBDZ_2IYfkUsb_J5_li3GCiSxF639eIGAy1CcTQ", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3122203, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QM3_XeqK_YTczU2JSawDFCSrWeqq8OavVV4BYVlpZYHY", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QM3_XeqK_YTczU2JSawDFCSrWeqq8OavVV4BYVlpZYHY", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QUQ7AQRM57sg7qrZ0qUOnpdLNdIVtXfSpW25FkPaMF0E", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-aarch64-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542735", + "type": "pypi", + "name": "regex", + "files": "Q76bxGq_JK_fahd09c-y4c6SpPtTbGC-w3fLv306UYhE", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3191687, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QMFX-lyprtaPBFos9ximKF1hYXNAArONCLqdqMsE4_y4", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QI7KF04JcKbT6X-A7--vXhFsV45c8r5nD0jrdM-zroDc", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QI7KF04JcKbT6X-A7--vXhFsV45c8r5nD0jrdM-zroDc", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542736", + "type": "pypi", + "name": "regex", + "files": "Q5eJ6Qz_e2-gUn6Kb5pTh7T8I9dL64yt1ur8ViGI1x2g", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3079445, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QI3CzW6vFE3BrZMkfJ57CLD2iPtrNwrCrys07T7Lqh4g", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QhQffcdkxg2LRuqKTFPXfUTI3Y_RUBlQ8aj5wMa0A6nI", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-s390x-linux-gnu.so" + } + }, + { + "key": "QI3CzW6vFE3BrZMkfJ57CLD2iPtrNwrCrys07T7Lqh4g", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542737", + "type": "pypi", + "name": "regex", + "files": "QeJ676L861OVQ0poP5ASDIFNg1nDqWDB3maFFCGY2ii4", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542738", + "type": "pypi", + "name": "regex", + "files": "Q_OLwRTT4MAkPH_280cmyTqYOO-Dl68W2Y1K20JjlGR0", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542739", + "type": "pypi", + "name": "regex", + "files": "QcvO_cCaeZ4pKF4tqAp5pwfBY7Tc1f9Qd_1fXq0aOtMg", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-12-x86-64-manylinux2010-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542740", + "type": "pypi", + "name": "regex", + "files": "QgITraHdCCTIBbnB6sW9DTrr5R1ndZOOKoVcCq-dKTbo", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542741", + "type": "pypi", + "name": "regex", + "files": "QG8PJqmaIbu-BNsilYtMtHLo0nFJ5-NuDXgRpBzasGYI", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542742", + "type": "pypi", + "name": "regex", + "files": "QBgbiYOkg2sVUessZl4MuBHD-bOTNjwfbpYDhcPhwaW4", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910542743", + "type": "pypi", + "name": "regex", + "files": "QprYzhiqECJJl5gRUgvzeYLO3ML0JX4D4t4YCH7ayL_w", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543499", + "type": "pypi", + "name": "regex", + "files": "QdENhAVMlu0VyrBKball5n16eNh8J_elH4DwVMHO9LJQ", + "version": "2024.11.6", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.9176115, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9176115 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": true, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3548895, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QMHXNfzjaK4rdFIiNJ2-Z3M1lAmnsNsS0xbnM9qfet0g", + "type": 81, + "file": "regex-2024.11.6/regex_3/_regex_core.py" + }, + { + "key": "Q7Fyp24R5x_3vggJ_2G30vuVf4hyqvOWXiBhnkqx24Ag", + "type": 20887002, + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "regex-2024.11.6/regex.egg-info/PKG-INFO" + } + }, + { + "key": "QwHSBVTKEtCXH5SgVZT2FAwP5G7Zho7WABeYUtEsDdM0", + "type": 19, + "file": "regex-2024.11.6/tools/build_regex_unicode.py" + }, + { + "key": "QwHSBVTKEtCXH5SgVZT2FAwP5G7Zho7WABeYUtEsDdM0", + "type": 19, + "file": "regex-2024.11.6/setup.py" + }, + { + "key": "QMHXNfzjaK4rdFIiNJ2-Z3M1lAmnsNsS0xbnM9qfet0g", + "type": 81, + "file": "regex-2024.11.6/regex_3/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543574", + "type": "pypi", + "name": "regex", + "files": "QJphm5OG2D0rNekaIi0Mj6dfNabd4Puw2Oueu2HHk3hg", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2437499, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QjjyhtBXh0hgan5YhUAJUC_ncUFuPY31UDAdBnRY6Xc4", + "type": 25, + "props": { + "source": "regex/_regex.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qce4PX6GYCRSza13h-rfEnssfAv_WZLbcyqdGTJ0kDqU", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qce4PX6GYCRSza13h-rfEnssfAv_WZLbcyqdGTJ0kDqU", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543575", + "type": "pypi", + "name": "regex", + "files": "QhOfnyn2Bx5FjZVJax8jC0veY7b5tTtrId2I3KwGGCgc", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-win-amd64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1181704, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QdHfEmB4uLhr5siUKNWzeb4BqC5hVYuyTWLdGwMaiKOk", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qcj2MwVWpwe8b9ojmQeMfid5m0k4PloUfii4241Z76B4", + "type": 25, + "props": { + "source": "regex/_regex.cp38-win_amd64.pyd" + } + }, + { + "key": "QdHfEmB4uLhr5siUKNWzeb4BqC5hVYuyTWLdGwMaiKOk", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543576", + "type": "pypi", + "name": "regex", + "files": "Q31WPYg_DkcDqI9xi2BdcI312mjEzxJNZYueN7Wke1XI", + "version": "2024.11.6", + "artifact_id": "cp38-cp38-win32-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1136640, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QRH5pVwrRRVlOuuw9D-f5vDP8MCSyyFHYtpNKXZUm-NQ", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QxXOfr0KZ6if5A2Ybgl_Isi6MxIuYeYHt3PuEjP-ex9E", + "type": 25, + "props": { + "source": "regex/_regex.cp38-win32.pyd" + } + }, + { + "key": "QRH5pVwrRRVlOuuw9D-f5vDP8MCSyyFHYtpNKXZUm-NQ", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543577", + "type": "pypi", + "name": "regex", + "files": "QFzEErRBefN35MZDivbfCBRJR6mSl_p7Obq2BbP1SXUQ", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-macosx-10-9-universal2-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2009611, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QMhsTJFnlYuT7I3nmRWOdckN3PlSs5RcEvK20uaF2_Ts", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-darwin.so" + } + }, + { + "key": "Q-xD1usIx3k3Lzo8gtB5-AIjRxnDXRxqt9pEpCI0mPKw", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q-xD1usIx3k3Lzo8gtB5-AIjRxnDXRxqt9pEpCI0mPKw", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543578", + "type": "pypi", + "name": "regex", + "files": "Q1Jb7C3GfRJakhvPZFw6s9VEQF4WbEL3fPz1Ps1mZE6Q", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1222294, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QsrID6ewPySChJutWyZpNffmVxI-0lpn3GgXQp5XI02A", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QMhsTJFnlYuT7I3nmRWOdckN3PlSs5RcEvK20uaF2_Ts", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-darwin.so" + } + }, + { + "key": "QsrID6ewPySChJutWyZpNffmVxI-0lpn3GgXQp5XI02A", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543579", + "type": "pypi", + "name": "regex", + "files": "QQzD94tudGADbellaDrbWmXpl5qLxDwkgmYoSb6-kFiE", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1223165, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qp6f-XKeBvpdSvclKQ74mIcEUJe5SparP-_Bg90xHkc0", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qp6f-XKeBvpdSvclKQ74mIcEUJe5SparP-_Bg90xHkc0", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QMhsTJFnlYuT7I3nmRWOdckN3PlSs5RcEvK20uaF2_Ts", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-darwin.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543580", + "type": "pypi", + "name": "regex", + "files": "Qe_w53Db7vwztXUyHbdB7vk5l6o0q72N6B4jAqhSV7zQ", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3102179, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q5QH9fcE1ZUqjbxXrrZfJG2wdMpUIL7zUC7pxJpU9ot4", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QvcfBeR6Bt60crQFAtBN123OnjXORMiELwfPs7mdBQio", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5QH9fcE1ZUqjbxXrrZfJG2wdMpUIL7zUC7pxJpU9ot4", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543581", + "type": "pypi", + "name": "regex", + "files": "QkUlXf7vdrNjPZM8d314VYLRN0eRHPDHxF1vabPUF-I0", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3169687, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QXP-fghpoewfz8-BF7t4LxiinhDgv7ZWmOb9bfvSmFH0", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QN1zqlSvneQZ0XgH30C5RtYenIJlobd5fyDgnYsxmxDk", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QN1zqlSvneQZ0XgH30C5RtYenIJlobd5fyDgnYsxmxDk", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543582", + "type": "pypi", + "name": "regex", + "files": "QuUnlqp1V52n9qWMbWd0YJTwhvWp4UrwrcjgMj-YWo6Y", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 3060253, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QOuBX83OdWItvzvHC1HRaKsKX1w8yH0FWsIJVwIibpv8", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QOuBX83OdWItvzvHC1HRaKsKX1w8yH0FWsIJVwIibpv8", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qb3C1hp6Ib3p3cWWj2DQn26DZsFO8wW68j6Ejn9YMyN8", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-s390x-linux-gnu.so" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543583", + "type": "pypi", + "name": "regex", + "files": "Q9a9l_AVVwxUdqyRU8luqgmlQBzmXjTacjuNk5X1xFeA", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2995616, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qxz-abJpIC0OYNBSDu8WPHCqw-Xn7dGA7zQzbrSTEpHU", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QL7Fz4ijR-jittVVOUB-3IkMj-MF08qRFr3g8m7LnOD0", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QL7Fz4ijR-jittVVOUB-3IkMj-MF08qRFr3g8m7LnOD0", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543584", + "type": "pypi", + "name": "regex", + "files": "QSAb9sH1DZJIA1i4ArrtulkwqjZqjxq96fdkp3XBOA8U", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2529019, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QQU0xu3yQ3_TtyruPyQISDnqPGpR1QRrLaI0n6e_lukc", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QfKzpDdpfoqXVvasBKsEJU0ahTOJtBw4AZB-m3v5K8BU", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QfKzpDdpfoqXVvasBKsEJU0ahTOJtBw4AZB-m3v5K8BU", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543585", + "type": "pypi", + "name": "regex", + "files": "QeNIUlBygC7ufgj3n-dPWSKqw-t7yKTEl6rcxNl4z0u8", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-12-x86-64-manylinux2010-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2653341, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qxz-abJpIC0OYNBSDu8WPHCqw-Xn7dGA7zQzbrSTEpHU", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcf7ebZ8DaqUMrLTTKOidCOHfn9h5k7jv1txv1WHgk5E", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qcf7ebZ8DaqUMrLTTKOidCOHfn9h5k7jv1txv1WHgk5E", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543586", + "type": "pypi", + "name": "regex", + "files": "QcuoXPOVId-0350EL3qj7f77PZYz9ab6Q2IbSL8rlV_4", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-musllinux-1-2-aarch64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2497941, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QpGOWjWiMSfgDvQa4L4zXwl_F6fB-Bsy_XnqHGvekdOU", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QvcfBeR6Bt60crQFAtBN123OnjXORMiELwfPs7mdBQio", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QpGOWjWiMSfgDvQa4L4zXwl_F6fB-Bsy_XnqHGvekdOU", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543587", + "type": "pypi", + "name": "regex", + "files": "QoZHc3jokHosrcOHYgm9O5x-NBtHpPbF7xxJRFYrH5ks", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-musllinux-1-2-i686-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2370587, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Qj1DcY5LYrsdIaknmt2F-z6sWZWvbhcLBKLFp06dsyEw", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QQU0xu3yQ3_TtyruPyQISDnqPGpR1QRrLaI0n6e_lukc", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Qj1DcY5LYrsdIaknmt2F-z6sWZWvbhcLBKLFp06dsyEw", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543588", + "type": "pypi", + "name": "regex", + "files": "Qd2RPgTEb4HJqek1JnBG22OPu8m_CJFpV6XGzDS8jFjQ", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-musllinux-1-2-ppc64le-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2646513, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QXP-fghpoewfz8-BF7t4LxiinhDgv7ZWmOb9bfvSmFH0", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QsXp6UIATYATMdUQPc6rPzhtzsswbY8-wRk6O7_qebZ4", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QsXp6UIATYATMdUQPc6rPzhtzsswbY8-wRk6O7_qebZ4", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543589", + "type": "pypi", + "name": "regex", + "files": "QZrs0oS5COWt0ZNGgJ-Ap5OuERgbTrsJSeKaCLfYjP8g", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-musllinux-1-2-s390x-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2627873, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QOfhgG4k28KS6v3GLYwYqNi0uTPu1MSvCt7ecea_gzxU", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Qb3C1hp6Ib3p3cWWj2DQn26DZsFO8wW68j6Ejn9YMyN8", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QOfhgG4k28KS6v3GLYwYqNi0uTPu1MSvCt7ecea_gzxU", + "type": 81, + "file": "regex/_regex_core.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543590", + "type": "pypi", + "name": "regex", + "files": "QlB8b6Q4cIBZ92LEXcqNhWnTJy4KpIeZOsNSNUgeBvZc", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 2425691, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "Q9wgl7fofbFFeyTnZFX2ZrNSGwi9H-ykxGETtt1OFyrs", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "Qxz-abJpIC0OYNBSDu8WPHCqw-Xn7dGA7zQzbrSTEpHU", + "type": 25, + "props": { + "source": "regex/_regex.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9wgl7fofbFFeyTnZFX2ZrNSGwi9H-ykxGETtt1OFyrs", + "type": 81, + "file": "regex/regex.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543591", + "type": "pypi", + "name": "regex", + "files": "QZ4PZiwICEWbQ348K6IlsF4CHFW1HFjHBM_pBd5d8umk", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-win-amd64-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1181704, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QHkBtsYShRvfU3AMwaNBQIyiBvS9eLmViNOSTBLvUxSw", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QHkBtsYShRvfU3AMwaNBQIyiBvS9eLmViNOSTBLvUxSw", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "QadBwY9mtJAiq-OBREwfRQ-gqPuTvtyVEP1Tt2WnYg4U", + "type": 25, + "props": { + "source": "regex/_regex.cp39-win_amd64.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15910543592", + "type": "pypi", + "name": "regex", + "files": "QNS7wGJ5fG7KvQLwR2JzJAP9z5iiJ-b5nScQMLuDNP5o", + "version": "2024.11.6", + "artifact_id": "cp39-cp39-win32-whl", + "scores": { + "supplyChain": 0.93156666, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93156666 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": true + }, + "license": "Apache-2.0", + "size": 1136640, + "author": "mrabarnett", + "state": "revalidate", + "alerts": [ + { + "key": "QxBBbZQFfXbXVvnmCZ_62-2iw5B582huwTvPZQZ3UxUo", + "type": 81, + "file": "regex/_regex_core.py" + }, + { + "key": "QxBBbZQFfXbXVvnmCZ_62-2iw5B582huwTvPZQZ3UxUo", + "type": 81, + "file": "regex/regex.py" + }, + { + "key": "Q7pt5IwbjMsMYb6Gkc6S2lT7_5qqwYVJByxXSKPy60Hk", + "type": 25, + "props": { + "source": "regex/_regex.cp39-win32.pyd" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15911206379", + "type": "pypi", + "name": "packaging", + "files": "QsnTBXSb48uAlwbEmZoBxXxzackhZJC3su-1xIshygRY", + "version": "24.2", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.5625, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.5625 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "AFL-1.1 AND Apache-2.0 AND BSD-2-Clause", + "size": 2474039, + "author": "brettcannon, dstufft, pf_moore, pradyunsg", + "state": "revalidate", + "alerts": [ + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": 63, + "file": "packaging-24.2/tests/test_tags.py" + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": 63, + "file": "packaging-24.2/tests/test_musllinux.py" + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": 81, + "file": "packaging-24.2/tests/test_metadata.py" + }, + { + "key": "QemZQfyPj9YZX7on2s3zdV90_fRjT8WnRBGJG9ZilFjU", + "type": 16, + "file": "packaging-24.2/tests/test_markers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": 63, + "file": "packaging-24.2/src/packaging/tags.py" + }, + { + "key": "QemZQfyPj9YZX7on2s3zdV90_fRjT8WnRBGJG9ZilFjU", + "type": 16, + "file": "packaging-24.2/src/packaging/markers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": 81, + "file": "packaging-24.2/src/packaging/licenses/__init__.py" + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": 81, + "file": "packaging-24.2/src/packaging/_parser.py" + }, + { + "key": "QlrtqArA9FLiBtJkcoxR9wV6jDganbqTQjrb7D6Rgmaw", + "type": 15586191, + "props": { + "location": "packaging-24.2/docs/licenses.rst" + } + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": 81, + "file": "packaging-24.2/docs/conf.py" + }, + { + "key": "QKJsl3Vs20X0L7dwRi170JruD6Q8O2kITV3IX5Kuc5Fg", + "type": 19, + "file": "packaging-24.2/src/packaging/_manylinux.py" + }, + { + "key": "QKJsl3Vs20X0L7dwRi170JruD6Q8O2kITV3IX5Kuc5Fg", + "type": 19, + "file": "packaging-24.2/src/packaging/_musllinux.py" + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": 63, + "file": "packaging-24.2/src/packaging/_musllinux.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15911206380", + "type": "pypi", + "name": "packaging", + "files": "QEQGcd6lngqiY6OyGfOYW6CmoLL6z8ZAtxqn_oPMGUVo", + "version": "24.2", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.8604167, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8604167 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": false + }, + "license": "Apache-2.0 AND BSD-2-Clause", + "size": 235077, + "author": "brettcannon, dstufft, pf_moore, pradyunsg", + "state": "revalidate", + "alerts": [ + { + "key": "Q4IKfb8r0oqiivrcVY149-l_2lvXS7eBAg6Lb5YCC9tg", + "type": 16, + "file": "packaging/markers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZeOOsILXBXtlKGW6KCgX6b9OesUSSiEPVPQpcdj-t1E", + "type": 81, + "file": "packaging/licenses/__init__.py" + }, + { + "key": "QZeOOsILXBXtlKGW6KCgX6b9OesUSSiEPVPQpcdj-t1E", + "type": 81, + "file": "packaging/_parser.py" + }, + { + "key": "QSsO_z7bU_1CXniA22vhQTZoRX_uoyfgbmHK0b0LmQQI", + "type": 63, + "file": "packaging/_musllinux.py" + }, + { + "key": "Q-m5XfyiYnvdbCvtAcDXgStoSwDiu6mWMfF95aTztCRk", + "type": 19, + "file": "packaging/_musllinux.py" + }, + { + "key": "Q-m5XfyiYnvdbCvtAcDXgStoSwDiu6mWMfF95aTztCRk", + "type": 19, + "file": "packaging/_manylinux.py" + }, + { + "key": "QSsO_z7bU_1CXniA22vhQTZoRX_uoyfgbmHK0b0LmQQI", + "type": 63, + "file": "packaging/tags.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15917547152", + "type": "pypi", + "name": "faker", + "files": "Q6wrPc1oeSCm1Dn1rlpGqL06n5V9UYMit4phbGv9-WYA", + "version": "33.1.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15917547153", + "type": "pypi", + "name": "faker", + "files": "Q7eg0oF8n60f7pJ98BFJCESTKlssOxl0K8HVn1OMpnYw", + "version": "33.1.0", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15918419823", + "type": "pypi", + "name": "pytest", + "files": "QdOXLb0USJDdyX-HZcMKJv7VFIy6xjfzmYrU4f-fY1K8", + "version": "8.3.4", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15918419824", + "type": "pypi", + "name": "pytest", + "files": "QpJvReWXdqMcxNc2vp2lyCampI-JyHh1LtmRkNSnTPBQ", + "version": "8.3.4", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "id": "15919471954", + "type": "pypi", + "name": "six", + "files": "QMEUf3EPcirEo-vEp2_MBXzQuG0tgRuQax9qP24_f1FI", + "version": "1.17.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.96375656, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96375656 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": true, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 134390, + "author": "gutworth", + "state": "revalidate", + "alerts": [ + { + "key": "QMIxld9s1p5ay4OyMBC_ry-J1YQ3uDSNcNtjNwO90SqU", + "type": 19, + "file": "six-1.17.0/setup.py" + }, + { + "key": "QsWo3FBa69NYVgLwmixr_hmX2spVn6Ffc_iS5hvdgY-U", + "type": 16, + "file": "six-1.17.0/six.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "15917547152", + "15921473454" + ] + }, + "id": "15919471955", + "type": "pypi", + "name": "six", + "files": "Qv70usp2FUIPT48xNM4EREXrooRHChmGysbXDqXCnEck", + "version": "1.17.0", + "artifact_id": "py2-py3-none-any-whl", + "scores": { + "supplyChain": 0.98156816, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98156816 + }, + "capabilities": { + "env": true, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 37975, + "author": "gutworth", + "state": "revalidate", + "alerts": [ + { + "key": "Q0Z03tYbPqliWL7tKH8UHTRTZ_-XK6bLXKZsdolxl6gI", + "type": 16, + "file": "six.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15920039377", + "type": "pypi", + "name": "sticker-convert", + "files": "Qf9F4VB9fTvZ2RbfHD1G1JTQwy978wpfcdPsKMKZudWQ", + "version": "2.10.8", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.0625, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.0625 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "GPL-2.0 AND GPL-2.0+", + "size": 11431813, + "author": "laggykiller", + "state": "revalidate", + "alerts": [ + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/definitions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": 81, + "file": "sticker_convert/cli.py" + }, + { + "key": "QtylvaXwUhVTayFTLTqLThvVImb-RGCmwnxfoW2G0mDA", + "type": 23, + "file": "sticker_convert/utils/auth/get_viber_auth.py", + "props": { + "risk": "medium", + "notes": "The code is designed to extract sensitive authentication information from the Viber application by accessing its process memory. This poses a significant security risk as it can be used for unauthorized access to a user's Viber account. The operations performed by the code are high-risk due to the direct memory access and potential for extracting sensitive information.", + "severity": 0.6, + "confidence": 1 + } + }, + { + "key": "QCCUFNEO90Dc_ZEN8H9pFAHteUxuHfkKxDwxs5E412Kk", + "type": 36, + "file": "sticker_convert/utils/auth/get_discord_auth.py", + "props": { + "id": 341285, + "note": "The code is designed to extract Discord authentication tokens by utilizing Chrome Remote Debugging to execute JavaScript within the browser context to retrieve the token. This poses a significant security risk as it allows unauthorized access to Discord accounts without user consent. The extracted tokens could be used to hijack user accounts or perform other malicious activities." + } + }, + { + "key": "Q26ncGOGywa-Vti9pyVkYgqAe5z9x8s_AobxslYlfu8M", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QdrkUlhYTBTA0hT60T_DE-giVyzwAtTD5u5tQNirC21k", + "type": 25, + "props": { + "source": "sticker_convert/resources/NotoColorEmoji.ttf" + } + }, + { + "key": "QC2Fvd9OPWpyaI8a-8v_REAuobu3LrNgwf11LIXUw1Ro", + "type": 25, + "props": { + "source": "sticker_convert/ios-message-stickers-template/stickers.xcodeproj/project.xcworkspace/xcuserdata/niklaspeterson.xcuserdatad/UserInterfaceState.xcuserstate" + } + }, + { + "key": "QSRXxXRoTNB31YoYHPOX-98-ercurMcwY3RmpTrQch2Q", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/converter.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/utils/process.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/utils/process.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/process.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/media/codec_info.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/utils/files/run_bin.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/files/run_bin.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/files/metadata_handler.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/files/json_manager.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/files/cache_store.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/utils/chrome_remotedebug.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": 81, + "file": "sticker_convert/utils/callback.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/utils/auth/get_signal_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/auth/get_signal_auth.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/utils/auth/get_line_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/utils/auth/get_line_auth.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/utils/auth/get_kakao_desktop_auth.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/utils/auth/get_kakao_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": 81, + "file": "sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/utils/auth/get_discord_auth.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/uploaders/xcode_imessage.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/uploaders/upload_telegram.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/uploaders/upload_signal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/uploaders/upload_signal.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/uploaders/compress_wastickers.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/job_option.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/job.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": 81, + "file": "sticker_convert/job.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/job.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/gui_components/windows/viber_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/gui_components/windows/viber_get_auth_window.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/gui_components/windows/signal_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/gui_components/windows/signal_get_auth_window.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/gui_components/windows/line_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/gui_components/windows/kakao_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": 63, + "file": "sticker_convert/gui_components/windows/kakao_get_auth_window.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/gui_components/windows/discord_get_auth_window.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/gui_components/frames/cred_frame.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/gui.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": 81, + "file": "sticker_convert/gui.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/downloaders/download_viber.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": 16, + "file": "sticker_convert/downloaders/download_line.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/downloaders/download_line.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/downloaders/download_line.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/downloaders/download_discord.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": 47, + "file": "sticker_convert/downloaders/download_base.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": 19, + "file": "sticker_convert/downloaders/download_base.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15921473454", + "type": "pypi", + "name": "faraday-plugins", + "files": "QolrluC1lm7W3yHMGItI_sJjN84BV-ldgwqEqnt8hEs0", + "version": "1.20.21", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.4225, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.4225 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "GPL-3.0", + "size": 845137, + "author": "faradaysec", + "state": "revalidate", + "alerts": [ + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": 47, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/plugin.py" + }, + { + "key": "Q6Z38Gb7LAj235o2WNq7JFmOl41A5LIaHOecAym6WfnU", + "type": 15586118, + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QhEf1ldb9VBna384CbFMtZF0unj8OTvbx3KNHM83pLZ0", + "type": 15586174, + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/manager.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/commands.py" + }, + { + "key": "QPGSor6e2p5sVWu8cVkn7FAD83T4lpviOq8mD-tFDKnY", + "type": 63, + "file": "faraday_plugins-1.20.21/faraday_plugins/commands.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/commands.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/arachni/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/arachni/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": 47, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/amap/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/appscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/bandit/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "Q5OxjGTWl8hptg64VY4cpGjz2qBBVnX9-iYOVXnUSC3s", + "type": 81, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/hydra/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/lynis/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/ncrack/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/medusa/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": 47, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/naabu/plugin.py" + }, + { + "key": "QPGSor6e2p5sVWu8cVkn7FAD83T4lpviOq8mD-tFDKnY", + "type": 63, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/nuclei_legacy/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/openvas/plugin.py" + }, + { + "key": "QPGSor6e2p5sVWu8cVkn7FAD83T4lpviOq8mD-tFDKnY", + "type": 63, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/nuclei/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/peepingtom/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/pasteanalyzer/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/shodan/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/skipfish/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/sshdefaultscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": 47, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/snyk/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/sslyze/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/telnet/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/sslyzejson/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/wapiti/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/wapiti/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/webfuzzer/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": 16, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/webfuzzer/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": 47, + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/whitesource/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/tests/test_cli.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/setup.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": 19, + "file": "faraday_plugins-1.20.21/tests/test_report_collection.py" + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": 47, + "file": "faraday_plugins-1.20.21/tests/test_report_collection.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15921474311", + "type": "pypi", + "name": "faraday-plugins", + "files": "QuRBQQGIyCAhtjTskV83m7z0nLWCLzCedTCnxWABHjQM", + "version": "1.20.21", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.49 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "GPL-3.0", + "size": 832756, + "author": "faradaysec", + "state": "revalidate", + "alerts": [ + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/sslyze/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/telnet/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/sslyzejson/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/wapiti/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/wapiti/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/webfuzzer/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/webfuzzer/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": 47, + "file": "faraday_plugins/plugins/repo/whitesource/plugin.py" + }, + { + "key": "Q6Z38Gb7LAj235o2WNq7JFmOl41A5LIaHOecAym6WfnU", + "type": 15586118, + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QhEf1ldb9VBna384CbFMtZF0unj8OTvbx3KNHM83pLZ0", + "type": 15586174, + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/commands.py" + }, + { + "key": "Q1oud5qmKgsCTNV98kDyHfIee3hUZroD6dGGLy2TQEhE", + "type": 63, + "file": "faraday_plugins/commands.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/commands.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": 47, + "file": "faraday_plugins/plugins/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/appscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/appscan_csv/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": 47, + "file": "faraday_plugins/plugins/repo/amap/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/arachni/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/arachni/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "QApakWttHdKK1NOsstAXWHegbzYeN80UjuSy0A7LQ7wg", + "type": 81, + "file": "faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/hydra/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/lynis/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": 47, + "file": "faraday_plugins/plugins/repo/naabu/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/medusa/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/ncrack/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1oud5qmKgsCTNV98kDyHfIee3hUZroD6dGGLy2TQEhE", + "type": 63, + "file": "faraday_plugins/plugins/repo/nuclei/plugin.py" + }, + { + "key": "Q1oud5qmKgsCTNV98kDyHfIee3hUZroD6dGGLy2TQEhE", + "type": 63, + "file": "faraday_plugins/plugins/repo/nuclei_legacy/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/openvas/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/pasteanalyzer/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": 47, + "file": "faraday_plugins/plugins/repo/snyk/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/skipfish/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": 19, + "file": "faraday_plugins/plugins/repo/shodan/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": 16, + "file": "faraday_plugins/plugins/repo/sshdefaultscan/plugin.py", + "props": { + "envVars": "" + } + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": true, + "toplevelAncestors": [] + }, + "head": { + "direct": true, + "toplevelAncestors": [] + }, + "id": "15921496871", + "type": "pypi", + "name": "sticker-convert", + "files": "Qy80KuU_09uQTUudcbrnYxpVp7H9zAMRL09klsbB8Smc", + "version": "2.10.8", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.25 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": true, + "shell": true, + "unsafe": false + }, + "license": "GPL-2.0 AND GPL-2.0+", + "size": 11537126, + "author": "laggykiller", + "state": "revalidate", + "alerts": [ + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/viber_get_auth_window.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/run_bin.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/media/codec_info.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/tests/test_download.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/process.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/process.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/process.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/tests/test_export.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "QSRXxXRoTNB31YoYHPOX-98-ercurMcwY3RmpTrQch2Q", + "type": 15586118, + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QA0sa5aGCr_JDOyMlC7RJ9JR3oZWIPg8FBviqtxlCNAw", + "type": 23, + "props": { + "risk": "medium", + "notes": "The code contains multiple potential security risks, including unauthorized file writes, command injection, information leakage, and code injection. It should be reviewed and modified to ensure proper input validation, sanitization, and secure handling of user input. The presence of 'eval' raises concerns about the safety and security of the code.", + "severity": 0.7, + "confidence": 0.8 + } + }, + { + "key": "QeTCiXdcOHY5Ktc6W9ZZrLYn8JLjT21ny6Xs5ZzCYlT0", + "type": 24, + "props": { + "notes": "The code is designed to extract sensitive authentication information from the Viber application by accessing its process memory. This poses a significant security risk as it can be used for unauthorized access to a user's Viber account. The operations performed by the code are high-risk due to the direct memory access and potential for extracting sensitive information.", + "severity": 0.7, + "confidence": 0.9 + } + }, + { + "key": "Qm2D5xqRiZ6rZPKRBsPb-8uI1nj5Gg66pXQgAQc56H64", + "type": 24, + "props": { + "notes": "The code is designed to extract Discord authentication tokens, which poses a significant security risk if done without user consent. The use of Chrome Remote Debugging for this purpose is concerning and aligns with potentially malicious behavior.", + "severity": 0.8, + "confidence": 0.9 + } + }, + { + "key": "Q5slAGLVSVGSe9oJgCr04r5xnB7jtPJkqYOdj2s_K25U", + "type": 25, + "props": { + "source": "sticker_convert-2.10.8/src/sticker_convert/ios-message-stickers-template/stickers.xcodeproj/project.xcworkspace/xcuserdata/niklaspeterson.xcuserdatad/UserInterfaceState.xcuserstate" + } + }, + { + "key": "QKLLP2Li-oX4lPqE3MlnJGOSlqF-uxCESzw0bI9BAY-Y", + "type": 25, + "props": { + "source": "sticker_convert-2.10.8/src/sticker_convert/resources/NotoColorEmoji.ttf" + } + }, + { + "key": "Q26ncGOGywa-Vti9pyVkYgqAe5z9x8s_AobxslYlfu8M", + "type": 15586174, + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_base.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_base.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/definitions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": 81, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/converter.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_line.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_line.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_line.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": 81, + "file": "sticker_convert-2.10.8/src/sticker_convert/cli.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_viber.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_discord.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/frames/cred_frame.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/discord_get_auth_window.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/kakao_get_auth_window.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/kakao_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": 81, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/callback.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/json_manager.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/metadata_handler.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/run_bin.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_discord_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/viber_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/signal_get_auth_window.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/signal_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/line_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/job.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": 81, + "file": "sticker_convert-2.10.8/src/sticker_convert/job.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/job.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/job_option.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/compress_wastickers.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_telegram.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_signal.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_signal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/xcode_imessage.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_line_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_line_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_signal_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_signal_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": 63, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_desktop_auth.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": 47, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": 81, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": 16, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": 19, + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/cache_store.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15922934629", + "type": "pypi", + "name": "attrs", + "files": "QOaEpIB0ME4YG0izGZcR_XMFWKrhhIlYMAKmHFrLeoCQ", + "version": "24.3.0", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 0.8799956, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8799956 + }, + "capabilities": { + "env": true, + "eval": true, + "fs": true, + "net": false, + "shell": true, + "unsafe": true + }, + "license": "MIT", + "size": 1507135, + "author": "hynek", + "state": "revalidate", + "alerts": [ + { + "key": "QLbDHcZwWbwVPitSS4F1AnqlcFZcVJ9iQPgP6SEemgJY", + "type": 16, + "file": "attrs-24.3.0/tests/typing_example.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7hexg4_qUkLWL3EPiRSwgS-bMSQfZmGjufPiscl8Pa0", + "type": 25, + "props": { + "source": "attrs-24.3.0/docs/_static/social card.afdesign" + } + }, + { + "key": "QLbDHcZwWbwVPitSS4F1AnqlcFZcVJ9iQPgP6SEemgJY", + "type": 16, + "file": "attrs-24.3.0/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "QxETLbdwz2eOP_uxkrCEdFSElN2dzuMozuXrUxytbjlU", + "type": 81, + "file": "attrs-24.3.0/src/attr/_make.py" + }, + { + "key": "Qve6WznczA3Ua5SE77L0iK_LyfZPB10n7bgRe-8JKDcc", + "type": 19, + "file": "attrs-24.3.0/tests/test_pyright.py" + }, + { + "key": "Qjrkx3dtQF2I50HHXrDSX2WroZEM-yl2l4xBOjdES3oU", + "type": 63, + "file": "attrs-24.3.0/tests/test_pyright.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126" + ] + }, + "id": "15922934630", + "type": "pypi", + "name": "attrs", + "files": "Q-mJ91ps3vbKqTsqju7PLiX1rGjzzvvu3dw-3I-o7soM", + "version": "24.3.0", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 0.9757634, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9757634 + }, + "capabilities": { + "env": false, + "eval": true, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "license": "MIT", + "size": 217286, + "author": "hynek", + "state": "revalidate", + "alerts": [ + { + "key": "Qhss_l3BGU1eWzNn-Umf28pULtaPwM2VjpPFTU-Y5A5Q", + "type": 81, + "file": "attr/_make.py" + } + ], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15921473454" + ] + }, + "id": "15924770219", + "type": "pypi", + "name": "click", + "files": "QSsDInxF3sda6QyWE0dBzEjl_c8--RFaskNKBfdGsOL4", + "version": "8.1.8", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15921473454" + ] + }, + "id": "15924770220", + "type": "pypi", + "name": "click", + "files": "QNYtArbah1KzNiweDfRjpvoVpaXzTPPKfvEgvf1NpqO8", + "version": "8.1.8", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177621", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "tar-gz", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177622", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "py3-none-any-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177623", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp310-cp310-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177624", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp310-cp310-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177625", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177626", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177627", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp310-cp310-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177628", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp310-cp310-win-amd64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177629", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp311-cp311-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177630", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp311-cp311-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177631", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177632", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177633", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp311-cp311-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177634", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp311-cp311-win-amd64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177635", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp312-cp312-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177636", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp312-cp312-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177637", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177638", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177639", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp312-cp312-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177640", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp312-cp312-win-amd64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177641", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp313-cp313-macosx-10-13-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177642", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp313-cp313-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177643", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177644", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177645", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp313-cp313-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177646", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp313-cp313-win-amd64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177647", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp38-cp38-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177648", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp38-cp38-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177649", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177650", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177651", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp38-cp38-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177652", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp38-cp38-win-amd64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177653", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp39-cp39-macosx-10-9-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177654", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp39-cp39-macosx-11-0-arm64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177655", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-manylinux-2-28-aarch64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177656", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177657", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp39-cp39-musllinux-1-2-x86-64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + }, + { + "diffType": "unchanged", + "base": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "head": { + "direct": false, + "toplevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ] + }, + "id": "15927177658", + "type": "pypi", + "name": "mypy", + "files": "null", + "version": "1.14.1", + "artifact_id": "cp39-cp39-win-amd64-whl", + "scores": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "capabilities": { + "env": false, + "eval": false, + "fs": false, + "net": false, + "shell": false, + "unsafe": false + }, + "size": 0, + "state": "revalidate", + "alerts": [], + "licenseDetails": [] + } + ], + "replaced": [], + "updated": [] + }, + "directDependenciesChanged": true, + "diff_report_url": "https://socket.dev/dashboard/org/test_org/diff/26533913/26533914" + } +} \ No newline at end of file diff --git a/tests/data/fullscans/head_scan/metadata.json b/tests/data/fullscans/head_scan/metadata.json new file mode 100644 index 0000000..2ccc8d2 --- /dev/null +++ b/tests/data/fullscans/head_scan/metadata.json @@ -0,0 +1,21 @@ +{ + "success": true, + "status": 200, + "data": { + "id": "head", + "created_at": "2024-12-10T23:54:14.155Z", + "updated_at": "2024-12-10T23:54:14.155Z", + "organization_id": "164600", + "organization_slug": "test_org", + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "committers": [ + "Code Author" + ], + "repo": "basic-python", + "branch": "test/big-diff-pr", + "commit_message": "added malware sticker-convert to force new_alerts\n", + "commit_hash": "be43c94d75b15a6ad2722f3b7990aeb2d34af964", + "pull_request": 1, + "html_report_url": "https://socket.dev/dashboard/org/test_org/sbom/e2b84cde-d806-43c6-8ac5-150196870f5c" + } +} \ No newline at end of file diff --git a/tests/data/fullscans/head_scan/stream_scan.json b/tests/data/fullscans/head_scan/stream_scan.json new file mode 100644 index 0000000..01edd9c --- /dev/null +++ b/tests/data/fullscans/head_scan/stream_scan.json @@ -0,0 +1,201 @@ +{ + "success": true, + "status": 200, + "artifacts": { + "dp1": { + "type": "pypi", + "name": "direct_package_1", + "version": "1.6.0", + "release": "tar-gz", + "id": "dp1", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 119, + "end": 150 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "didix21" + ], + "size": 106479, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "dp1_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/mdutils/fileutils/fileutils.py" + }, + { + "key": "dp1_alert_2", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/setup.py" + } + ] + }, + "dp1_t1": { + "type": "pypi", + "name": "dp1_transitive_1", + "version": "8.1.7", + "release": "py3-none-any-whl", + "id": "dp1_t1", + "topLevelAncestors": [ + "dp1" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "dp1_t1_alert_1", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/parser.py" + }, + { + "key": "dp1_t1_alert_2", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/shell_completion.py" + }, + { + "key": "dp1_t1_alert_3", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/shell_completion.py", + "props": { + "envVars": "" + } + } + ] + }, + "dp1_t2": { + "type": "pypi", + "name": "dp1_transitive_2", + "version": "2.0.0", + "release": "py3-none-any-whl", + "id": "dp1_t2", + "topLevelAncestors": [ + "dp1" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "dp1_t2_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py" + } + ] + }, + "dp2": { + "type": "pypi", + "name": "direct_package_2", + "version": "33.1.0", + "release": "py3-none-any-whl", + "id": "dp2", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt" + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + "dp2_t1": { + "type": "pypi", + "name": "dp2_transitive_1", + "version": "8.1.7", + "release": "tar-gz", + "id": "dp2_t1", + "topLevelAncestors": [ + "dp2" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 922627, + "score": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "alerts": [ + { + "key": "dp2_t1_alert_1", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_basic.py" + }, + { + "key": "dp2_t1_alert_2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/parser.py" + }, + { + "key": "dp2_t1_alert_3", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "click-8.1.7/src/click.egg-info/PKG-INFO" + } + } + ] + } + } +} \ No newline at end of file diff --git a/tests/data/fullscans/head_scan/stream_scan_full.json b/tests/data/fullscans/head_scan/stream_scan_full.json new file mode 100644 index 0000000..528958d --- /dev/null +++ b/tests/data/fullscans/head_scan/stream_scan_full.json @@ -0,0 +1,139329 @@ +{ + "success": true, + "status": 200, + "data": { + "artifacts": [ + { + "type": "pypi", + "name": "click", + "version": "8.1.7", + "release": "py3-none-any-whl", + "id": "12453", + "topLevelAncestors": [ + "6381179126", + "15921473454" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "QGgUfYJNz09oCLm8qOYAtnwBcXNFny4-HqMHNvEsEqeo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py" + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdKPSQkn4C_G_DI0Xz0G3CUS2vB6zfa5nxniKAg2Z6VM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/testing.py" + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QGgUfYJNz09oCLm8qOYAtnwBcXNFny4-HqMHNvEsEqeo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/formatting.py" + }, + { + "key": "QGgUfYJNz09oCLm8qOYAtnwBcXNFny4-HqMHNvEsEqeo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/_compat.py" + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/core.py", + "props": { + "envVars": "" + } + }, + { + "key": "QGgUfYJNz09oCLm8qOYAtnwBcXNFny4-HqMHNvEsEqeo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/_termui_impl.py" + }, + { + "key": "QwOGev3UtSO13ppp4MXmNMq3lIgThV85tzsdUeOcp5SI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/_termui_impl.py" + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/_termui_impl.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/decorators.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcxKf5Zo9O9Dp7brmGYOX_cmwBTdcQCeKBSgzBs5nCYE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/parser.py" + }, + { + "key": "QwOGev3UtSO13ppp4MXmNMq3lIgThV85tzsdUeOcp5SI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/shell_completion.py" + }, + { + "key": "Qf_s4b8eq0omzUlIEpEDgRuARqwr2WGmo0-98qfdOQ9Y", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/shell_completion.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "click", + "version": "8.1.7", + "release": "tar-gz", + "id": "12454", + "topLevelAncestors": [ + "6381179126", + "15921473454" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 922627, + "score": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "alerts": [ + { + "key": "QeSvbf3bY-HWvTYrkWPnnxu6RwVOuI-U4fAr2A76bdSg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/shell_completion.py" + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/formatting.py" + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/testing.py" + }, + { + "key": "Qp85XUJteuNnvfrQ3tD9ehU4krJChiZXCx84rJalfpy0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/testing.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/testing.py", + "props": { + "envVars": "" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_arguments.py" + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_basic.py" + }, + { + "key": "Qp85XUJteuNnvfrQ3tD9ehU4krJChiZXCx84rJalfpy0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_basic.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_context.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeSvbf3bY-HWvTYrkWPnnxu6RwVOuI-U4fAr2A76bdSg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_imports.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_options.py", + "props": { + "envVars": "" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_types.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_termui.py", + "props": { + "envVars": "" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_utils.py" + }, + { + "key": "Qp85XUJteuNnvfrQ3tD9ehU4krJChiZXCx84rJalfpy0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_utils.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp85XUJteuNnvfrQ3tD9ehU4krJChiZXCx84rJalfpy0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_testing.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/test_testing.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/tests/typing/typing_password_option.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/shell_completion.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/completion/completion.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/complex/complex/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/complex/complex/commands/cmd_init.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/complex/complex/commands/cmd_status.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/repo/repo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/termui/termui.py" + }, + { + "key": "Qj1oj33PTK9mtoRs7GgaBOifbPyg0OTKfAMacWKgXMa4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/validation/validation.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/_termui_impl.py" + }, + { + "key": "QeSvbf3bY-HWvTYrkWPnnxu6RwVOuI-U4fAr2A76bdSg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/_termui_impl.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/_termui_impl.py", + "props": { + "envVars": "" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/_compat.py" + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/decorators.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JYTFN6QFq9W21FySR5Gf25Eu5l0L0aIZxnwVtrZeQA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/core.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qj1oj33PTK9mtoRs7GgaBOifbPyg0OTKfAMacWKgXMa4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/parser.py" + }, + { + "key": "QV1Mj7egyFaG7S1AAY5WlKwb_38p8KS3_EoEIwhCDtAs", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "click-8.1.7/src/click.egg-info/PKG-INFO" + } + }, + { + "key": "QBzABN5Ttta5C2xywzlTAycuBn08rzq3qVQylyw3kQPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/examples/aliases/aliases.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-macosx-10-9-x86-64-whl", + "id": "26356", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 652736, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QJd-qUquaZxlEzl_oTHCCxdwA2GFZiwLZ-XESP9kYegE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QHzuPXtQt6EtGaQqxrkiXEVgWdWFCwFDOvlm4trRcj-M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QDS4S99eNAGQ1gApkSckambkjhItp8ozbvgHCitKf8fg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-310-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-macosx-11-0-arm64-whl", + "id": "26357", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 585823, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QpJGj6OSrQtaGWed7HQSgJJBrPBT0ICbYsN_fV-9GsVQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QDS4S99eNAGQ1gApkSckambkjhItp8ozbvgHCitKf8fg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-310-darwin.so" + } + }, + { + "key": "QidZYIVZDZoEwPQY0JyhSx7KSu6Dzq-mEtGshHoCPRHs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "26358", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2454839, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QPCoRciwZLyfdd93yVB_1HvWAZpSsYYvuH0ELqrZWaSQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QlYCTyWwJAKur2-qUEsyp1QrM0NGA-OztU6035VRTnC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q0bsId-6DebFl3zljRMUQ4EyPyR3ceuw16_Djqr90a8g", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "26359", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2425153, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q01ii5ggMX8QALQnG0rpqWuR0pl3_0Ql8lj7JWKSz8vk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QpxLO_ammTMGr17E95tVe3XlgyxqxRNHlVe_nlVhqq8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QsrpVbwpUfpJ_hstfuO2YThQySvB0YVP_BpknI6wsYAQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26360", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2450044, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QYzzn3C9Gd78wmTqKUqw21HJsLbgtSLt5wWZIDOdxXqE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QDbb213lFKb7Zt27R2Ysx46Y1E_VEJhGz2virEcL4Seg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Qr4rOVcMp49OGxIx8RNbTDJfntqpuQzhG0mivNQLbEoI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-310-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-musllinux-1-1-x86-64-whl", + "id": "26361", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2526973, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qyvmj4IdeFQ8H0WeuLTmfvd_98JsticdiQswOD0gJDJw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Qr4rOVcMp49OGxIx8RNbTDJfntqpuQzhG0mivNQLbEoI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7BVGVHd7j0GLwFdJJNsI9k1Dw2cMocJP5I8s-nVeyDM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-win-amd64-whl", + "id": "26362", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 459011, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QDd58VZj3VZmIDbtyRCkc9eAL9Oy0xI-rqaGJNnOzWVw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp310-win_amd64.pyd" + } + }, + { + "key": "QIQzHRj4sYq8vHaQGov7-S9BpGulWTl4WW3ckV542czA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QfA7DE1XNej7wwy8a4BSY3_N8kVOwfkmlqiwpAi5u0_A", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp310-cp310-win32-whl", + "id": "26363", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 421626, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qw7C-oz5rQ02tk8xrBwooI3EQkJqUol6u4zZ4Hwpag1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp310-win32.pyd" + } + }, + { + "key": "Q9NRSmVdBpAl6gHdpBcCIKYMhr4XVIUn4IG5twX_kLk4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QqG8CjQ6cb117GpWFhFO3Eool7t8MMmwb-jjan7NeOR8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-macosx-10-9-x86-64-whl", + "id": "26364", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 653456, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QfwdwWug5OzOIBwN4G_l2hYwvEcKWxAWxuN_wGNCqQhE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q6QvHQWYiZC2JKDigAFumy5R66KOJLdGrqgZm7JFhI4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-311-darwin.so" + } + }, + { + "key": "QMvXmkl8b2_Xs1phkr0as5oxWd6VNlmhTjqknLkRI5g4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-macosx-11-0-arm64-whl", + "id": "26365", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 585999, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QW1OuAbSJCqjcg_ic89mYy75DQ_Imt-GNE3Qz_ehk96s", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q6QvHQWYiZC2JKDigAFumy5R66KOJLdGrqgZm7JFhI4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-311-darwin.so" + } + }, + { + "key": "Qy1q9nPrn-gO8gq75MIb5vsJ-eLiD1hc2IN45cVnKKA8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "26366", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2743879, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QEGPIancHo6YTOeLKQIBGUJuI33965LTjk5q7nXfPQUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QrDXrwxSNPtoLzvb8DJW6CdnXYUZ-5oEJg9GZbtN3J8U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QoNHoScLkGNE6U5PqkvhpyLzY1-pL2lDSjTSIixaQFwM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "26367", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2712345, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q_8DfotRO1Yd_dmm9x1bbEun8GaMbiNndIYpqgzzJpN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QKHNIOsOqnDDquWnRj46nGNkhhZvd1AnUO-A2ZgaSVmM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q-5Gtz-LN5BSkPHkXotMbE3earS5dIL3tNvaWfJDecmI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26368", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2728164, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QmC8PqcqeYnZE1uu0sIOMicOxM8PlYkySUKH2R2lWkeQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QfohRG7tLmwmaDr02-sHv0TzuQ_ptnAtMQdr4QkhAJ0E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QbngRhttznIzshbNnoEklliJYH4YLTWwssjNf7UALjfE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-musllinux-1-1-x86-64-whl", + "id": "26369", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2747662, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QONqRskzn1vJMMYsbyLvL98FpLOMiEldrS2mJQMDAajI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qw6fEQVE5jqzrqMtVuGEs5EOytxZUG5lFlL_1ucgWuD4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QZ6-LXvjbsTLj3r5vwHiUxZt91JQY4qsoyiMqWF5Ufnk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-win-amd64-whl", + "id": "26370", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 457987, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q3dgXO-TUWsJV7zV4Nqk4wQDJtYdRVMhisiNq1EIsOfE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp311-win_amd64.pyd" + } + }, + { + "key": "Q74AWyhJ0aAfzAkAcaWxs58RyW-0EJJU58HRD33EstXg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QU6G2p6sW9DGVSUjeYZ4nFl_2OZKT4DRjKSuLv7T-KWE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp311-cp311-win32-whl", + "id": "26371", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 422138, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QbhkMQi1i4KUn9S4_VSu1HjmmIDCUTvejAaerXgHqn80", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q3XQ1QXUqry609SCpouomXmqlLCLo-j-cIvZF9Q1_CWE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QFtRVw154w6A3xrYwfkGqkv6R8-F8oi-21pDS36WdTpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp311-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-macosx-10-9-x86-64-whl", + "id": "26372", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 601272, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qiss9MUKiqM9X3efF--FdK5r0mJw44QJ6vvAuwnpdDh4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QlPPQ7EhaX4td3DWb0CltsFcKFMz0ivfLzM4x__LSYU0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Qarvron1Ilvv3tPX1k0ZM3-79P9y99JkOSr8rPiv1hEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-312-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-macosx-11-0-arm64-whl", + "id": "26373", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 585919, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QQ5gKZ9B49Y4bbJlimWStv1v5Yq5LlZc3xhVG6ddpo68", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Qf8cI8pmbaPjj2n0D5-oMN6xrZR-4XhoknK_SXhHdEXI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Qarvron1Ilvv3tPX1k0ZM3-79P9y99JkOSr8rPiv1hEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-312-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26374", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2591236, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qqg_WuUeDbi0oZC_pkDzAxgj7Z_Gp3Cn0wbdBR2F7LQM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QW707RAOvW_HzAjj-bQgzPrZZnqSVKsJspBKr2hA-5NM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QYUgKTaqnZrupAgvv-ayUWrZ4D7wuuxfmQde8JzxVHac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-312-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-musllinux-1-1-x86-64-whl", + "id": "26375", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2558006, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QpJPbFfesp4sm3_OgCsES8HiJnVJgBZhJLuaM5_Fd6QU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q4H8eQ0jzasAoUBrPOl0_LtUP9pcFgRsz6G1yInrWRws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QRJrdbdGEynE42gYXx67QDTMGNX7f1Mmq1mWztE6dRJE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-win-amd64-whl", + "id": "26376", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 446723, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QSI7YKrEAaUfA_NjTT5jsSDvyqwDanvBiYj9jZcZhExA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QVkMCUnsXwINDq_mIVePzhRIMWQDqvb6D9rRe6wWWZjY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QyCbnT3dUp2L2N-aJb5C-nB6fn4xmX1DGz2MccEpkIX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp312-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-win32-whl", + "id": "26377", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 422138, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q_l3zkF1tjvKRx3FudyheNkBMBwY06tXKU4NxEnoWP9A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q-ZFpaqCc1i2a4WDWBenaNgCAO-92xDBOPPzJzheimh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp312-win32.pyd" + } + }, + { + "key": "Q1SKz-Db2Xri_Bp-YcybveA8Mt0-C9OK5NB2g8nvcZUY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp36-cp36m-macosx-10-9-x86-64-whl", + "id": "26378", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 669400, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QarcrDzSFIauJCEeYOp7NDKw2kT8YgEhasx1vz3l4thE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QGeFYVemOK6lae7C6wfC1viW9F_H0-8Yq-rZRDXOacSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-36m-darwin.so" + } + }, + { + "key": "Q6KfpB_MISVabMGyrjfrKFZlYg3Ynm2NMbtSDOv1LrkQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp36-cp36m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "26379", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2467982, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QlhVc2YEjaujsCeZquskejAL3Rwb7RzLJ6y9Z7Ar4mk0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QijFSaQ9LvHDjWfarikf6MyjsC0ubHcjeSHsu-t67660", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-36m-aarch64-linux-gnu.so" + } + }, + { + "key": "QzYTrIgkx3L3ZM03dnWB1ZpBh_XmHZTlb142VxdKZ3bQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp36-cp36m-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "26380", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2439008, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QvTNaAFUEHcf08gM19oCuedHyb6f3AnQGPhYiX5F8PvU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Qxf6sjujH9w_6q-oiVOign42N8RTK4AacGBQqkvR-zgo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q8VtudDETaAjWVh4F9YXiWuO87PLEXrlTWtMtl0SUnM0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-36m-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp36-cp36m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26381", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2379467, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QpQ5mReJrp-9T3PoZwfecfTG2fOXVqSGIgOsPE7sNM0o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QYiwxDefW89x5MAgRAU9xukd85ol92fxSTIGjzzSsLtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq0U636G_6_RNUMGgmue7RXSbLBf_YcOCYX1QHGbAkv0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp36-cp36m-win-amd64-whl", + "id": "26382", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 485566, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QVaYM-bJ-ub5y3Bq9n8Mu0HePX32ynwG-Yq7BGzhSwWM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q61ZCckC96VAqZQd0l0vekqfU1aNK2FDY0CqPyQEqF9A", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QyQ2ESCnXvusPUsGye57hYgc9Xz3pHVH78YGJICMR9YY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp36-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp36-cp36m-win32-whl", + "id": "26383", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 448181, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q3ByZIOcgTHlJjwHr3BIC1yyixBemUTW0INWEmaLwGFI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QuaUORQRxK9lBhQIplKayY9Wmohwb3qZ_0hRLwZ5S6Qs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Qe7CCs3hTXY_TBdlwjrrUZqZNuem3mplOc_PpmgY2-Uw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp36-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp37-cp37m-macosx-10-9-x86-64-whl", + "id": "26384", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 669543, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q0lVm_f6zBuRTL0r4Jjke0bFOHnrUuUbPqzEhMWOBdP8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QSH8KXPEyPLDswko0NlMpVBtSr4OabZGIOuwdTslvtWM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QmwoMKYjsLaufWblU3-b9nM41wTdrCsT9kev0u0hAOYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-37m-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp37-cp37m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "26385", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2429069, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q1APDOeSOtlNMoDpeRW8wKv_TCWDX7WM6v7cnZ16jkfA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q3j_9Clhb8vTSe6mYO42lnIOXqXUwtgfyKlpXuq2wTZc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QTtxYLj4nKjA2TKGZrXzRngPTr-iatV2P9hzdl8oSEzM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-37m-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp37-cp37m-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "26386", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2386103, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QkEg3K9zsDMDuNGY2PVsuSVn6wPaCFi0FtraeUbCBLeU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QP5Nm368DzNTbXzHu4Kbn0FRk7Z_sO1_2puzVZcWH9nA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-37m-s390x-linux-gnu.so" + } + }, + { + "key": "QWixnZIt-OhUc-yfMewmXq4Mi_O-0hmAsmSTGkohmi04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp37-cp37m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26387", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2353442, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q5OvDKYBSBVVTnLRWTiW8_xeRP8xbHUR3T9DJtDYw5pI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QO2D5BPLkix5f1aqttoKCCAxdIZ81mDEM2kxzlzRaOdE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QbCphTs_Hc2QLgzFnkEc7-Z-mrZbpOhhGiVzGTP1tjmQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp37-cp37m-win-amd64-whl", + "id": "26388", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 485612, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QTV43TGxrtYAtk2kN12lShYPiu5O6hjcKsxGIy6RKSF8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QNuWQNjm9WeAITHkwHgB9L3YP3KLBHBfVTfr81-z0aVM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp37-win_amd64.pyd" + } + }, + { + "key": "QzaRRBdgSSIGG6RbvnmbwRfQ0q561QRxqGt64h3uVeBA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp37-cp37m-win32-whl", + "id": "26389", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 448227, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QLxmLxFkiO3ve35gWldCu6-ubKxZVKnSUJq96VeZfmjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp37-win32.pyd" + } + }, + { + "key": "QxHM_vNOGLY9wbIOSqIxp_XAnjkDvBaWY0sIkDiJeKYQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q4_M7twWJPzT9318mIkoZjvXkz9CwCwz16G2IE9nZidc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-macosx-10-9-x86-64-whl", + "id": "26390", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 669693, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QBETGUBBVgkTNsNGT3frv48MvFqwXkTSnwJNnNifl0T4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QZDNPCBEbO2NJSHoPhpNchyV1wrzuEned8XPZl8ibG9Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QBZx98GrjNUj87g_CIr_CW_IUSFmhkR9NrxRHu-OciVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-38-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "26391", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2706250, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QfeQ3Kumhqq4APFL9y0HrWr3wjaIY6Cwz0O_BtlumWIQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QnOMnyUdA4lp3wy__22o_tncKFJP1D5BKpaT5uRNKvYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Q_TcSIGKzLtusqezy9O9WCS5s5M2Vtp6e9EhiJOz0g3Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "26392", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2652756, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QeOh_mnakMgO-uDJ_JLmP8AHWGaPWMPgR3v5P0KQlh2Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QqYIuFRJKS9-od5jhzzxTmwvNsMzXFf7B_aNjapK8y0E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QObUhJUB6U1qVvLey4aqEPGSo0jCO3YfHlJBZzToCHXE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-38-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26393", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2621503, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QkSS77nUlEoeJuvgPJbSGAIzumAKSR54I_UVp-JVm3qU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QqYWrs5XAjfKTI3OHJLL1TVF3m4f-v0MlS3a6uqTq8J8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRr_jDMDfwfOSwnhlbQTQc11rU8T4w8gJ0Vt5mwhzjiw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-musllinux-1-1-x86-64-whl", + "id": "26394", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 3401834, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QqYWrs5XAjfKTI3OHJLL1TVF3m4f-v0MlS3a6uqTq8J8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn1NdDUH5n2pBqqjQz-G13aDXvHFHf0z6l8wl__gAYLY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q2UtUKdiNV0lGXs5JuA1U0UDuZECXeOtAWoCs7B0Z3c4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-win-amd64-whl", + "id": "26395", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 489707, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QQ92xzEe0TljkWC9ys2PaNqaqr94t4w0R3R2kECrPL-U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q5saypQT0mATgxtX2hdPBaOsfWR35KWa224r3LONwxpA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QtfuB7EUlW_dTFCPqDEzx2EkIs73gia9z4ftyOIsRXhQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp38-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp38-cp38-win32-whl", + "id": "26396", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 447714, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q38nMT7JDXHfdMckR__6c-3jvunf5kl6T3Euquqlk46Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QOWAUxMn4LKpK0KCKqWFLa_FMO8ZuzBNLl2GV8UMgzyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp38-win32.pyd" + } + }, + { + "key": "Ql9iR_9L4C_UjzEZIjp8iAtGS0Eu7fpnVegni5HzHQ2o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-macosx-10-9-x86-64-whl", + "id": "26397", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 686125, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QWp8Vf1IL0T8fmnJkAD3p4JUJ4kE_qYFzizVLu5nXKrA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QZ23tCzxWtgwHu53EQ1k3DLFTNKrqhyftVRfddZ2lH4Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q31L4S0TMRpKd-Bif7qpZe7pcQ4cO-bfI_NRdKxD736E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-39-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-macosx-11-0-arm64-whl", + "id": "26398", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 602843, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QJej4ExlCKNvFRgjQTIfIqRid2amS4TMvqahCP5kBPf0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q31L4S0TMRpKd-Bif7qpZe7pcQ4cO-bfI_NRdKxD736E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-39-darwin.so" + } + }, + { + "key": "QiI4LKnq_ak5AuRJ2QuQL-2S3J0x8bzSeGWMEjZ44HxU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "26399", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2696034, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q5NAHvY94fg1kEP07plDH-MmJQIBqwgnH_jDLcBNvrAw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QB7uo-P6vgWiYCGp6zwRniVH9_wI7e-C9fE49OpBlMro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QSPSW1xfWjIt8sCfXe9nSDGKh54fuP5zg8GQaqh9BDT0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "26400", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2632852, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QM7LqRdy8PrXtJBimydetdkX1LK-yy4c-Yq1AKspLU2c", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QdIApTkmhRW1I5VqTsQ-76RofYj29tfOrDBCoqCk2qxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q5l0gr98FsDQ9Au2NoNYVPOThXObFvdFpqZrXG22p8cQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "26401", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2595095, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QSzZubtcORtOCb-rIugOEv0Wvg2W1wOLOCLfU3MI-Qtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-tJaCco9yGJn7lyIDiaUPwm5zaO210col0gaxCUk8dI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Q2MXP83QMrKgh_Y7TtdaxL774HkNUONksHW3pziJO6FE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-musllinux-1-1-x86-64-whl", + "id": "26402", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2689626, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QGU_GjVfFOHup54fzM3vmANU2WsH7ornzQmJEJeyvAFE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QSzZubtcORtOCb-rIugOEv0Wvg2W1wOLOCLfU3MI-Qtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0AtQXkg5xlapP9d9LenNQR5K8oZ5QC5HmLm3QMSesAo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-win-amd64-whl", + "id": "26403", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 475906, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QlLyPbJLTHUcRpvwGgbKl0XxEqcNW_DWd8_3bcoJOUaI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp39-win_amd64.pyd" + } + }, + { + "key": "Q3h2JnFHnhYtpGFO6hQxuSlR6Ve82YT7CAi-910UOIjM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "Qd_ldUkGlnDleuNU2_OvHHePWGGPVEFBj81a6_BnJEA8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp39-cp39-win32-whl", + "id": "26404", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 438009, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qhmxg5zV6aUJFxqs_dBG8IM4v6PF09PlbaQHAlmlsuyI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "Q0g5_PVV-KLFFCk2-V1l7V3SBQH2XRGz3j7_8GX3LtaU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + }, + { + "key": "QoFmATbSxRToQiXZIUDlXF9wj2lBLby6NfK75Sbgkokc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cp39-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "tar-gz", + "id": "26405", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 596328, + "score": { + "supplyChain": 0.36, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.36 + }, + "alerts": [ + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_canonical.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_constructor.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_constructor.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_emitter.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_errors.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_errors.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_input_output.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_mark.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_multi_constructor.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_multi_constructor.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_reader.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_yaml_ext.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_representer.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_recursive.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_tokens.py" + }, + { + "key": "Qh1GPYGiM7FfYrwuQZWkkpOCrTnfIlCahLQW-PHKPiec", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_structure.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_structure.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_schema.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_resolver.py" + }, + { + "key": "QCn3a8M7gWvUhhgC1mxe6d6gOgIZ4c6U79cAeARgdc_k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "PyYAML-6.0.1/tests/data/invalid-character.stream-error" + } + }, + { + "key": "QEYwrm14JDOl_TdnsDuQC-qerOtV3zupjtaCIb-Q8Rpo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "PyYAML-6.0.1/tests/data/spec-05-02-utf16le.data" + } + }, + { + "key": "QL4U5HGCv4RvOM_5YP1t1rp8wFuakgFsro6yzhX8nowA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "PyYAML-6.0.1/tests/data/invalid-character.loader-error" + } + }, + { + "key": "Qm_tbpR88XJvLLgK7tDvKCD6hhvdXDI8F1VMJkcFnOJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "PyYAML-6.0.1/tests/data/spec-05-02-utf16be.data" + } + }, + { + "key": "Q_xsm_ssn0bg-8juqAnV4lBu_64Q-f0EmDNLrXAVOx0s", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/lib/yaml/scanner.py" + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/lib/yaml/serializer.py" + }, + { + "key": "QmvwXb2083iz2SxMnFIg2DJyKiYq3uurTimeJbEN7WeA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZjd0wJNjjzcOaf8gAXHUPBr2Erx9rt1LZ9o-NA5yZy0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_appliance.py" + }, + { + "key": "QmvwXb2083iz2SxMnFIg2DJyKiYq3uurTimeJbEN7WeA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_appliance.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmvwXb2083iz2SxMnFIg2DJyKiYq3uurTimeJbEN7WeA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "PyYAML-6.0.1/tests/lib/test_yaml_ext.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "colorama", + "version": "0.4.6", + "release": "py2-py3-none-any-whl", + "id": "69439", + "topLevelAncestors": [ + "6381179126", + "15921473454" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "tartley", + "wiggin15" + ], + "size": 77669, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "Q2MhoCFyzsb1I1poFpR5wz3FfH7nCetTyFsrYnI_uE1E", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "colorama-0.4.6.dist-info/METADATA" + } + }, + { + "key": "Q1O4uX2QNXOqAMOWJ6ifXEMKijEy4A0BlyHPOwgUQvco", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "colorama/tests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1O4uX2QNXOqAMOWJ6ifXEMKijEy4A0BlyHPOwgUQvco", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "colorama/ansitowin32.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "colorama", + "version": "0.4.6", + "release": "tar-gz", + "id": "69440", + "topLevelAncestors": [ + "6381179126", + "15921473454" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "tartley", + "wiggin15" + ], + "size": 115698, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "QrI556vIFUiV9G8i_BlbG4qi4FtqFIcJvm1dDY1Wa9ME", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "colorama-0.4.6/colorama/tests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrI556vIFUiV9G8i_BlbG4qi4FtqFIcJvm1dDY1Wa9ME", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "colorama-0.4.6/colorama/ansitowin32.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "iniconfig", + "version": "2.0.0", + "release": "py3-none-any-whl", + "id": "70739", + "topLevelAncestors": [ + "6381179126" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "hpk", + "ronny" + ], + "size": 13010, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "QCDudgmy428ANlL7AJMjnU5CfgDc8N1KOFAQAxb4bYCo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "iniconfig/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "iniconfig", + "version": "2.0.0", + "release": "tar-gz", + "id": "70740", + "topLevelAncestors": [ + "6381179126" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "hpk", + "ronny" + ], + "size": 15435, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "QC--Em3J1dn9_0bfnTGuR0K5lWYjRIWnVWv6tXZ657vI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "iniconfig-2.0.0/src/iniconfig/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "requests-toolbelt", + "version": "1.0.0", + "release": "tar-gz", + "id": "75379", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 69, + "end": 93 + } + ], + "topLevelAncestors": [], + "license": "Apache-2.0 AND MIT", + "licenseDetails": [], + "author": [ + "graffatcolmingov", + "quentinp" + ], + "size": 504179, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/utils/dump.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_x509_adapter.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_x509_adapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_ssladapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_socket_options_adapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_sessions.py" + }, + { + "key": "QB4RRr2G4Yy4ia6-IdPi0STLfEpYk3YOPWRqAJ1zxx7E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_formdata.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_forgetfulcookiejar.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_forgetfulcookiejar.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_host_header_ssl_adapter.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_fingerprintadapter.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_proxy_digest_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_proxy_digest_auth.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_multipart_encoder.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_multipart_encoder.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_multipart_decoder.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_dump.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_downloadutils.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_downloadutils.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_auth_handler.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/tests/test_auth.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/utils/deprecated.py" + }, + { + "key": "Q7Oex74POJaLRRRiAaUhH3lleAVKn8S4xzAgq89rNCOo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/setup.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/setup.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/sessions.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/multipart/encoder.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/threaded/pool.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/downloadutils/stream.py" + }, + { + "key": "QwyQ8s5ka6qExZbgVvjb9ApVzP2DHLKSSsXAHJa0IqeI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/downloadutils/tee.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/cookies/forgetful.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/x509.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/x509.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/ssl.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/guess.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/guess.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/http_proxy_digest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/http_proxy_digest.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/auth/_digest_auth_compat.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/adapters/socket_options.py" + }, + { + "key": "Q0A8a3CkRtsoVz3AMM3ffKXKXvRg6ndwblHUKSYfuDw8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/requests_toolbelt/_compat.py" + }, + { + "key": "QeK7gFtgLJ9oUcWzPYL73o7t0f9FblikzuBgvkIbG6dI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-toolbelt-1.0.0/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSM4ucs4hA1it7jhEpxeoTfDCkuiWEa2-wMkGZWmr2tE", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "requests-toolbelt-1.0.0/requests_toolbelt.egg-info/PKG-INFO" + } + } + ] + }, + { + "type": "pypi", + "name": "requests-toolbelt", + "version": "1.0.0", + "release": "py2-py3-none-any-whl", + "id": "75380", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 69, + "end": 93 + } + ], + "topLevelAncestors": [], + "license": "Apache-2.0 AND MIT", + "licenseDetails": [], + "author": [ + "graffatcolmingov", + "quentinp" + ], + "size": 145899, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/auth/_digest_auth_compat.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/adapters/appengine.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/adapters/ssl.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/adapters/socket_options.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/_compat.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests_toolbelt/auth/guess.py", + "props": { + "envVars": "" + } + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/auth/guess.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests_toolbelt/cookies/forgetful.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q3gNpdJAvG8qVyy0BpVff7RasyjYqpQHtk9okjXorEyA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests_toolbelt/downloadutils/stream.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests_toolbelt/adapters/x509.py", + "props": { + "envVars": "" + } + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/adapters/x509.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/utils/deprecated.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/sessions.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/multipart/encoder.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/utils/dump.py" + }, + { + "key": "QcFwEHKMCYtMpvfJxdSzcbhDxkxeCsxHQtS6A4d17HPU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests_toolbelt/auth/http_proxy_digest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/auth/http_proxy_digest.py" + }, + { + "key": "Q3gNpdJAvG8qVyy0BpVff7RasyjYqpQHtk9okjXorEyA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests_toolbelt/downloadutils/tee.py" + }, + { + "key": "QB8klTe0bzDWJ9zku1LiDobvajYkEjRlJGNUn1rMVBbc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests_toolbelt/threaded/pool.py" + } + ] + }, + { + "type": "pypi", + "name": "tabulate", + "version": "0.9.0", + "release": "py3-none-any-whl", + "id": "76055", + "topLevelAncestors": [ + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "Sergey" + ], + "size": 131468, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.99, + "overall": 0.96 + }, + "alerts": [ + { + "key": "Qumwfec7PkuvE_7jjx7rUuwXel6uRc1A38lFGkAI-eG8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk" + }, + { + "key": "QDLvC9a1uQ6PApeOOrJ7G6HsaqPpQYENjXMn0dTWc7Tg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "tabulate", + "version": "0.9.0", + "release": "tar-gz", + "id": "76056", + "topLevelAncestors": [ + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "Sergey" + ], + "size": 379878, + "score": { + "supplyChain": 0.9, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.99, + "overall": 0.9 + }, + "alerts": [ + { + "key": "QYFXRm58f6115_0xXUOD59cUMF3d6mIDzoP2VGSISXb8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk" + }, + { + "key": "QmAxptwpfnmFgTPQ9ioK3BX7NgGk-00ytC-UczF1YlVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "props": { + "envVars": "" + } + }, + { + "key": "QXckfoAM4xgrzz0hem-Js9twuXixkfWNZouj-Ozsp2a4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk" + }, + { + "key": "QZDfyAwumQB4vs1ixHPhmB5rTo01go47BuaAzBjqq-pk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk" + }, + { + "key": "QCkYU3fan9fjjzVOD5jiB500siGwh4IfpicnpqdGquys", + "type": "gptAnomaly", + "severity": "low", + "category": "supplyChainRisk", + "props": { + "risk": "medium", + "notes": "The code contains multiple potential security risks, including unauthorized file writes, command injection, information leakage, and code injection. It should be reviewed and modified to ensure proper input validation, sanitization, and secure handling of user input. The presence of 'eval' raises concerns about the safety and security of the code.", + "severity": 0.7, + "confidence": 0.8 + } + } + ] + }, + { + "type": "pypi", + "name": "polib", + "version": "1.2.0", + "release": "py2-py3-none-any-whl", + "id": "3692731902", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "izi" + ], + "size": 78958, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "QNNYnYEq3apRNml2wLbN5vgp9tlfyQpHo0qpzHhyHfIU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "polib.py" + } + ] + }, + { + "type": "pypi", + "name": "polib", + "version": "1.2.0", + "release": "tar-gz", + "id": "3692731903", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "izi" + ], + "size": 553071, + "score": { + "supplyChain": 0.64, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.64 + }, + "alerts": [ + { + "key": "QX6HWD-sfa11tRffvUi_wPTs23ppjIv_lIImuhdfkCwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "polib-1.2.0/tests/tests.py" + }, + { + "key": "QiMOQlY_N1y_pMZrXVSuRvYX40xqvZpciTHS_YyH5pt8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "polib-1.2.0/tests/tests.py" + }, + { + "key": "QiMOQlY_N1y_pMZrXVSuRvYX40xqvZpciTHS_YyH5pt8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "polib-1.2.0/polib.py" + }, + { + "key": "QyLE-sHSB6a4sIJT2xPV9HQy2BF7T4-tjXaH6YgUcjvk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "polib-1.2.0/tests/test_msgctxt.mo" + } + }, + { + "key": "Qnld52pwcGfE4OEAWYWjxupACxSlwqkjPtU7KyE2ATGM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "polib-1.2.0/tests/test_iso-8859-15.mo" + } + }, + { + "key": "QgOh4V_RJCMXZ5BfLxr9WGFd_E_D0YmhQIsLsnvdpt1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "polib-1.2.0/tests/test_no_header.mo" + } + }, + { + "key": "QfU2ooNCCx40J0AVoSphv-McSMhFhTT9D8d80u7YaVLQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "polib-1.2.0/tests/test_version_1.1.mo" + } + }, + { + "key": "QdPhblTQspPcJ8aHP9Auqgq5cOiNPEt3nvvKgtMaCPmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "polib-1.2.0/tests/test_invalid_version.mo" + } + }, + { + "key": "Q2iwiUaEdZfBhbfBvuLgnm2Z--XDrJw-VbruXEpKqviE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "polib-1.2.0/tests/test_utf8.mo" + } + } + ] + }, + { + "type": "pypi", + "name": "wcwidth", + "version": "0.2.13", + "release": "py2-py3-none-any-whl", + "id": "4451705018", + "topLevelAncestors": [ + "15921473454" + ], + "license": "HPND-Markus-Kuhn AND MIT", + "licenseDetails": [], + "author": [ + "jquast" + ], + "size": 501027, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.9, + "overall": 0.98 + }, + "alerts": [ + { + "key": "Qxife_KCTgDGNe6wZanDMArnsMdHRkflEKbUCPmLN5-E", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "HPND-Markus-Kuhn" + } + }, + { + "key": "QIu1bCRZdVyKlNEE70lVV4inFMAkiwkfCjfIMkAgFVPw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "wcwidth/wcwidth.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "wcwidth", + "version": "0.2.13", + "release": "tar-gz", + "id": "4451705019", + "topLevelAncestors": [ + "15921473454" + ], + "license": "HPND-Markus-Kuhn AND MIT", + "licenseDetails": [], + "author": [ + "jquast" + ], + "size": 952091, + "score": { + "supplyChain": 0.88, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.9, + "overall": 0.88 + }, + "alerts": [ + { + "key": "Qcfj_ABrO9EIyMzoweq6DFFSctqmpYhssMPMpEx4naAY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "wcwidth-0.2.13/wcwidth/wcwidth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qxife_KCTgDGNe6wZanDMArnsMdHRkflEKbUCPmLN5-E", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "HPND-Markus-Kuhn" + } + }, + { + "key": "QjW3xc6f5JUyayynquLyG26amlYQFsLlc7g0I-KWjrkA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "wcwidth-0.2.13/bin/update-tables.py" + }, + { + "key": "QLHfwp5XeCjfwG6BCskPgoiu2eSxVS99gRs_mZMB8p_4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "wcwidth-0.2.13/bin/update-tables.py" + }, + { + "key": "Qcfj_ABrO9EIyMzoweq6DFFSctqmpYhssMPMpEx4naAY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "wcwidth-0.2.13/bin/update-tables.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpJXEjX34MXP08GJZ6SM5IbR8pst149DQudh1V4_fv6I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "wcwidth-0.2.13/tests/test_table_integrity.py" + }, + { + "key": "QpJXEjX34MXP08GJZ6SM5IbR8pst149DQudh1V4_fv6I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "wcwidth-0.2.13/setup.py" + } + ] + }, + { + "type": "pypi", + "name": "beautifulsoup4", + "version": "4.12.3", + "release": "py3-none-any-whl", + "id": "5238328965", + "topLevelAncestors": [ + "15835012723", + "15921473454", + "15921496871" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "leonard" + ], + "size": 618628, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qz34J4qUB6ev-zxfKJ3Rei_88XkmkfMaAIXHzRZ2AZC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5000587759190016.testcase" + } + }, + { + "key": "QXXFBXGUpv95IWV-f9QU5H_WEq5DMX6kzb5Fhxfsep3A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6450958476902400.testcase" + } + }, + { + "key": "QPoTMi6kcq4_gyALR2SLUiAM53Ua6NFsSyK4PfMsFZJQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5270998950477824.testcase" + } + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/tests/test_tree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMHNCGXNlwHA2kuI7KW7p582yRkOfoZfPwmrd7g3DzzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5167584867909632.testcase" + } + }, + { + "key": "QkgqQ4kAVMoGFGqQ-G85AbuqZtDoiVSFDmJCOQegtYVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/crash-ffbdfa8a2b26f13537b68d3794b0478a4090ee4a.testcase" + } + }, + { + "key": "QJS3I-DeFeZFMpjdYlDhbGYbIVxIDGJqeXDmQ38rMqJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5492400320282624.testcase" + } + }, + { + "key": "Qjcb8hRj_P-sPmE6LweA8vL51hE78J5YAYO2-C1QGC5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/crash-0d306a50c8ed8bcd0785b67000fcd5dea1d33f08.testcase" + } + }, + { + "key": "QCHx8XTXAWW2VleYCejDdhMutIjWW-Z-1i7uZ5TYytCM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6600557255327744.testcase" + } + }, + { + "key": "QPHistkLbSv74d7J9xzNaWmEmam4Uwcb3PhcpZedvyR0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5984173902397440.testcase" + } + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/tests/test_soup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/tests/test_soup.py" + }, + { + "key": "QksrErBjwXLshdhrt-qTwcJE8fjl4eG3KXsmFkxmtOjE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/tests/test_soup.py" + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/tests/test_htmlparser.py" + }, + { + "key": "QksrErBjwXLshdhrt-qTwcJE8fjl4eG3KXsmFkxmtOjE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/tests/test_fuzz.py" + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/tests/test_dammit.py" + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/tests/test_builder_registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QEgT_OnYA63eF_UJeGFtib8rEi_RPCw9WQ7W0IpOVyFY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/element.py" + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/diagnose.py", + "props": { + "envVars": "" + } + }, + { + "key": "QksrErBjwXLshdhrt-qTwcJE8fjl4eG3KXsmFkxmtOjE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/diagnose.py" + }, + { + "key": "QKkymhXA6lXa5dRQtMwDzDRbI4BrXzzeHlk_Z_CbgQQQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/css.py" + }, + { + "key": "QNREZ2jPS-OrZ-EJOZeSGcl0zjHi9Gls0WZH2MXRiFVY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/builder/__init__.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "beautifulsoup4", + "version": "4.12.3", + "release": "tar-gz", + "id": "5238328966", + "topLevelAncestors": [ + "15835012723", + "15921473454", + "15921496871" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "leonard" + ], + "size": 2100439, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "Q8xeh2pvifHIcb7qQUKht6qwLRFwp5x3ZVHr1ww622a4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5270998950477824.testcase" + } + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_tree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_soup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_soup.py" + }, + { + "key": "QvN7ZrgYcR16sjKlb5W0tZ6X0kPaDLRwqPe4PUWHEhJQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_soup.py" + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_htmlparser.py" + }, + { + "key": "QvN7ZrgYcR16sjKlb5W0tZ6X0kPaDLRwqPe4PUWHEhJQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_fuzz.py" + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_dammit.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/tests/test_builder_registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsE4beu9TiYhetDl-t9Ad1BH4jIAiZZb6FKvl-hWpSXw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/element.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/diagnose.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvN7ZrgYcR16sjKlb5W0tZ6X0kPaDLRwqPe4PUWHEhJQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/diagnose.py" + }, + { + "key": "QDIAbhqe7a-nej_R0cKlyeWP9bLt9Z2Fn7uGdJF-oLTg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/css.py" + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/builder/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKQu1Qic-R7Ogc8_dlP1rmtOy-89JARUB0y2leL87DT0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "beautifulsoup4-4.12.3/bs4/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qyzw_J1k10-MOI7YTnQ4DO3pEvRSh6uiNhfkjEZZc4Gw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6600557255327744.testcase" + } + }, + { + "key": "QxpkLYDJr2nBtAzk_p2KHHvHmRwHUvPwOK7h_q46nmDU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-6450958476902400.testcase" + } + }, + { + "key": "QVB5qGQQ3MnRr2HFhkTGs1QNDVE91UNv6SaJuns32NpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5492400320282624.testcase" + } + }, + { + "key": "QPZgNhL4bGSPvhcaZfGmCS1J4QFIVx4nfcY9PisZKXX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5167584867909632.testcase" + } + }, + { + "key": "Q6nd6WpGL8y4MVZ-kYxtl1GrsWiTVrTuvG257b3SUpyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5984173902397440.testcase" + } + }, + { + "key": "Q4uQTdRk_IR7XvOfmB6mHBtqqjufD1WxpaDYg2VIK9cQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/crash-0d306a50c8ed8bcd0785b67000fcd5dea1d33f08.testcase" + } + }, + { + "key": "Q1PdKV8Aron8XiU0PlKNXBPHd4kSJy34htMYcxna9CWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/clusterfuzz-testcase-minimized-bs4_fuzzer-5000587759190016.testcase" + } + }, + { + "key": "Q0ryhISrKyyeKvbmEwNvtXADoWR9Q6t0n12Ty5W3HmtU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "beautifulsoup4-4.12.3/bs4/tests/fuzz/crash-ffbdfa8a2b26f13537b68d3794b0478a4090ee4a.testcase" + } + } + ] + }, + { + "type": "pypi", + "name": "pyyaml", + "version": "6.0.1", + "release": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "5352608745", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 55, + "end": 68 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "ingy", + "nitzmahone", + "tinita" + ], + "size": 2626487, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q2Yn-GhR51srj3A_UHahZOTCwc5Jm4riyudJQPUUb3UA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "yaml/_yaml.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QFmdQI2E_eHxAWMoB9EqZaACmB5BytEnWgjgtgqfOBcA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "yaml/scanner.py" + }, + { + "key": "QXQEP51-ahODxQ_TX0JZ_Fd-15H2Cz_l9TVMeoIKTxss", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "yaml/serializer.py" + } + ] + }, + { + "type": "pypi", + "name": "python-dotenv", + "version": "1.0.1", + "release": "py3-none-any-whl", + "id": "6381179125", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 14, + "end": 34 + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "bbc", + "theskumar" + ], + "size": 54258, + "score": { + "supplyChain": 0.91, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.91 + }, + "alerts": [ + { + "key": "QmzvRivT8zXKLdWP2g2uAMmxqJARRdnR_cDQ6JhSwH9U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "dotenv/cli.py" + }, + { + "key": "Q85b05Bf77lzSzVqzDcMha_VXdzE67p5CjM3tWxd_3AM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "dotenv/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmzvRivT8zXKLdWP2g2uAMmxqJARRdnR_cDQ6JhSwH9U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "dotenv/main.py" + }, + { + "key": "Q85b05Bf77lzSzVqzDcMha_VXdzE67p5CjM3tWxd_3AM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "dotenv/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q515KD_Q3GEfxBsbQP4h3Z28Vr1oF_Ftb5fU_IgxPLrg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "dotenv/cli.py" + } + ] + }, + { + "type": "pypi", + "name": "python-dotenv", + "version": "1.0.1", + "release": "tar-gz", + "id": "6381179126", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 14, + "end": 34 + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "bbc", + "theskumar" + ], + "size": 160044, + "score": { + "supplyChain": 0.8, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8 + }, + "alerts": [ + { + "key": "Q1gqCnXMOL2YDTvOzd5Khj-Dxyn1xn36Soo6_dH8eQ00", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/setup.py" + }, + { + "key": "Qq4cR7p7yDDg75HHk9sNlMVCPXgNttPWKyTkGVfALK9Y", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "python-dotenv-1.0.1/src/python_dotenv.egg-info/PKG-INFO" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIsmf_-O8jCpdkAaoTjritaoKJJbcG6edA3Mfqxp9-fs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/src/dotenv/cli.py" + }, + { + "key": "QOx-bAdQcdC3CL5kvcQgJa3TTiAhIudkVjyiyHMB04DE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/src/dotenv/cli.py" + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/src/dotenv/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIsmf_-O8jCpdkAaoTjritaoKJJbcG6edA3Mfqxp9-fs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/src/dotenv/main.py" + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/src/dotenv/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/tests/test_cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/tests/test_ipython.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/tests/test_utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/tests/test_zip_imports.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOeOMGRYQ8xlhRGmlkVQAqnbS2j-HJXKAwjx3QCIbRcQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/tests/test_main.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mdutils", + "version": "1.6.0", + "release": "tar-gz", + "id": "9191613312", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 119, + "end": 150 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "didix21" + ], + "size": 106479, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "QHRcl3Pk__3G-oxUrJnw_YWWqhTicRvDstEJMqTydOi0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/mdutils/fileutils/fileutils.py" + }, + { + "key": "QHRcl3Pk__3G-oxUrJnw_YWWqhTicRvDstEJMqTydOi0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/setup.py" + } + ] + }, + { + "type": "pypi", + "name": "html2text", + "version": "2024.2.26", + "release": "tar-gz", + "id": "10731537839", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND GPL-3.0", + "licenseDetails": [], + "author": [ + "Alir3z4", + "jdufresne" + ], + "size": 189283, + "score": { + "supplyChain": 0.94, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.94 + }, + "alerts": [ + { + "key": "QzLlvu-vv2bUOAXV3bfrmS8hUpZwT9yPdqQoWGjbUvuM", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "Q85i8SCCSAdXkKH-GUfcw-jToxPqO4cODHsSZ5idoGC4", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "License :: OSI Approved :: GNU General Public License (GPL)" + } + }, + { + "key": "QS0fhDaCodelAimvChXQx04UF8CpOamyNayB2lndQrUc", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: GNU General Public License (GPL)", + "filepathOrProvenance": "html2text-2024.2.26/html2text.egg-info/PKG-INFO" + } + }, + { + "key": "QiLSIKwnPwWdM-yiG0it02kJLrXuofwZni9dY6U1Wnac", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QOvALb4ibRa0TUB8bqjCMOaYKzegZZ3XSubkpCeW-V4U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "html2text-2024.2.26/test/test_html2text.py" + }, + { + "key": "QOvALb4ibRa0TUB8bqjCMOaYKzegZZ3XSubkpCeW-V4U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "html2text-2024.2.26/html2text/cli.py" + }, + { + "key": "Q7qHoRX9v0plzEHHBEJKsg5s1heivQ9B15AIdpLQAzU4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "html2text-2024.2.26/test/test_html2text.py" + }, + { + "key": "Qd3vPTVQWjUUlcWGW4CdLdD5mkt1-KU12wPNcf6vN9T0", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "License :: OSI Approved :: GNU General Public License (GPL)" + } + } + ] + }, + { + "type": "pypi", + "name": "python-dateutil", + "version": "2.9.0", + "release": "py2-py3-none-any-whl", + "id": "11011800073", + "topLevelAncestors": [ + "15917547152", + "15921473454" + ], + "license": "Apache-2.0 AND BSD-3-Clause", + "licenseDetails": [], + "author": [ + "dateutilbot", + "jarondl", + "pganssle", + "tpievila" + ], + "size": 441767, + "score": { + "supplyChain": 0.9, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9 + }, + "alerts": [ + { + "key": "Qps-_inP44SPpJqZ2RHHQ-BDArFSOjp0y7aJrPRL0LgU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "dateutil/tz/tz.py", + "props": { + "envVars": "" + } + }, + { + "key": "QT0iJF9hqLmiVUiN-WjKFp0pxnngLlpdga20Wp7ViWkM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "dateutil/zoneinfo/rebuild.py" + }, + { + "key": "QnryEU01rqi36YwGr5h6LJ_hG-Hy0jExv3Q4jyIuK1bk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "dateutil/zoneinfo/rebuild.py" + }, + { + "key": "Q5SH_5Bs7NbMwEa8TEAQzvbKMVhBUPlS2hoMu4ekVIuo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "dateutil/zoneinfo/dateutil-zoneinfo.tar.gz" + } + }, + { + "key": "QT0iJF9hqLmiVUiN-WjKFp0pxnngLlpdga20Wp7ViWkM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "dateutil/tz/tz.py" + } + ] + }, + { + "type": "pypi", + "name": "python-dateutil", + "version": "2.9.0", + "release": "tar-gz", + "id": "11012426660", + "topLevelAncestors": [ + "15917547152", + "15921473454" + ], + "license": "Apache-2.0 AND BSD-3-Clause", + "licenseDetails": [], + "author": [ + "dateutilbot", + "jarondl", + "pganssle", + "tpievila" + ], + "size": 1078120, + "score": { + "supplyChain": 0.77, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.77 + }, + "alerts": [ + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/src/dateutil/tz/tz.py" + }, + { + "key": "Q3Oq9rHV7ehytRxKWt5zi94ldIA-GDh7a3Jsc1Qo2pkM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/src/dateutil/zoneinfo/rebuild.py" + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/src/dateutil/zoneinfo/rebuild.py" + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/src/dateutil/tz/tz.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/ci_tools/make_zonefile_metadata.py" + }, + { + "key": "Q5zVBT5cDVKilR4dnKe-ahAY2liSulRMjOLC-FGSZCEY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "python-dateutil-2.9.0/src/dateutil/zoneinfo/dateutil-zoneinfo.tar.gz" + } + }, + { + "key": "QYb3cO711L7WHkzRtN2-IGRoIhw2KsxR3FmzzFgVjdnw", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "python-dateutil-2.9.0/src/python_dateutil.egg-info/PKG-INFO" + } + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/tests/_common.py" + }, + { + "key": "Q3Oq9rHV7ehytRxKWt5zi94ldIA-GDh7a3Jsc1Qo2pkM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/tests/_common.py" + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/tests/_common.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2ltejAg4L0obMoIdFu_d5AbzIkyyYh8wUB-kG095QYw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/tests/test_parser.py" + }, + { + "key": "Q6suUfZM3qLy0f-_v8gC-lEQ8Qya-VIeEP36OntEuiiY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/tests/test_tz.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q35P47B0EgiploGH2iI8YFDGSxmC0n5OzkXfkL12yqVI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "python-dateutil-2.9.0/updatezinfo.py" + } + ] + }, + { + "type": "pypi", + "name": "requests", + "version": "2.32.3", + "release": "tar-gz", + "id": "15590656246", + "topLevelAncestors": [ + "75379", + "6381179126", + "15835012723", + "15917547152", + "15921473454", + "15921496871" + ], + "license": "AFL-1.1 AND Apache-2.0", + "licenseDetails": [], + "author": [ + "graffatcolmingov", + "Lukasa", + "nateprewitt" + ], + "size": 476710, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QLvfHwpxw67nu-wnQOr5Wpb4moXzJEbItYlG-yDEze10", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "requests-2.32.3/src/requests.egg-info/PKG-INFO" + } + }, + { + "key": "QhwQcKIJRvkUFPXGkl7GR5dEGQlF7HRNld91xjzVhWBo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/setup.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/models.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/testserver/server.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_utils.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_utils.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_testserver.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_requests.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOs2JZ8Wh51IIUwAh8K3429g3rbe-xXRlOaBRSr-9L7o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_requests.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/sessions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/utils.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/utils.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_hooks.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/cookies.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/compat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/compat.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/adapters.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/src/requests/adapters.py" + }, + { + "key": "QOs2JZ8Wh51IIUwAh8K3429g3rbe-xXRlOaBRSr-9L7o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/setup.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_requests.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_requests.py" + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_packages.py" + }, + { + "key": "Q9147qHW3V-C0AlvcOEChWxChRSTO8hDbjg4ppzpUgOE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_lowlevel.py", + "props": { + "envVars": "" + } + }, + { + "key": "QfgjPvF69Z3pKtSeCYexjGsH5noDBHqwr-bQR4oH_63Y", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests-2.32.3/tests/test_lowlevel.py" + }, + { + "key": "Q9EGNe3fSqn_tuzIgCsV8mj6sqEsk4Z_1-6TAZ2ZN__g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests-2.32.3/setup.py" + }, + { + "key": "Qsb9yskiepbEU3uUJsc7No81i4UlX9Tnj5tACFl7kfsY", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "requests-2.32.3/NOTICE" + } + } + ] + }, + { + "type": "pypi", + "name": "requests", + "version": "2.32.3", + "release": "py3-none-any-whl", + "id": "15590656247", + "topLevelAncestors": [ + "75379", + "6381179126", + "15835012723", + "15917547152", + "15921473454", + "15921496871" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "graffatcolmingov", + "Lukasa", + "nateprewitt" + ], + "size": 205090, + "score": { + "supplyChain": 0.8, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8 + }, + "alerts": [ + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/cookies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QglOZ0ggpOPZhpGXQI1JU7GUx--gENCeopcdCQn9Gp2I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/utils.py" + }, + { + "key": "QeZYgC3WvS-YVlAZiv817MzaEhbuF63uwbwrwoW5FbKQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests/utils.py" + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeZYgC3WvS-YVlAZiv817MzaEhbuF63uwbwrwoW5FbKQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests/adapters.py" + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/adapters.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeZYgC3WvS-YVlAZiv817MzaEhbuF63uwbwrwoW5FbKQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "requests/compat.py" + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/compat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/models.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKxR_4avfPmWsHd8rInG0r2D49OJ039OsPy468-XdZHM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "requests/sessions.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "typing-extensions", + "version": "4.12.2", + "release": "tar-gz", + "id": "15596422234", + "topLevelAncestors": [ + "15917547152" + ], + "license": "0BSD AND PSF-2.0 AND Python-2.0", + "licenseDetails": [], + "author": [ + "guido", + "hauntsaninja", + "ilevkivskyi", + "JelleZijlstra", + "jukkal", + "srittau" + ], + "size": 422371, + "score": { + "supplyChain": 0.9, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.9 + }, + "alerts": [ + { + "key": "Q_PjpX_pemSbReEkwNhWauOEc8ryJMt7CCLx-ZkdOTm4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py" + }, + { + "key": "QT1sAoYM4EK_J2kXIiMBAQ9QQ7oz6bVdmszZZujOFDKU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "typing_extensions-4.12.2/src/typing_extensions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZl9rzyoaohvuPoXRslwO0KUY6pA0O4BykHo9Dv3A4vU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py" + }, + { + "key": "QT1sAoYM4EK_J2kXIiMBAQ9QQ7oz6bVdmszZZujOFDKU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qm5Bx7H68ptFVcDI2xHjBvjVOuol5O63ptjFIKTtOR4c", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "typing_extensions-4.12.2/src/test_typing_extensions.py" + } + ] + }, + { + "type": "pypi", + "name": "typing-extensions", + "version": "4.12.2", + "release": "py3-none-any-whl", + "id": "15596422235", + "topLevelAncestors": [ + "15917547152" + ], + "license": "0BSD AND PSF-2.0 AND Python-2.0", + "licenseDetails": [], + "author": [ + "guido", + "hauntsaninja", + "ilevkivskyi", + "JelleZijlstra", + "jukkal", + "srittau" + ], + "size": 151904, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "QrDZOeUTQbFuth1KQrcKnyJMI-00l2ERdysiZQ4TLPS0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "typing_extensions.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "django-filter", + "version": "24.3", + "release": "tar-gz", + "id": "15835012723", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 35, + "end": 54 + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "alexgaynor", + "carltongibson" + ], + "size": 640861, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "django_filter-24.3/runshell.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qq2FEL03r3eznNGKrdHY5pSinOhAGQNHvsYyw-3r_6uQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "django_filter-24.3/tests/test_fields.py" + }, + { + "key": "Qq2FEL03r3eznNGKrdHY5pSinOhAGQNHvsYyw-3r_6uQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "django_filter-24.3/tests/test_filtering.py" + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "django_filter-24.3/tests/test_utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9s_Bgdn1vGQ68GpnwIisr9gqPfYuiZws-ki1ai0oX_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/it/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q8cOX37NL42FvU1QyJty3U1M8vd-MCYeE2fIceOT1BzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/pl/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q5lH_HMx8NLesk9GmX9f_F58S9pLFMI-WPQiHHmFunJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/ar/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q1YFfS6Vp1YO5b76UkGrGSjC2JsenP_58z43eM42INUk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/el/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qbb6OU4MoyswfShTkIlpACMPOhg62T0DUaqGyCb0jpYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/es_AR/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qd03NB64Lfut8GMj-16Y_LSl8L-OipL132Jm_ABEV918", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/be/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qg5KBYLFgCIjhv-xqTIm8mxY3aZbtVawGLm2kn7TwoF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/nl/LC_MESSAGES/django.mo" + } + }, + { + "key": "QDgVJcpqdsmsOPlWo1fcBhlFzN13s5fwjz3ewY-ZYr6Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/bg/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qke1y-811BfSWKD3eBgP76i63QMc534grHIS0C2ClN0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/es/LC_MESSAGES/django.mo" + } + }, + { + "key": "QmKh-SHwYIC1fcMhAD3geBRF95EaVZQfs0oLvGXX97aA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/cs/LC_MESSAGES/django.mo" + } + }, + { + "key": "QnsH5ITmd2PjindKY8pjsWAHpo-5Xzzeu7XBAPcksTZ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/zh_CN/LC_MESSAGES/django.mo" + } + }, + { + "key": "QpZZOq4VyE4kguTGhMd5RXHN8RrE4RBnxTHld3rmFFsY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/de/LC_MESSAGES/django.mo" + } + }, + { + "key": "QSRv8POdNm5_Z8xZj3fBKgYEtfyvqGPy16FKNWY-gj0k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/sk/LC_MESSAGES/django.mo" + } + }, + { + "key": "QytnfjWgr6ckpN3yP4hfzZkuN4XgxHxW_HF3NycxkFGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filter-24.3/django_filters/locale/ru/LC_MESSAGES/django.mo" + } + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "django_filter-24.3/django_filters/utils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsB40kAUrnEsb28VKo_tVXr9_AXWanukzhUCGq5zWuPQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "django_filter-24.3/runtests.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "django-filter", + "version": "24.3", + "release": "py3-none-any-whl", + "id": "15835012724", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 35, + "end": 54 + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "alexgaynor", + "carltongibson" + ], + "size": 220500, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QirhIZwFYb1_R_4YfyVrOzCU0mMf4W75KfzpMl79xkmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/es/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q6u4SqCYhK7xlVjBY35OCKyOlFaWcJn1CIu5uXfn3f5s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/ar/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q8Ubvd4nvG-Gy0y0yP93dZVR4ZuOkpf0I40idjKjAKRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/bg/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q9gsE1XyGC4MX7AnSOtsre3Luv1ECUEwMsmMPGjBHCgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/nl/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qacz2P24BIynfqOFZLquDaaf0QnDf7a3fh-JhTFbWpD0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/ru/LC_MESSAGES/django.mo" + } + }, + { + "key": "QCaXgevdwhnggfmm48lApWMuhgOCaZ-xSyWO1xCbtdss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/sk/LC_MESSAGES/django.mo" + } + }, + { + "key": "QKGvR9k4Y6GiBXYsy9BMMjrR6vT7sDDApY6b9nAO1x3k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/cs/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qn5DJ8hXj51l5TwQrkwBpFsrXV7IVYOj7yQSBalHZdiY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/el/LC_MESSAGES/django.mo" + } + }, + { + "key": "Qo_kRqCOt1JHWuWy3AiUKaqrdE6UHd-UBDIVcR1PjYVg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/zh_CN/LC_MESSAGES/django.mo" + } + }, + { + "key": "QOWew6TBhp1eTrWJXClieb8fenUGyjYjPbDg8rOgv1qQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/be/LC_MESSAGES/django.mo" + } + }, + { + "key": "QRKaGOsiPY75gdL_loc8F9YROPZO3RbVunjy2Jo4NdCk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/de/LC_MESSAGES/django.mo" + } + }, + { + "key": "QxdHIkdD4ZeLWVYVFsS2rmRaNBBHLCTgEU5yNgZgmGoE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/es_AR/LC_MESSAGES/django.mo" + } + }, + { + "key": "QYHN7rIbG467lGvzpOBnsFu6SPQQLnDxVooyQc-rUdTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/pl/LC_MESSAGES/django.mo" + } + }, + { + "key": "QZ7-6RCkzVafS4gMbHB9XYNzNFBGc-EwaXUzXtiLVmIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "django_filters/locale/it/LC_MESSAGES/django.mo" + } + }, + { + "key": "Q422RnVP4KBGprXwwk06k76ZvIoHAclFlj-r2eCJ6_g0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "django_filters/utils.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "flake8", + "version": "7.1.1", + "release": "tar-gz", + "id": "15841982955", + "topLevelAncestors": [ + "6381179126" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "asottile", + "graffatcolmingov" + ], + "size": 174570, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "QDcuo4-5Rdq2P0tLV9tbWXEXdccTt4ds_0slTZWMQ55g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "flake8-7.1.1/src/flake8/processor.py" + }, + { + "key": "QDcuo4-5Rdq2P0tLV9tbWXEXdccTt4ds_0slTZWMQ55g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "flake8-7.1.1/src/flake8/formatting/base.py" + } + ] + }, + { + "type": "pypi", + "name": "flake8", + "version": "7.1.1", + "release": "py2-py3-none-any-whl", + "id": "15841982956", + "topLevelAncestors": [ + "6381179126" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "asottile", + "graffatcolmingov" + ], + "size": 168129, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "QNEbSfWQK40sd1U6ALxjUcfYzIcAkRHCcMxexx07RDxQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "flake8/processor.py" + }, + { + "key": "QNEbSfWQK40sd1U6ALxjUcfYzIcAkRHCcMxexx07RDxQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "flake8/formatting/base.py" + } + ] + }, + { + "type": "pypi", + "name": "furo", + "version": "2024.8.6", + "release": "tar-gz", + "id": "15846969774", + "topLevelAncestors": [ + "15835012723" + ], + "license": "AFL-1.1 AND CC-BY-SA-4.0 AND MIT", + "licenseDetails": [], + "author": [ + "pradyunsg" + ], + "size": 2142194, + "score": { + "supplyChain": 0.86, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.6, + "overall": 0.86 + }, + "alerts": [ + { + "key": "QdAgJqpgHnrF0ckRL-OFMPY40XIkLtMKikAKRYNTJLWY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/tests/workflow/test_sphinx_versions.py" + }, + { + "key": "QJATmwMZgTHxfQ0HSKQwShy56Fl4kkPNWH18u4PydEmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/blocks.rst" + } + }, + { + "key": "QMxZwK-106w3hB1kqM9_jcIYQxDadiTMrZSj4UU299zs", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "CC-BY-SA-4.0" + } + }, + { + "key": "Q2HSkFonqGtcRMwzsJKXIM76Z8ACn-mw_s_DHFvfn2BA", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "CC-BY-SA-4.0" + } + }, + { + "key": "QwSMuYAt5uqLeFwizP7owGZiK6rswuCnVrhGUFowKGvA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/src/furo/assets/scripts/gumshoe-patched.js" + }, + { + "key": "Q0wgwo1gHpd1o7TRd0I5mOVelfBfyyP3nldb5R0Udb6s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/src/furo/__init__.py" + }, + { + "key": "QnIi5FORDFrKB65XrQVs_FtTNQiQCtdb80y0HtLPn7HA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/noxfile.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnIi5FORDFrKB65XrQVs_FtTNQiQCtdb80y0HtLPn7HA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw6lmosi4VKZOblEsX85SoYhW3BYje72uQc1nxAU6Ycw", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/generic.rst" + } + }, + { + "key": "Qq_Kcuvt9DV220z5hbM1teIe_Y8WBHfvp-UDIWEc4ve0", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/admonitions.rst" + } + }, + { + "key": "QMdWr6deYH6MR0_AyIhI_OoCvln3NyEZQnExabC6OSg8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/api.rst" + } + }, + { + "key": "QKoBc99gmeqbmzMS3gMRqPMnPAwjFUlaui1THdXKRFkc", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo-2024.8.6/docs/kitchen-sink/images.rst" + } + }, + { + "key": "Q1N1DlhM9O_b0JDL1w_FgpWwI4pInuGk00bGqLwP2B-g", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo-2024.8.6/docs/license.rst" + } + }, + { + "key": "QwSMuYAt5uqLeFwizP7owGZiK6rswuCnVrhGUFowKGvA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/src/furo/assets/scripts/furo.js" + }, + { + "key": "QnIi5FORDFrKB65XrQVs_FtTNQiQCtdb80y0HtLPn7HA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "furo-2024.8.6/src/furo/__init__.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "furo", + "version": "2024.8.6", + "release": "py3-none-any-whl", + "id": "15846969775", + "topLevelAncestors": [ + "15835012723" + ], + "license": "AFL-1.1 AND MIT", + "licenseDetails": [], + "author": [ + "pradyunsg" + ], + "size": 328417, + "score": { + "supplyChain": 0.88, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.88 + }, + "alerts": [ + { + "key": "QrrVgkuTZvT0XITvGyFRBkge2s1UfgV0fAHK7kO2HGVk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "furo/__init__.py" + }, + { + "key": "QTkXjzclJ20b5IutAmOD9l9xdJpPBrZTCH_vpoXxpLEw", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "furo/theme/furo/static/scripts/furo.js.LICENSE.txt" + } + }, + { + "key": "Q6GyTYqE8KYDqr0n_bfAzGFzJt8l3u2clPy-CeqHDK54", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "furo/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8QUBthxDIK30kFCUsZzUX6IIiX-9pAla-i0lRGcxK6o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo/theme/furo/static/scripts/furo.js" + }, + { + "key": "QYVXpVIKvsfWg_VTDEdLEG0KYRMGRcWaUM8xsbytz6J4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo/assets/scripts/furo.js" + }, + { + "key": "QYVXpVIKvsfWg_VTDEdLEG0KYRMGRcWaUM8xsbytz6J4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo/assets/scripts/gumshoe-patched.js" + }, + { + "key": "QYVXpVIKvsfWg_VTDEdLEG0KYRMGRcWaUM8xsbytz6J4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "furo/theme/furo/static/scripts/furo.js" + } + ] + }, + { + "type": "pypi", + "name": "attrs", + "version": "24.2.0", + "release": "tar-gz", + "id": "15847241017", + "topLevelAncestors": [ + "6381179126" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "hynek" + ], + "size": 1472712, + "score": { + "supplyChain": 0.88, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.88 + }, + "alerts": [ + { + "key": "QGp-Ga1jhHVV-DAYcj9NNkgAwq6DzZ9k1jaFU0GkEYXY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "attrs-24.2.0/tests/test_pyright.py" + }, + { + "key": "Q8ccZN72sUEvCbHPTPwEyy-Jp3diLqU3PsEemQtkPweE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "attrs-24.2.0/tests/typing_example.py", + "props": { + "envVars": "" + } + }, + { + "key": "QoJhSPneqa7MLCcXhoDrKI2xWxiZkkW4S7OI2gXGFkCY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "attrs-24.2.0/tests/test_pyright.py" + }, + { + "key": "Qj9-EUZBEw2eH4P2-EHMBf4Z8w9I4XTV1qYmg9zmmZgk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "attrs-24.2.0/src/attr/_make.py" + }, + { + "key": "Q8ccZN72sUEvCbHPTPwEyy-Jp3diLqU3PsEemQtkPweE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "attrs-24.2.0/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6oGGyTDa4YSpZrZy_GuXvgwz9r6VBDT0J7M6_Jsii60", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "attrs-24.2.0/docs/_static/social card.afdesign" + } + } + ] + }, + { + "type": "pypi", + "name": "attrs", + "version": "24.2.0", + "release": "py3-none-any-whl", + "id": "15847241022", + "topLevelAncestors": [ + "6381179126" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "hynek" + ], + "size": 215730, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "QK1XVEOguimdrcxzmTwNA_1AxFqggUeqzqiZUfxLb6zE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "attr/_make.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-macosx-10-9-universal2-whl", + "id": "15853544293", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 18313156, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QY9wr041B6NOXqOgPEIApxjVuGec8nlfpWo4HKjQCgto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-darwin.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qa6w9rh5rjIuj3ggiVWLWgPf-0xPUbYGV6XzlfdQdknI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-darwin.so" + } + }, + { + "key": "QBOVD--_78M2_4wMBNnJe35MYmxCBkO4knR6WIKQgvlY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-darwin.so" + } + }, + { + "key": "Qmp0SPwcPwTbXaPxrGWMrcvUc87dNHVuGThGCQkjQFmo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-darwin.so" + } + }, + { + "key": "QnHsJWWa1byY0bDR-D93MGos7KRsQSeXRhE9oxyTKKSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-darwin.so" + } + }, + { + "key": "QnIDMZjRLTU110oR_wPD6YaKG1b2zG6Q_YTNdYHRVwSY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-darwin.so" + } + }, + { + "key": "Q6srGqMMTsZpb4leZuOcBVG6N92QLoncN68ITYp_iIH0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qni3qkjanD90nZe_y4h3oNmY-OR3TPPOSvKpYYAsnOrM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q6srGqMMTsZpb4leZuOcBVG6N92QLoncN68ITYp_iIH0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6srGqMMTsZpb4leZuOcBVG6N92QLoncN68ITYp_iIH0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQmHpP1dSAO2lqCf9_L0BIB2QDITY6eTCveduyzd1REU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-macosx-10-9-x86-64-whl", + "id": "15853544294", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10156880, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QBOVD--_78M2_4wMBNnJe35MYmxCBkO4knR6WIKQgvlY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-darwin.so" + } + }, + { + "key": "Qa6w9rh5rjIuj3ggiVWLWgPf-0xPUbYGV6XzlfdQdknI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-darwin.so" + } + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QCpvUNgMbiRJVUmwBbS6Ml698D7_0Gt7bFEHZGsoofXo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QCpvUNgMbiRJVUmwBbS6Ml698D7_0Gt7bFEHZGsoofXo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QC-Dhc0Y0qoHeCzfZEXyCntZ_pYv_2np_BIkX4rtub-0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QCpvUNgMbiRJVUmwBbS6Ml698D7_0Gt7bFEHZGsoofXo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpahF63pEphu_XVLjn6VVROwlpZhHA0xRvo0U_JmESQ0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QY9wr041B6NOXqOgPEIApxjVuGec8nlfpWo4HKjQCgto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-darwin.so" + } + }, + { + "key": "QnIDMZjRLTU110oR_wPD6YaKG1b2zG6Q_YTNdYHRVwSY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-darwin.so" + } + }, + { + "key": "QnHsJWWa1byY0bDR-D93MGos7KRsQSeXRhE9oxyTKKSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-darwin.so" + } + }, + { + "key": "Qmp0SPwcPwTbXaPxrGWMrcvUc87dNHVuGThGCQkjQFmo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-darwin.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853544295", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12058914, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q4awh5MbhD3dk4uX7_yWHzmBcrEzWNFy93P9dkzDGuS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QbHPF_Mvp4Or-bo9VvxrzQ8_gJCURLTpxruXtXRx8NtE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QCIjxSzYuTNI7ffzYqgpe0emiwuxBM4aRB2gyQExTscY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QINsGyg4y53jGzRtdgINC54H8TsizJhH6zkNPSUQev54", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QPOg2AIgsao0FpdaU97_6fZwVR558NK-iA_Wk01OaxR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QYaJ5PL78GjtH4RjzPC7zEWVkvymQb3w-f5m0p-9uRvI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QOZiaeF5yc-ESu8q0Q1hPx27JxUhfWi_BabPP0JPVfiA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QOZiaeF5yc-ESu8q0Q1hPx27JxUhfWi_BabPP0JPVfiA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QBYyul4NfBzl1sxAkz6nkHfI1k7w-4hlqPJGFXEzmnTM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QOZiaeF5yc-ESu8q0Q1hPx27JxUhfWi_BabPP0JPVfiA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRs1TqEcwHdzvyv6buocSuwKDVKx44M9wSAsT_Y2ecj4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853544296", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11110313, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q9nue1L-BO5e6iKDZeCthjK48_7wOtFdVA1nfInhp8nQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q9nue1L-BO5e6iKDZeCthjK48_7wOtFdVA1nfInhp8nQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QobELRDTQX2tdtk_ZP_rCbK6QFoW3NW771DNq8lsWPlI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q9nue1L-BO5e6iKDZeCthjK48_7wOtFdVA1nfInhp8nQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFnSOOL0vjFPCzqJeLvC5UFeKxYHlDN36Q3rtaCdRHQY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QLZ5m45nq0vLRXNJIb1WuEWwwIJ030ZJb57GZHMcS0BI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QlurtVzbUNJ-Pf-l_cLlI_ctBX79XMadr3hwefXz3WOk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QIJ2rw27g_-5QHNgjPyD_Q-KvjnzbpY1F6BdnXfOx14M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q2IC03-976hJb4If_pEEkQnLKPn6u9ro6KnlBYP_WYnQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QovqStE-zjHEYLxJMYdCSo6viiE0p526hVYintMe3XqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QUnBL4Z3mxM69aMkxchw1BkKVRLplVcxiLVIuPUxlhaE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15853544297", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13469705, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q-xvtYeoV97DxspGG_HeHG6QWTEEv7gc5iUaJ5KWdGmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4ApqHMCmm1yXZ9OR5ePLEpUjnvJZ3VbVwYEX7weXMAg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QGrph2C9GXQRq_IC0F0nveQW4E-iDyriqylQPs1zN0m4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QHBosHm0akaYSPKzhFIN4g7vVlQmfptV1rP2CsX25IwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qo5oGIU9ubs_zQOXj836S0C2Kw5zQ0cAeKhZ9yoiyr6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QYWC1Pdk6VN6G6kRt7vRn1i3Rb0HfGQmTsqzt7vmsrss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QAdu2dgPuyxcoV4LYop5CCn9myNAKDKBRCwyxqczC50o", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QAdu2dgPuyxcoV4LYop5CCn9myNAKDKBRCwyxqczC50o", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXyQuSivqlt7VApxpCkmpXbeFwtx6H71kz5kkQAlUnJc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QAdu2dgPuyxcoV4LYop5CCn9myNAKDKBRCwyxqczC50o", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qg8XXlyvLh26X4YFmGnUlM4XjUJ_i2ehQkYklLA5zt3g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15853544298", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11781921, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q_PBexyhIqBR0yFbimbJgnaeKqTBESXniWgGJX9z73nY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_PBexyhIqBR0yFbimbJgnaeKqTBESXniWgGJX9z73nY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_PBexyhIqBR0yFbimbJgnaeKqTBESXniWgGJX9z73nY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q7PSrjH6KbE8YvXmZ_LIWDkzcjzpkQTDwpLsy8TbCyeg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QjrnctbszCxKcQxxgtJNly70r_SAk-mnKf69vg6A2-Bo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qb6-5vIfhyu0eF3cXWBIyBD5MDAw1sICN2wFfLyzfHF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qbi4triD4-HeFXq0QkowiWdIH6-gNfc19j4hn7dtpHq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QD64cOGc1z_jm9plQ-oLcXboyDA-Y-OjBGsQ8kUf9Bno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qm3NHkyWCWk1nmyr4GYFkEgm0AsywTC_tjuia_1MbqBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QMf7WeqkQhC5WZF-DdagQZBhysayanejyFXI2npHF0Hk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QTtjhrQTCW5ZWKM5ew__agwWfaKqpZbnmcXiHUmpg9DA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853544299", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11413089, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QBMmIzwvC9cBDdsODjD6FhYEfr-R1YRsuNaqZR-43QRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCylX92p2p3vT1jhHXnX9WMLUmSDOxVjPmUH_CzGok5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdE3JWaHrTR5uvPbvuTSAPVJ-CJrt27LiOmS-lzEjc58", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgI97dqYubBoRGNiaZk4Zz_NfXKBSjnwHKLmi8kXfF9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlEhETAav7e7Ed9eukWSs4b-zw_R1IJ8o11-g5msgPkI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ_n2L-q3Aan5BTh8zFOBFt6Zi0mreNSVe4ujcsbDzlQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qq93lIDVH1peiFsFPloMoVNDMxpEgKGjj_Ffirbb50dk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qq93lIDVH1peiFsFPloMoVNDMxpEgKGjj_Ffirbb50dk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QE51Z0ZgxhgSGksZeaMNhx8IqVr6YkLcKWg08O9sBJow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qq93lIDVH1peiFsFPloMoVNDMxpEgKGjj_Ffirbb50dk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkMvDuqGQ7CZGj4_06jgYTGlSRN-kZ9hN6wj_PeSLiOQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-28-aarch64-whl", + "id": "15853544300", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11045570, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QlurtVzbUNJ-Pf-l_cLlI_ctBX79XMadr3hwefXz3WOk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QIJ2rw27g_-5QHNgjPyD_Q-KvjnzbpY1F6BdnXfOx14M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q2IC03-976hJb4If_pEEkQnLKPn6u9ro6KnlBYP_WYnQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QSp7-VtGf2lQwkXN0oo-LPnXyhCQhFJ0iJjbN_dTnOl0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QUYd9tCDrBgkvaRGgElG5lNKVfAt4fEX4NQPfPA-eakM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QUYd9tCDrBgkvaRGgElG5lNKVfAt4fEX4NQPfPA-eakM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QUYd9tCDrBgkvaRGgElG5lNKVfAt4fEX4NQPfPA-eakM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QYaGt0gFmRnSXH7_JgamMgiqBwz5lBYWfZu1Q5Hh1hZY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QUnBL4Z3mxM69aMkxchw1BkKVRLplVcxiLVIuPUxlhaE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QovqStE-zjHEYLxJMYdCSo6viiE0p526hVYintMe3XqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QLZ5m45nq0vLRXNJIb1WuEWwwIJ030ZJb57GZHMcS0BI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-28-ppc64le-whl", + "id": "15853544301", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 14060194, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q4Q9fOwvebqWhiPh9LbbEMb7Y2d9EJy5GHQdiP2xz3kQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1fJlQGDPZNb-o3GwcoDvfL8bp7FK81hPyq-nAFy3LhA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4Q9fOwvebqWhiPh9LbbEMb7Y2d9EJy5GHQdiP2xz3kQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QuJcUstq2xSqslA-84SIf8oARrOdIw0r3pHSUKeuZgf0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QYWC1Pdk6VN6G6kRt7vRn1i3Rb0HfGQmTsqzt7vmsrss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qo5oGIU9ubs_zQOXj836S0C2Kw5zQ0cAeKhZ9yoiyr6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QHBosHm0akaYSPKzhFIN4g7vVlQmfptV1rP2CsX25IwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QGrph2C9GXQRq_IC0F0nveQW4E-iDyriqylQPs1zN0m4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4ApqHMCmm1yXZ9OR5ePLEpUjnvJZ3VbVwYEX7weXMAg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q-xvtYeoV97DxspGG_HeHG6QWTEEv7gc5iUaJ5KWdGmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q4Q9fOwvebqWhiPh9LbbEMb7Y2d9EJy5GHQdiP2xz3kQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-28-s390x-whl", + "id": "15853544302", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11999628, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qm3NHkyWCWk1nmyr4GYFkEgm0AsywTC_tjuia_1MbqBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qzhcv7bdfXlmZECOssJ2Rx5UFpmacDhSjd-E7GnNWbq8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QTtjhrQTCW5ZWKM5ew__agwWfaKqpZbnmcXiHUmpg9DA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QMf7WeqkQhC5WZF-DdagQZBhysayanejyFXI2npHF0Hk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QD64cOGc1z_jm9plQ-oLcXboyDA-Y-OjBGsQ8kUf9Bno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qbi4triD4-HeFXq0QkowiWdIH6-gNfc19j4hn7dtpHq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qb6-5vIfhyu0eF3cXWBIyBD5MDAw1sICN2wFfLyzfHF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qzhcv7bdfXlmZECOssJ2Rx5UFpmacDhSjd-E7GnNWbq8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qzhcv7bdfXlmZECOssJ2Rx5UFpmacDhSjd-E7GnNWbq8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QV_4qHoZ7QrcW_pLaWCRffxkMHuewrch0rgGpx8zkwIU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QlxKBbm0UMronwyJ4flb_7Uj5O2FLr47CM9wKqK5zJeY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-manylinux-2-28-x86-64-whl", + "id": "15853544303", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11323451, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QGr_GaSA2U-27eObO4YYWha-P2CLh2IstM34MYllZtqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q01PWc03XfVkYwM7DA4Tc8gevVFx6Yzq4qrr-NiuORA0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q01PWc03XfVkYwM7DA4Tc8gevVFx6Yzq4qrr-NiuORA0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QBMmIzwvC9cBDdsODjD6FhYEfr-R1YRsuNaqZR-43QRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCylX92p2p3vT1jhHXnX9WMLUmSDOxVjPmUH_CzGok5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdE3JWaHrTR5uvPbvuTSAPVJ-CJrt27LiOmS-lzEjc58", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgI97dqYubBoRGNiaZk4Zz_NfXKBSjnwHKLmi8kXfF9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlEhETAav7e7Ed9eukWSs4b-zw_R1IJ8o11-g5msgPkI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ_n2L-q3Aan5BTh8zFOBFt6Zi0mreNSVe4ujcsbDzlQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QGyrzGb41DN3CK-gzRgkm8ugHYoqqs5fA8MgZPNd-kuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q01PWc03XfVkYwM7DA4Tc8gevVFx6Yzq4qrr-NiuORA0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-musllinux-1-2-aarch64-whl", + "id": "15853544304", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11216177, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QIJ2rw27g_-5QHNgjPyD_Q-KvjnzbpY1F6BdnXfOx14M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2IC03-976hJb4If_pEEkQnLKPn6u9ro6KnlBYP_WYnQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QlurtVzbUNJ-Pf-l_cLlI_ctBX79XMadr3hwefXz3WOk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QLZ5m45nq0vLRXNJIb1WuEWwwIJ030ZJb57GZHMcS0BI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QUnBL4Z3mxM69aMkxchw1BkKVRLplVcxiLVIuPUxlhaE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QovqStE-zjHEYLxJMYdCSo6viiE0p526hVYintMe3XqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "QNxYznsx88nY0HrAtp4Z99YsCn8IgfO-MBV-vqR7pm6g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QmYAFXzKgQsY2z01Z29cPOHAbnOTTQMO6ypu8s_LAdIE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QmYAFXzKgQsY2z01Z29cPOHAbnOTTQMO6ypu8s_LAdIE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QmYAFXzKgQsY2z01Z29cPOHAbnOTTQMO6ypu8s_LAdIE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QL-Xh9AS9PYl7OT26TCCcPA_T-OsraiEMQorJfNrurxM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-musllinux-1-2-ppc64le-whl", + "id": "15853544305", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13838049, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QmGCQx1d4jJ50uyRx0hLH3L_XhnjYCSBL4WLRnbdKzB8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QmGCQx1d4jJ50uyRx0hLH3L_XhnjYCSBL4WLRnbdKzB8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QYWC1Pdk6VN6G6kRt7vRn1i3Rb0HfGQmTsqzt7vmsrss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qo5oGIU9ubs_zQOXj836S0C2Kw5zQ0cAeKhZ9yoiyr6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QHBosHm0akaYSPKzhFIN4g7vVlQmfptV1rP2CsX25IwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QGrph2C9GXQRq_IC0F0nveQW4E-iDyriqylQPs1zN0m4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4ApqHMCmm1yXZ9OR5ePLEpUjnvJZ3VbVwYEX7weXMAg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q-xvtYeoV97DxspGG_HeHG6QWTEEv7gc5iUaJ5KWdGmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QPXM1nvrj6rko2qEkshjudjFJR-uHZ1nA5h1Ptxa-cCg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QmGCQx1d4jJ50uyRx0hLH3L_XhnjYCSBL4WLRnbdKzB8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qkkf_Zago8KHRKzKVjGQnEWfL93vEntcvCwLzvy-PeQg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-musllinux-1-2-s390x-whl", + "id": "15853544306", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12264739, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QMf7WeqkQhC5WZF-DdagQZBhysayanejyFXI2npHF0Hk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qb6-5vIfhyu0eF3cXWBIyBD5MDAw1sICN2wFfLyzfHF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qbi4triD4-HeFXq0QkowiWdIH6-gNfc19j4hn7dtpHq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QD64cOGc1z_jm9plQ-oLcXboyDA-Y-OjBGsQ8kUf9Bno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qm3NHkyWCWk1nmyr4GYFkEgm0AsywTC_tjuia_1MbqBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QTtjhrQTCW5ZWKM5ew__agwWfaKqpZbnmcXiHUmpg9DA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q_KP01TF-tOp6MDFUVUsGtUf1ivzaO0QDzMVXAcYytv8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_KP01TF-tOp6MDFUVUsGtUf1ivzaO0QDzMVXAcYytv8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QQYGQ1930pHR72LPewZEtIqzGbmlfUr_k2g6qtoKGCJk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_KP01TF-tOp6MDFUVUsGtUf1ivzaO0QDzMVXAcYytv8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QXKWZRHO-AGMCG_zgPuhJ4DwSS85t02mme_jFxhryb0Q", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-musllinux-1-2-x86-64-whl", + "id": "15853544307", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11449794, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QBMmIzwvC9cBDdsODjD6FhYEfr-R1YRsuNaqZR-43QRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QacS4q_89S64NrGZWGZO7YQxy2Ia3AuM21p3WZYpQ5Eo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QCylX92p2p3vT1jhHXnX9WMLUmSDOxVjPmUH_CzGok5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdE3JWaHrTR5uvPbvuTSAPVJ-CJrt27LiOmS-lzEjc58", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgI97dqYubBoRGNiaZk4Zz_NfXKBSjnwHKLmi8kXfF9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QacS4q_89S64NrGZWGZO7YQxy2Ia3AuM21p3WZYpQ5Eo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QQ_n2L-q3Aan5BTh8zFOBFt6Zi0mreNSVe4ujcsbDzlQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlEhETAav7e7Ed9eukWSs4b-zw_R1IJ8o11-g5msgPkI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QpIZg67snFJTkVtGucUi09nVw6580nGcK1mXIoa1xDTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QacS4q_89S64NrGZWGZO7YQxy2Ia3AuM21p3WZYpQ5Eo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvdiZn-1qic_QP0alREFxTsqiMhSjj818LHQsRjoE6eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-win-amd64-whl", + "id": "15853544308", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8499678, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFv-DYQQ1VA_u2mb9zsLMZK9sjsT0BCoMGHM9Gg4_9IA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFv-DYQQ1VA_u2mb9zsLMZK9sjsT0BCoMGHM9Gg4_9IA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "Qvmk1Aq0hZhGpwg0ULp0-7ctJD9aLH57m9GwhuQAM12c", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QaVw32JfQ2kGhEpVOwk3muofUv657F0vKp95yKoIf9gU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp310-win_amd64.pyd" + } + }, + { + "key": "Qg1kcTBmnYxW6St9GZ-YQJYItS8jfSMY9PV-oN9pi-lE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp310-win_amd64.pyd" + } + }, + { + "key": "Qit93gBonekrLOBN_CbqfZdwVp4NWOSLaVPtLQEunNXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp310-win_amd64.pyd" + } + }, + { + "key": "QM9TB85IsEmrwPlJyHnxCmVBYZcJ2sgdVc8WdbNItQHw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp310-win_amd64.pyd" + } + }, + { + "key": "QRw9PCGih6letVq9atTjg9vvBj92ifmPEm0YgM76G-hU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp310-win_amd64.pyd" + } + }, + { + "key": "Qxgw69AZYdqHKQKR7kg2O3kohDVNHikR7FEDOkBy3co0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp310-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFv-DYQQ1VA_u2mb9zsLMZK9sjsT0BCoMGHM9Gg4_9IA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qnm7cCEAuZsHxbOFvnGcqzqvrMvgoVZwT6Ju_HNMxp0U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp310-cp310-win32-whl", + "id": "15853544309", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7665137, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qw5UNQjQoeFWbAvJqR0CGrcBlwhXsXHmE2RRhfOZar-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp310-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QxMQOxLoM3b2S5q0YkuyCtXV5RUiLWmZwpPAwNr78vJo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QxMQOxLoM3b2S5q0YkuyCtXV5RUiLWmZwpPAwNr78vJo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QdyvFn9GT_m-y6nEnBPKjooclRwjxweRTiA3g69DJv00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp310-win32.pyd" + } + }, + { + "key": "QIBEaYQJpLV3ay_rT_E6Zkedamu2yZNReFzsHbhei1HQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp310-win32.pyd" + } + }, + { + "key": "QIBwJv9oON11oVDyCQM3uZ06MTE_0xAotkOexZwNljo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp310-win32.pyd" + } + }, + { + "key": "QKIGEDz94qtpcjpq2T37JtWRjK70j8Sz1j5oR6vRrEQs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp310-win32.pyd" + } + }, + { + "key": "QlHfj-Xlpraopu0gBpMfThGB_wcmG4uQC0esGicmHlYc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp310-win32.pyd" + } + }, + { + "key": "QAV5dHkYyW9Lg4-kk6uG5DOv-lzyIInooWoeTaglbVvw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QxMQOxLoM3b2S5q0YkuyCtXV5RUiLWmZwpPAwNr78vJo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMWr03wv6x7ZTPbecPG56k7_l06BCyZnl060LUqmXU7I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-macosx-10-9-universal2-whl", + "id": "15853544310", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 18362900, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q1rtNnzQn0XjrmkgqNZE_0OMs0fMxH1t092q2mej6nmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-darwin.so" + } + }, + { + "key": "Qb9fcqC2xEyuSyNt1YiyZqSp-nebXIWkvfYnn6RNjrxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-darwin.so" + } + }, + { + "key": "QUaqy6YEFJFwZ0YkgGOoCtN-Kngj35UMlyPwToNTZC_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-darwin.so" + } + }, + { + "key": "QLG10tNDI0eHQpSgLPaWnGxVtSyvgcAjJIoDd0rSHIPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-darwin.so" + } + }, + { + "key": "QvoEAi3Rf0RkOqNAmht3dPaaroaxj_4lAeJbAl56DoX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMGml6Nt0RQv850n-kYmHcCAJIZtG-qO3X43kZn9EYtw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMGml6Nt0RQv850n-kYmHcCAJIZtG-qO3X43kZn9EYtw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QXQ1fC9ZzfxCRBIueRk4aTjbwMoIJv6EhYZBYCiDTM_A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QMGml6Nt0RQv850n-kYmHcCAJIZtG-qO3X43kZn9EYtw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QTIHAUCEdyzOqOWnH3mE6NYY29rciqyrvwJ7fm63v5Eo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_MDOcx2P1i5UlTJ3SM1pY8UA1PioI6ajxOPunZARET8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-macosx-10-9-x86-64-whl", + "id": "15853544311", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10194216, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q_MDOcx2P1i5UlTJ3SM1pY8UA1PioI6ajxOPunZARET8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-darwin.so" + } + }, + { + "key": "Q5B2KnyWGAMSGE9jCjBQCx9MyEq8QZTmnOj2v6IHxNws", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QnqoDLFC6O4C1ilObNU1wAsGwy_rEfs-ZLufbNG24C2g", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QnqoDLFC6O4C1ilObNU1wAsGwy_rEfs-ZLufbNG24C2g", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QnqoDLFC6O4C1ilObNU1wAsGwy_rEfs-ZLufbNG24C2g", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QZ0OSz8av2K8Gu2yAvDOECBwuSpKUl-A3f6voY3A74r8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvoEAi3Rf0RkOqNAmht3dPaaroaxj_4lAeJbAl56DoX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-darwin.so" + } + }, + { + "key": "QUaqy6YEFJFwZ0YkgGOoCtN-Kngj35UMlyPwToNTZC_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-darwin.so" + } + }, + { + "key": "QLG10tNDI0eHQpSgLPaWnGxVtSyvgcAjJIoDd0rSHIPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-darwin.so" + } + }, + { + "key": "Qb9fcqC2xEyuSyNt1YiyZqSp-nebXIWkvfYnn6RNjrxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-darwin.so" + } + }, + { + "key": "Q1rtNnzQn0XjrmkgqNZE_0OMs0fMxH1t092q2mej6nmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853544312", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11935986, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QDejJ7DFnBm1x3jzr0auQx_ONAPoa6Amd9xNYxincGY8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QDejJ7DFnBm1x3jzr0auQx_ONAPoa6Amd9xNYxincGY8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QDejJ7DFnBm1x3jzr0auQx_ONAPoa6Amd9xNYxincGY8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QraB4UCEQifClRrHXFp8v_os0Tztqr0198DDBhSuA9U0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QGz3afRZ6GxVkxpJYvuhTtwwx550Y9ZGebJsX4If_swY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QKQIvIkxFm5wgEpHeq3jSNJkwMrheLtcXY3tdABqEkhg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QsBuXR4IeiOkc0JIT97HkeuZxei5CdGK6Fnhwk8W_x4E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QuuVuGiEo0aJgRDWBaX5lAJqRgwKP2kRJFuBXmRwq5g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QvoSMi8k4tONzrPNxYiBMMC5PsCE_iWN3AqTtBOUJDfk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "QWx_pSX-XUhWZWzdngJred_C5PmKM1t2Ytv3aytm0pS0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q51CpdkP_HrYtBxmgvZ0KpZ0MljsPs8R5RLd1TCNTJgU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853544313", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11044793, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QabEAbo4LfyZGao1Gmpx7S9-G2-3E88X5g3-WQz-1xFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QK6OvtYg0KkXDDx2tNSQ52058VMuzq5kuIZpDfLDyKk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QN8JCxtysh_wPriVh6E-OSOaa2uZF8OVKUkjGhl-IcUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QUMZek9yB0hnpGlj44szq0HIU27VViddXDA3FA_bt-UY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QVjJxZ5_MHXENMdPE87CbzG_kIpMRqPlUW0LyHcij6Xs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qw8NOQ729uqH-noQ9NHnDvseVGGESqLp5nXEylWWchq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Ql8C-ITY9WF2h33RWFZf-PfJnGLYw1fDxvpAl114QTKY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Ql8C-ITY9WF2h33RWFZf-PfJnGLYw1fDxvpAl114QTKY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-w8k6B1dZnwbcYk_VAv-LUplKc9bNxWlF506vmnyU-Q", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Ql8C-ITY9WF2h33RWFZf-PfJnGLYw1fDxvpAl114QTKY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4-55YmY6sihyEl5DodQma-QXnimW-o7QVF-ArDU8aRc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15853544314", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13469737, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QRu2HC9IsbSu7Mj7azt_8urJQkTVbSezwXZu5hovEd3I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qxa17SoDlrpHz5rg14Id02OOQXDAQ5yIABfHBM0ggv1k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QRuapMdgihx97JTF_JneFzubD4m1AnirdV71LVtpH_H8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QqUzGhvJFVfs4D3YL0oowwZNAApXz3-EMHlhdhFK332A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9VtNuZhf2QGrFOx-QNzlKmrhgyRizZkeP5ihtYWkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QgQdzbjLRJE2TkDLtlXYFQzj4UcmDpFSNbHWEsd0szwc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4DCXdrDGkD_bEPM_duMeM5LoT15Zum07SJEWEjt9uRU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QRu2HC9IsbSu7Mj7azt_8urJQkTVbSezwXZu5hovEd3I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qgtk1Afof1nzzugeMuxhA-KUxq0pFXUQW0OcspvS_EPs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QRu2HC9IsbSu7Mj7azt_8urJQkTVbSezwXZu5hovEd3I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QoX5r4eRuz8GthcBGcJ19BrUAPIUoCfJpZT8LdDIqbfU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15853544315", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11781937, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QcRV7wpUZwnZ4PY4p7JHz-u0C7ov0zcLwa6rTjkwD694", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QpbCVPoQKx4vcoaY1VQbOLrtYwHkfGzI_Avq0yDqh8Tk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QYfCuYOhiTE_koz0oAApLJ7PfKNDENmAYNq-9J4Crb6I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q_p52mG6GvXsOkaE8KCR10rB0p9TQ-1wn7ReUYgHpK0w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_p52mG6GvXsOkaE8KCR10rB0p9TQ-1wn7ReUYgHpK0w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qvl-xcZFet-zHUi2rUTdKwMrcEv2A6pXo_uYagifImdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_p52mG6GvXsOkaE8KCR10rB0p9TQ-1wn7ReUYgHpK0w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRcPbPJr1SUl3NtsAGfKmIXSTzuhbyQlhnjRsYdc3Sy8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QnmHBSyRMmgemn0Q_f5fnEpESal9Tt_2qw2oixZxskEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QFjhQ9OaO3T_PKE8iB7FytOpxwM36QrTL6LoF9sP2YUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QaCt_2Q5DjLwP8nchBFAyfF-fEm1qj6XU4sQ4MqeUcL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853544316", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11286025, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QLnouvc9ljeXB70fJX26KO6I925nUmgfcqrg8yNzK-RE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QR6do_Am0t73gE9LAF4Np1GZ-tz7FBZmTP3J5C1UKKPk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QxQEukmfZlmrPUzmE2MIY49F2ODUYcCg3Ng4lSSyWd78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q00xfArJHB3r1X8sFUg6RzDsRnIZbtcSMiwHWxFdp160", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QkIJUU8QvvFtWN0Xunxe97YLluZddDvpuTFdQ6QBChb8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QkIJUU8QvvFtWN0Xunxe97YLluZddDvpuTFdQ6QBChb8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4LGCDuZSbOiHu4-LVeNo1_fSrqcCnWA517__83pvDSs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QkIJUU8QvvFtWN0Xunxe97YLluZddDvpuTFdQ6QBChb8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QDQNIP2HfIrqru8N8sIq42M-0pJOny1B1l09ff1OOQWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd7L6oCQO2OzaKIe0YvtQcUU6C35m1lnzuPm0p9-MS00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QjY9x0QH996dQhdxEpccl4O5dNgjUL2v2G6a6BcvliTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-28-aarch64-whl", + "id": "15853544317", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11045490, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QEdoNXtoB-TCs85a7D5_RmGul_6vA_o6-6S8C7tbniQQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QEdoNXtoB-TCs85a7D5_RmGul_6vA_o6-6S8C7tbniQQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qyw4sBWhgCqG_-Ty6f2pPbDWo5ygUqxzD2n2IXWpWYPU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QN8JCxtysh_wPriVh6E-OSOaa2uZF8OVKUkjGhl-IcUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QK6OvtYg0KkXDDx2tNSQ52058VMuzq5kuIZpDfLDyKk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QabEAbo4LfyZGao1Gmpx7S9-G2-3E88X5g3-WQz-1xFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QUMZek9yB0hnpGlj44szq0HIU27VViddXDA3FA_bt-UY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QVjJxZ5_MHXENMdPE87CbzG_kIpMRqPlUW0LyHcij6Xs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qw8NOQ729uqH-noQ9NHnDvseVGGESqLp5nXEylWWchq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QEdoNXtoB-TCs85a7D5_RmGul_6vA_o6-6S8C7tbniQQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QTbZb2GujGGU8G8_TJhadSbHmL6DtPuhC2S79kmWS34I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-28-ppc64le-whl", + "id": "15853544318", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 14125754, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqUzGhvJFVfs4D3YL0oowwZNAApXz3-EMHlhdhFK332A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qxa17SoDlrpHz5rg14Id02OOQXDAQ5yIABfHBM0ggv1k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qyctd8CJo2dLQUqALhk-PIsc5YON-7swO9sT2cEqWVzE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1e7Dz_olB5eFT2c0aSdsiEmegEu-6nHyYdFsGaGyUeg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qyctd8CJo2dLQUqALhk-PIsc5YON-7swO9sT2cEqWVzE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qyctd8CJo2dLQUqALhk-PIsc5YON-7swO9sT2cEqWVzE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QKFqyONJ0FrTLWp5y0-py_vLNBr2eQo-BOrEiXWdxkAM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgQdzbjLRJE2TkDLtlXYFQzj4UcmDpFSNbHWEsd0szwc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q4DCXdrDGkD_bEPM_duMeM5LoT15Zum07SJEWEjt9uRU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qqh9VtNuZhf2QGrFOx-QNzlKmrhgyRizZkeP5ihtYWkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QRuapMdgihx97JTF_JneFzubD4m1AnirdV71LVtpH_H8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-powerpc64le-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-28-s390x-whl", + "id": "15853544319", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12007828, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QYfCuYOhiTE_koz0oAApLJ7PfKNDENmAYNq-9J4Crb6I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QnmHBSyRMmgemn0Q_f5fnEpESal9Tt_2qw2oixZxskEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6rL64IgCGKRzO6mKV9LH4nq8HjHZbUPaAcADVAwb0oU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6rL64IgCGKRzO6mKV9LH4nq8HjHZbUPaAcADVAwb0oU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QHIgayNn2cff7viBMG3XvNGWJy7E7pLpMXe0ytBJqneY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q6rL64IgCGKRzO6mKV9LH4nq8HjHZbUPaAcADVAwb0oU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QUpewh1U-FJQrGy8WmvcyohjhB7lR3ax70ddwg3khO0w", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFjhQ9OaO3T_PKE8iB7FytOpxwM36QrTL6LoF9sP2YUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QcRV7wpUZwnZ4PY4p7JHz-u0C7ov0zcLwa6rTjkwD694", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QaCt_2Q5DjLwP8nchBFAyfF-fEm1qj6XU4sQ4MqeUcL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-s390x-linux-gnu.so" + } + }, + { + "key": "QpbCVPoQKx4vcoaY1VQbOLrtYwHkfGzI_Avq0yDqh8Tk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-manylinux-2-28-x86-64-whl", + "id": "15853544320", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11303027, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3iRvUe8id1l_4qII_cvggwHvk0RgX4adwmaNV8hxpjw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QuOSNsTsg9xdjFcUivaWHPDyXKZbLCddT3HQq8mCqrs0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QuOSNsTsg9xdjFcUivaWHPDyXKZbLCddT3HQq8mCqrs0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QuOSNsTsg9xdjFcUivaWHPDyXKZbLCddT3HQq8mCqrs0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QL-XlQ4yApTUuO3XE8WA30ZyR8zimXwfC-RLzMEcCqEI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QxQEukmfZlmrPUzmE2MIY49F2ODUYcCg3Ng4lSSyWd78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QR6do_Am0t73gE9LAF4Np1GZ-tz7FBZmTP3J5C1UKKPk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QLnouvc9ljeXB70fJX26KO6I925nUmgfcqrg8yNzK-RE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QjY9x0QH996dQhdxEpccl4O5dNgjUL2v2G6a6BcvliTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QDQNIP2HfIrqru8N8sIq42M-0pJOny1B1l09ff1OOQWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd7L6oCQO2OzaKIe0YvtQcUU6C35m1lnzuPm0p9-MS00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-musllinux-1-2-aarch64-whl", + "id": "15853544321", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11216183, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QMV43NhPlAFhDnH5Bq6x6iwS8Df6_8HQl6SmoUg7tCVo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qb1Aldbxf1XZTXXpK3JNPbT5kK9YPlNGqYQx0Vb2vcSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "Qf7a0TnFHjHw2NQh15TdwJeWDqj-sS635fzyFQzXeAUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QHYiC2BjcQLQ6WdZ8JSllT35ysFxsZfch8rUG_gUNZD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QVml9N8Rg4v-4rO6VpJU1WbuaV6XVyHMchfpBv0QAjUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QxSoi4MI9FC2_MJ1YHJXG1Pda0ZjaB_Sza4_8GmyFIXE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QYQlz16DNHq-X7mZ-gW6Ujr896q6OW2gCbcVi7ygwp8g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMV43NhPlAFhDnH5Bq6x6iwS8Df6_8HQl6SmoUg7tCVo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMV43NhPlAFhDnH5Bq6x6iwS8Df6_8HQl6SmoUg7tCVo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QoMPNMDuq5EWBhBkkaaGMRQiaJ56cqAdwG2UlUsGUF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQTaq37Ila7-XfuVReGRcKkDT4E7qwKWJ-X1-kkvjnpQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-musllinux-1-2-ppc64le-whl", + "id": "15853544322", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13772519, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_LdQ4GN73eiM3_iIXb5WNb2IUc6LkRa-ocvm-CF5IOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Q0ZA2qlLgcOtXZoo5y7rcHx-WN1Mr4Ufh38blUC2XNz4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Q6xBe81OoDpeuHrOPgwIyZUrHaljztFemOy1JeBfCTk0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "QFarfJN3QU4W5dO6usBrEKv-KZ4zZIkwnFJRKhd4MPQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qj3O-zxW_9r6YKFjQ0Z2HmB9FZDutzK27YKd22hx2Kkc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "QvREfIUUH9B4ifkX5QiEO53yGwCL1HkK2Sf9AU1r2XT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QywI5a81fgUHt2e0FHqhZ2A2MlwQQx6nsyqTdO1D8Fvw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qco5UL-aEUYjylSZwdb-4QgFHcMkcouFd4yj1XPIOOEo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QywI5a81fgUHt2e0FHqhZ2A2MlwQQx6nsyqTdO1D8Fvw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QyTaSZOezhqsV2wWCNOi0PunHvwWsEDKO2ad2VL-hzCA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QywI5a81fgUHt2e0FHqhZ2A2MlwQQx6nsyqTdO1D8Fvw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-musllinux-1-2-s390x-whl", + "id": "15853544323", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12264745, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QnsdAGwsydIXEwu-5fvPFCarTiEa7w29Fn2Ep7VvKDuI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QgPb0GHr1EK7Dl43_knDNyHvxEVCoZDkVr4lfJPPqn1I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgPb0GHr1EK7Dl43_knDNyHvxEVCoZDkVr4lfJPPqn1I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QE2I-z37PGL0owvSmpg1Wr3ZIPmeRHu1zYp0cjirie1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QgPb0GHr1EK7Dl43_knDNyHvxEVCoZDkVr4lfJPPqn1I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5CcDIfxEMCiP1fOkRXxqmmOcn4p4aRrtDqUN1tuAjoM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Q7ahEMz-fGqsdLG6xRRvkubZh6jLhSYrbs1USfAznwRU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "QDhX5UxivWo-d90HPiDEZ-6P8lKp3oR9fubx5NQuvcqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Qjz7S3uPNchOm5Qp7RSnIxyMET-eOXmjrrtJ0zBHTDSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "QPXRLcA1XFiRmWva0Gfqhu-J6uQEU-nZ2MOoOadIMgp4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Qv3MgGR0wgPq6bY--Zqa-0V4VM84h7fxrLZp3Pss7J40", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-s390x-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-musllinux-1-2-x86-64-whl", + "id": "15853544324", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11437536, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QodTcg-tsAGyvyF8p9rkB5E56rFt6eauBXY2CDsT-K6U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QodTcg-tsAGyvyF8p9rkB5E56rFt6eauBXY2CDsT-K6U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QodTcg-tsAGyvyF8p9rkB5E56rFt6eauBXY2CDsT-K6U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QABwFoWPJ_9qH90rbR0NNZOb0FioZSigk2E18GH-JnVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QDHuhNT8Bwg9pd6PsugHlDE7IssbBzlySMyHpYw41ASM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QOCzClCrK4FWxxiBvYvAcT5GKjTRdahg2dZfzR5UPTH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QojZ8-CpdGTyD-WCAC9IN55gPSIHzNubwIcyoRuYrmtM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1RF9yi1MawOWqskwOszUlf69Huxoim6N49CeHE4BUc4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QPw1kI35gjPIXzmXtpSbVfqKIcTh6IkvFNaOexBKRZ20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QvhmLNunpsbkEUKKgqug9Ss_qRB-HVriO3QvElEZ4GTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QFccgrQ7Da0r4d1p9CL4UIT2I9XCNvXQP9M6n98uj5lA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-win-amd64-whl", + "id": "15853544325", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8517086, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QakDr52qOaCkBszzO-uERs9ug1YfgZXnZfuN8fdwjNBM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp311-win_amd64.pyd" + } + }, + { + "key": "QJ19G3_w0BV9xhIRJyOqjvTbHzC1QBNzotK8UHs0z6hI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp311-win_amd64.pyd" + } + }, + { + "key": "QQrjXzIPws7ZP-80lkcGQsUZPgzZ9TgwWgs2PWGy9x8M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp311-win_amd64.pyd" + } + }, + { + "key": "QROgHVeozFSRoXkfGjwHcqzB6yfqhc9O7MMkKpPu9xLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp311-win_amd64.pyd" + } + }, + { + "key": "QViWZlbRQ3TZZN3XpLfrelujixq7G0AZGeXOnqISEY8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp311-win_amd64.pyd" + } + }, + { + "key": "Qyyb3UDwGtpz9kBAdOglrzpx_uL_YCY2zBnK4udnijF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp311-win_amd64.pyd" + } + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI4FKqOgA2vQzTjtTPsjKtQXKYWdLy5uLBl64ZzohRb4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "Q-FdSP6oByf4sSHgEDtis5X3YEGk11wcp-J7Rwnj73oA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI4FKqOgA2vQzTjtTPsjKtQXKYWdLy5uLBl64ZzohRb4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI4FKqOgA2vQzTjtTPsjKtQXKYWdLy5uLBl64ZzohRb4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QKn0rOUTd0PZs6YVCWF0Mrk4vli-EgbZ0DP8624lnHNQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp311-cp311-win32-whl", + "id": "15853544326", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7700417, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QBvzuHIqAcQ3gK2k3iOF9PaR-pD0--XSTF1PG7G6ymko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp311-win32.pyd" + } + }, + { + "key": "Qbw71GZeA4IQX9zwLDEP59U-3oK7mEx8X8Hfd9XUhWyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp311-win32.pyd" + } + }, + { + "key": "Qcfytj-O2utrWOl5Q4-F4nSwqILwNjFVjoW3LMweNEGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp311-win32.pyd" + } + }, + { + "key": "QQvuj7Rt7ipBsQRg65-mY-ObcgIFi2ggRlO3lE_YIyuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp311-win32.pyd" + } + }, + { + "key": "QSjTq7BzksBASc4QhmdZIbtXP6AeqdgcI4wokIfn6pbc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp311-win32.pyd" + } + }, + { + "key": "QUDFYpUoQyNEHkrHUxymhPf09s7SYqDEKr1706i2WrYU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp311-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QkXNiG5YPww8-npR5kBbGz8Tp4wtSYQWcsjJDhFWK154", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QkXNiG5YPww8-npR5kBbGz8Tp4wtSYQWcsjJDhFWK154", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkXNiG5YPww8-npR5kBbGz8Tp4wtSYQWcsjJDhFWK154", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QreZ-W9ADiLzDHGq23qpEviMvX3mv_4CSrjUY1xwzoPM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QceWJI_dHSHiw2QpHcJVA1xZDAxiQDxpEjcB_pEHKNPo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-macosx-10-9-universal2-whl", + "id": "15853544327", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 18577028, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qc-9agGnZhSqs4wzQ1m7ywue37XOcjOdKYPnse2iyWLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-darwin.so" + } + }, + { + "key": "QdffxQ_FuM1HQPSAymOntBhy4izRjWF2QxQwKpsHgAyU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-darwin.so" + } + }, + { + "key": "QEbnDlJo0f_CI84e-XFk7C51YspwUzNntvJj5qA4doIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-darwin.so" + } + }, + { + "key": "QeIrIDWmjolEEeguxWRxvlD7ReupNA1NzDZpXFwp0ESg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-darwin.so" + } + }, + { + "key": "QMQhdiZPdW7o2fvoBsDz4T3sfbln0-V4jKhHF_Al2cmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-darwin.so" + } + }, + { + "key": "QYKYfGjQqhn1_a06DXdVvTtjrRfOGDa9pEVLQobql8P8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QGQVK6c9d8sx-LvepLec3j6j2_fOK-Cu72K-DGTp9uBc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QGQVK6c9d8sx-LvepLec3j6j2_fOK-Cu72K-DGTp9uBc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q3H0ODiNTRiTbHZIYHC6S39cOoqUjBp1-MFmKEMP2Uig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGQVK6c9d8sx-LvepLec3j6j2_fOK-Cu72K-DGTp9uBc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkSUIoQ9GidVm8Imu46Gq3SvRalZKgy2gvuAZxihpDOo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-macosx-10-9-x86-64-whl", + "id": "15853544328", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10356920, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qnc6pdXhzmRTPqtIV1RZ8GOZ98XFAvu7FG6wAtxSLh60", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qk7tBpc2gQFpWVJZDME-VS-cvy38tZ-t3j60XYXVQ1u0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qnc6pdXhzmRTPqtIV1RZ8GOZ98XFAvu7FG6wAtxSLh60", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qc-9agGnZhSqs4wzQ1m7ywue37XOcjOdKYPnse2iyWLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-darwin.so" + } + }, + { + "key": "QdffxQ_FuM1HQPSAymOntBhy4izRjWF2QxQwKpsHgAyU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-darwin.so" + } + }, + { + "key": "QEbnDlJo0f_CI84e-XFk7C51YspwUzNntvJj5qA4doIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-darwin.so" + } + }, + { + "key": "QeIrIDWmjolEEeguxWRxvlD7ReupNA1NzDZpXFwp0ESg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-darwin.so" + } + }, + { + "key": "QMQhdiZPdW7o2fvoBsDz4T3sfbln0-V4jKhHF_Al2cmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-darwin.so" + } + }, + { + "key": "QYKYfGjQqhn1_a06DXdVvTtjrRfOGDa9pEVLQobql8P8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qnc6pdXhzmRTPqtIV1RZ8GOZ98XFAvu7FG6wAtxSLh60", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QSA8B93CdaEERTYUUgqCooaJJb6z_lJym8CbKsN9wSC4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853544329", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11927570, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QOLnxiZdAT6ZJBCb4D1w8JBSMhlrfUb0Ju9d9vMWI3pU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QXIUPwjAnPTa-BGrsEqwQk7kwtel6Z54_AUqw-gRqe2o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QWW7yl_1pWQURvJFYsUtqNegxBDLlWj4vIeqUuNUK2Is", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QWW7yl_1pWQURvJFYsUtqNegxBDLlWj4vIeqUuNUK2Is", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QWW7yl_1pWQURvJFYsUtqNegxBDLlWj4vIeqUuNUK2Is", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qn8bj4_-RahmRiSCq1R8VWMG9kgsvsRSOSS9-ZlegvTk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvQn8mwmtMMxd7jItah-Ar1qOAB9vBx17iUEGG3Jhonk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QR1OxSDT2FcDYXoP_ov09-DwQgI7543lSjw_Gjlv61NY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QbHUIv3Kk0QBtdsSw68U9eBwDqUPUu7LdZ4ZrDn1TUIo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QgVMJ8xRCjlDlY4pi26eZbyg9tPd8qAqWrKFjwHh4nKw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QPK4wuqme8VKzeK1QsQ2dvwqJxY-KNFXvlDahMe_W1y4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-i386-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853544330", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11046209, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QyM41fuVjMpDB_cIB2YaNdGJHOUUaM3weN9DELTnsABU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QU5EGgsDgkSF6tGbi__529vbvsq2QKL0z80Cr3D28t3w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QyM41fuVjMpDB_cIB2YaNdGJHOUUaM3weN9DELTnsABU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QyM41fuVjMpDB_cIB2YaNdGJHOUUaM3weN9DELTnsABU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QIoLQRBKiKFpjPcKt-eXKU-TvofGjcL_MmywbDqaHFsM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvuBvK2dfPS1dGWWI_7qP9DWg0qlR8ImJktmkjf8c5kE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QQhTmor2li_Vpzl6SYLXdheuGRmfgO5I3STXgtkN2DHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoSpukrOr4tuep6ML4GzSuyyzdqSs1eGwiyVPUxZz4Ew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoAMkAM92nQpBZKnD-f8zmmDtAO6lh8HL2vofn-jQeY0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QgU3xBXkFkjxllrr5ewd9b5dhqtyO8JZGeCWKTHcgsPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5pDaWNrWXBuVdedlQywBDwFW2XzNLl4qg1IFXZm9QzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15853544331", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13405689, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qj3EHhT6q7fDydqVS-S0loHPzuIXvsssHBMyzNRsS2zQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q5qhHNJX7N-VlwLoWKwolhockzklwAkbU67FKnqAadDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qh0gs2XclSB14iCdnCBNYKtbrU2QrycPjWNiSHGKSes4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QH3HqtphmBMjQzYbeOd3CLuDGSOxlLhBFssH8vzU1yt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QMQTkgSRbqxxtKoMr_qSRQ_zGltynecTE4XcODMOjb6Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QNfa--YxZ_VOUMvepFGOAwpnFcHGrPpFL9fd1W_K8iYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QP9R3mjEa9XlFfbVahYTwd_E4LdbXoWVAboKbBmqA-ws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qj3EHhT6q7fDydqVS-S0loHPzuIXvsssHBMyzNRsS2zQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qj3EHhT6q7fDydqVS-S0loHPzuIXvsssHBMyzNRsS2zQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QWxymx4LHCN1eSWhTOBumpCXg7aCIcD1yz46AsPZ2QYM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QMM22cTbVYTPuarBSrtxxU4aaWWbumOGk6HxFAR4jRsQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15853544332", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11705561, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QYMhiyXuVXdyrA0H2ZiXJRomAkxFiLQIEhGL_n--PArQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QRhzXZIvP5rKvDby-TOpLSLTwix_agvmV4jmisMKoVgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QffG3Wkd9gDOWtzAunHgbCJ1cpgGjjyDJjiaHXhDWddc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "Q9XiFK_fQwpveCZ3U9g0JFifPtWJPriVWwH3t5vB_cpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "Q_EcTqtoIebM-EJdGlJzKKKYs2O_wT45XbvoPCttwnTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QnEzReNveKaZVSgM5x3xbalLEiNkq6_RByIWqMYDILpw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q_8uFlVZuuxUHieoDxS5mmkZ7H1dxDfBCbAILWMvgESc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QnEzReNveKaZVSgM5x3xbalLEiNkq6_RByIWqMYDILpw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnEzReNveKaZVSgM5x3xbalLEiNkq6_RByIWqMYDILpw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QUkL4aCW4qnRqY3rEWHTqQ4N8WznadhdxLUKtqfOyRc4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QzUw_fPKt_DpzPmRZ8OpCRhb8UIhajUXDanfNL5zdQHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853544333", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11302249, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q3zPup_Jxn8PPrtV-WpXapEHfNKbTD_Kh2_HDGoudMIc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3zPup_Jxn8PPrtV-WpXapEHfNKbTD_Kh2_HDGoudMIc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQ6d-PzJZtfLM6YGZ2W4CVZkRdqBKGumvssFJcE5rHAM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QpT-toNn6FgwIB44XXb4LYAx9OfKfQZ_V4h59_VKmvXE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk-O9wYvYbAk4-kdCTxCI1pbyLPeQz1l-iEFDVn-ord0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QhXx-vOAP1eJzi4AeVlbpysBAd1WFlb23__A3vPPrtAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXSAmpx1x_0ZIVgtCp7q0gKqYSQTtU6ZHRaTKGEGMNLQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QuMRkjRJ70DyvDwAxJ-nwQCRGfsav6lx6j4d1nbrSALY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QR2dn6fTE-PgeUZQaEciXdCBekI55GcZ_ZapHu9bW0Bc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q3zPup_Jxn8PPrtV-WpXapEHfNKbTD_Kh2_HDGoudMIc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QpXvWCh_8bciq9AOICmNE9LNiM597rgIrkftyJBg4InI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-28-aarch64-whl", + "id": "15853544334", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10981426, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QxuO9FK2W7L4a-nWqSrHfM1_gA46J51zGUARIqOBhi8M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QrTL6qguQamZ3vNVCB-EhXxVy1WVES3Po9fma2gMDXUQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QxuO9FK2W7L4a-nWqSrHfM1_gA46J51zGUARIqOBhi8M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvuBvK2dfPS1dGWWI_7qP9DWg0qlR8ImJktmkjf8c5kE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QQhTmor2li_Vpzl6SYLXdheuGRmfgO5I3STXgtkN2DHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoSpukrOr4tuep6ML4GzSuyyzdqSs1eGwiyVPUxZz4Ew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QoAMkAM92nQpBZKnD-f8zmmDtAO6lh8HL2vofn-jQeY0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QgU3xBXkFkjxllrr5ewd9b5dhqtyO8JZGeCWKTHcgsPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5pDaWNrWXBuVdedlQywBDwFW2XzNLl4qg1IFXZm9QzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q7MicQOt9q0e_Iv5bAbDEypgsyPbFQ0eDCc7WO1NeHAw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QxuO9FK2W7L4a-nWqSrHfM1_gA46J51zGUARIqOBhi8M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-28-ppc64le-whl", + "id": "15853544335", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13930618, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QMSqhdr3hD_V8KOG6RlHYelM03NyyDDjZG19dsh3X7_Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QLAorRutkVDwsaUYnRU-AZ9__iYIQBj4umKKVT07SEak", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QMSqhdr3hD_V8KOG6RlHYelM03NyyDDjZG19dsh3X7_Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMSqhdr3hD_V8KOG6RlHYelM03NyyDDjZG19dsh3X7_Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5Xg3S8VwTIuV22mS4UFqaixSjUgLO5lgiQaxCimbzKk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QP9R3mjEa9XlFfbVahYTwd_E4LdbXoWVAboKbBmqA-ws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QNfa--YxZ_VOUMvepFGOAwpnFcHGrPpFL9fd1W_K8iYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QMQTkgSRbqxxtKoMr_qSRQ_zGltynecTE4XcODMOjb6Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QH3HqtphmBMjQzYbeOd3CLuDGSOxlLhBFssH8vzU1yt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qh0gs2XclSB14iCdnCBNYKtbrU2QrycPjWNiSHGKSes4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q5qhHNJX7N-VlwLoWKwolhockzklwAkbU67FKnqAadDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-28-s390x-whl", + "id": "15853544336", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11882300, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qq1V3DEuHhrRMCJLvG4BRyu9IBUoSBAhBK7rKI8Z8UCQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QzUw_fPKt_DpzPmRZ8OpCRhb8UIhajUXDanfNL5zdQHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QYMhiyXuVXdyrA0H2ZiXJRomAkxFiLQIEhGL_n--PArQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QRhzXZIvP5rKvDby-TOpLSLTwix_agvmV4jmisMKoVgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QffG3Wkd9gDOWtzAunHgbCJ1cpgGjjyDJjiaHXhDWddc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "Q9XiFK_fQwpveCZ3U9g0JFifPtWJPriVWwH3t5vB_cpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "Q_EcTqtoIebM-EJdGlJzKKKYs2O_wT45XbvoPCttwnTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QbAbjcIl8VIiczAV_zAHl4tCPaji-FFgzUzUF5Hmsuco", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QbAbjcIl8VIiczAV_zAHl4tCPaji-FFgzUzUF5Hmsuco", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QjyiRQnGaSciRiVpNCo8fjEMAw5Z-OUWsU533L0IBeio", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbAbjcIl8VIiczAV_zAHl4tCPaji-FFgzUzUF5Hmsuco", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-manylinux-2-28-x86-64-whl", + "id": "15853544337", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11257811, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QgkqB9rjk1vpEH9ZiYmTBIO96TbCwcGOvHuDAvmP_N0c", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QXSAmpx1x_0ZIVgtCp7q0gKqYSQTtU6ZHRaTKGEGMNLQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QuMRkjRJ70DyvDwAxJ-nwQCRGfsav6lx6j4d1nbrSALY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QR2dn6fTE-PgeUZQaEciXdCBekI55GcZ_ZapHu9bW0Bc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpT-toNn6FgwIB44XXb4LYAx9OfKfQZ_V4h59_VKmvXE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk-O9wYvYbAk4-kdCTxCI1pbyLPeQz1l-iEFDVn-ord0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QhXx-vOAP1eJzi4AeVlbpysBAd1WFlb23__A3vPPrtAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QgkqB9rjk1vpEH9ZiYmTBIO96TbCwcGOvHuDAvmP_N0c", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QF-oY5h-0eIVnC4SOzjLBBpHNPvPbnob8nCPwQkiKoqo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QgkqB9rjk1vpEH9ZiYmTBIO96TbCwcGOvHuDAvmP_N0c", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QLjJZriI02g72ognvVVo4nqdupzhJMKswUh6lXSyapjM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-musllinux-1-2-aarch64-whl", + "id": "15853544338", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11086551, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qm2AgHADKSv0NyEL_y7QmijzXJap1nc1mL-Adbj-d9bY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QlCOCOp93Pz8I5MJ0q-sEtKcF3kFjpS18sGCxRKwqNNQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Qf6BiB3YoRvDMzbsL0u9Aa3CosCAwmLNuBBNUKsLARNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QE5hc5epb32mpjW2dVuy4IEnikqiI4w0DEmbUpnUnK_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QDWG71rhWw5alYYwBltnr5rvvNP7cCVdvwvDUTMSH6UQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QDvdhoApQsTtl1PHRb_PcL21WTmG5LXRJVQWhOK5u_Iw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QnB0iEB0cT9VuotZEX5XkrNqH78zrtuCRAy0A8ZhEZW4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QDWRjmxA_2_M463aG4eVsifkdV_TZFVR4qi8C1e41i7w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QDWRjmxA_2_M463aG4eVsifkdV_TZFVR4qi8C1e41i7w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QDWRjmxA_2_M463aG4eVsifkdV_TZFVR4qi8C1e41i7w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QaRRoiQVRNLu24r_O5RLSnISqkar3kid3dh1Q1Mp_RJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-musllinux-1-2-ppc64le-whl", + "id": "15853544339", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13642903, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q4PBQkkbwBfDywLjEZpppnuCfgqjuUI8Am1J63Ut-YZk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qcf1J_MJBrCdZCwLt8AhXUzK9LPL5qUArk3lQw_VY_vY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QyMP7xrEWqUUOwOSNyyT-CTewYthDLPl9KlnaDNE5g2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QxlXCv5Fe__itliC7FLf-B4UIrFVIU6nrzNUB07gIdys", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QwAqiWD1VzxNBbHUt_jcy2lI52uhcv8Xx8NjUR0NpQe8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QgJSHrxqoQ9P3VWR6yb6JCskdy9y2K7dA4p_6SEhIreA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "Q05qDca5uc59gVUvUf_EbCAGOg9UWoPJf38QBDy3NDnM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QautZevrsdwk9e9fI0S9F-mU7upvhfx6y29wE9HUegVk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QautZevrsdwk9e9fI0S9F-mU7upvhfx6y29wE9HUegVk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QautZevrsdwk9e9fI0S9F-mU7upvhfx6y29wE9HUegVk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QiyqrYhY8J7FjnY0hyKQIJckL3yucb-kFyBtr50zOwAI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-musllinux-1-2-s390x-whl", + "id": "15853544340", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12151505, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q8YVaBwU49D6v3cBbhzdxYz_-Xr9n2b6AGiJ6nMBIRjE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q8YVaBwU49D6v3cBbhzdxYz_-Xr9n2b6AGiJ6nMBIRjE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q8YVaBwU49D6v3cBbhzdxYz_-Xr9n2b6AGiJ6nMBIRjE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QN3PsvqgkD7W1YAzx_OpQ-TNsj_Ln-pDsoL7pu98UJHI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QwNr1hbwQDEyPdSAGOtFTdJ7AhwclAtJbDebnpdYQ6CM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q6CuJ9yFpOrZlKzaIOIxxjLXFHaBeqxjXgCgZ12IBKJk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "Q6Y6_ayuj3L6QeOXfPUjfTOXUlZa-Op5Ds4mlC4pHaA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "Q8w5o9qAWx4WvG68fqOKoyWpl8TIdhkQUaXiiIqvhg0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QcPsunrKYJyj7i-0IGeDL4utHPghPv6dLNJ0O4_yUCUc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QRE-YHHS8D-Wc_tvzManZ0PN-1O62mzmxUBUsysEFfBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "QtAL4NC0AgH2VjMWUBtEV8wRYIPD8IzyJFWnT0PRvxSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-s390x-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-musllinux-1-2-x86-64-whl", + "id": "15853544341", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11429136, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QkD6P0C9vf4nWrvYZ62Rfarh9ziQW0PLO6bauyCKBxI4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QkD6P0C9vf4nWrvYZ62Rfarh9ziQW0PLO6bauyCKBxI4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q8eu_TBrKB3PSdtcu0kqm1nQhxf1IHLyTMMNXTZd8yT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QQ-b8LAbEH-3SNFMe-6R-1che51B82nOGWbg65O7A4g0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q7-JzBmp6QKCiSG95cfl2qVSJKswUzn2R1zRRKMDXtKQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QI7dxhHqgna3A63rAneFV2rvcx6P9q0aLc4xUnCMjAbI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QyKGXe6P0AAsIjySoKW8RoXhWZiPYJQIYRdzGCki8uhY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QkD6P0C9vf4nWrvYZ62Rfarh9ziQW0PLO6bauyCKBxI4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QtIwpcVP1x25UOCLPXRxDUwR8_2QrgNys7Dd3WDrWns0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QwxXPcVOl3Wit498nzF5N3k6-kxi5j-N87Jr2zVxS5gE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QZfOwv6mvA-m8AL8OwBmzazVio9jzV6kiv0KkyYNwIds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-win-amd64-whl", + "id": "15853544342", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8603102, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QBarrOHHv6YrHRCvuYjqllmP4uTWxMnVpjmHLBk1vqSk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp312-win_amd64.pyd" + } + }, + { + "key": "QK2KfhvhqeK1Ivq28FnUvaLDu8kUD5erzHXseNpBg7mw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp312-win_amd64.pyd" + } + }, + { + "key": "QKBXpH-Jyb53-uuQcTCFPVWTNoo0WIclz760lPNpi0TY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp312-win_amd64.pyd" + } + }, + { + "key": "Qmb7EylWl2jE0hN02ioY3wTOLE6YUVeFSNSlQiQEKvuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp312-win_amd64.pyd" + } + }, + { + "key": "QOqHQUD2JLoyfUhihsmX6ugvmgWdnIQwcfbULdibT3Go", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp312-win_amd64.pyd" + } + }, + { + "key": "QXFNT6u2_ws7vsgJr8BNdAQxLk0FG0WbDTVniUB7UFU4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp312-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QWLVLWQn_Vr_RFAC1Ro6jMb0WqmmMTpVlK3kmqBrniI0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QWLVLWQn_Vr_RFAC1Ro6jMb0WqmmMTpVlK3kmqBrniI0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QWLVLWQn_Vr_RFAC1Ro6jMb0WqmmMTpVlK3kmqBrniI0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QlBRe3VaBo6nPepEIFMo90OCIcsdSuocRoOYuEVJLl5M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QCkHAOu34RongEAxJC6kmU5etTszMMDq78orQTKnfKCg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp312-cp312-win32-whl", + "id": "15853544343", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7898561, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q9zg-93ztO-1kDm6GEq6APVgvM8yrac131EKi26Fgxio", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QS12S6q_rTqC3fCBys1_BVwnfOO-Rdv0gQAsWPA7BSPo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QS12S6q_rTqC3fCBys1_BVwnfOO-Rdv0gQAsWPA7BSPo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QS12S6q_rTqC3fCBys1_BVwnfOO-Rdv0gQAsWPA7BSPo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QbTxJ_1_b3aOvgWUgHurXJHaucLaliT2fKv6XIyh1pAU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QqYvluq1pB5y953ViQc7Kyqn3SmWeLldvCx4nM3to3Tg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp312-win32.pyd" + } + }, + { + "key": "QM_EJEGAAiKKkHkuEpP2PGKQg2Ie2pWlGuU4xQvFPCbY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp312-win32.pyd" + } + }, + { + "key": "Ql-wafxT4AgZQxPfHsBgWDtgd7p2cPN2bHLz4iiHYcjI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp312-win32.pyd" + } + }, + { + "key": "QhJ4RnNQEmHPozLdhh_P_WUdxHgs8JoPdqQctckLIp7A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp312-win32.pyd" + } + }, + { + "key": "Qf3Nf7sBLROqhYPZJnl188dtxmDEPRvibWZH7ztj7Y3A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp312-win32.pyd" + } + }, + { + "key": "QdqVBw1_SfdSnCIBr0lsctnFhpj7Io2mj4bFdwtJlgb0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp312-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-macosx-10-13-universal2-whl", + "id": "15853544344", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 18525093, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QsNEJTXNvA8lRLUViqveXhAbzjAXjDd-ZE16Hy9VAlrI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qe9X_ZUtG6Zd8LRNWZgbxCdjgdYi78gOujQVnMIH0DbU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QsNEJTXNvA8lRLUViqveXhAbzjAXjDd-ZE16Hy9VAlrI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q785CRGOV_6ppBApKlisOFM_HB09DnW_LwBIEqCO2Zo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QOUzSEf8yicfQjUjCuGH6_nk8_HaMz6LJhrQtFiuAUsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-darwin.so" + } + }, + { + "key": "QQJkQVS5dcxFi2X2cI8FSS1hhKbn5TvrrQH5NKkYEUzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-darwin.so" + } + }, + { + "key": "QtgLpO1scPYmPhaAKelQiH2G8lMaeMLG9VoPY7NNBp20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-darwin.so" + } + }, + { + "key": "QtPHt2PLXNXKuWM-J_gjnWX3aDkly-Wj5mxGv8OdfGfY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q0wCIlm1whi35xmHAwGxMs7Ev2ZWOsUZTP1grGkBnGso", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-darwin.so" + } + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QsNEJTXNvA8lRLUViqveXhAbzjAXjDd-ZE16Hy9VAlrI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QkmVdZUzq4ZnSvTACmgPcNB6l8dBmRynCL3LMM7nKuU4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-macosx-10-13-x86-64-whl", + "id": "15853544345", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10325289, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q0wCIlm1whi35xmHAwGxMs7Ev2ZWOsUZTP1grGkBnGso", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-darwin.so" + } + }, + { + "key": "Q785CRGOV_6ppBApKlisOFM_HB09DnW_LwBIEqCO2Zo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QOUzSEf8yicfQjUjCuGH6_nk8_HaMz6LJhrQtFiuAUsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-darwin.so" + } + }, + { + "key": "QQJkQVS5dcxFi2X2cI8FSS1hhKbn5TvrrQH5NKkYEUzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-darwin.so" + } + }, + { + "key": "QtgLpO1scPYmPhaAKelQiH2G8lMaeMLG9VoPY7NNBp20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-darwin.so" + } + }, + { + "key": "QtPHt2PLXNXKuWM-J_gjnWX3aDkly-Wj5mxGv8OdfGfY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPticicZ44xkM8lLDIjAjGYdB690NQ_eSufxQx6fJnik", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QPticicZ44xkM8lLDIjAjGYdB690NQ_eSufxQx6fJnik", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2HP5YdMDGqLzUCj9oEdtztjIiWJPtfpoxXD2aIreApo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPticicZ44xkM8lLDIjAjGYdB690NQ_eSufxQx6fJnik", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qv2R-gRR_Jj1Odf7wssMBCEO4QPn0P1XZjBnt5jUqtMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853544346", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11927474, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QL3jYLq4f90d2bTk0xPSNSdnQ6Ogtn28p6LetZYS4EOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QH8wItKwDL_DX0rMgdBtyy7x9NJrPiJkMsJiEPYa_Cwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QmP_tO0EABisc4t4EHt5PItR8u5nv4OQlHzYlHODNZnA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QOcFFzaYmk_kI3-jpWbUfzxhOjq3WVJTbIMO1qeQRPpk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QqXRzjYtZj9Pez3QmwYOqToivPjkxQd0Od7-fpDPcyII", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QtJ98vLyA_j9gSuKIXKZ1kaBWvJ0vgENWPA9mT_lmb1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2G0b8QlTPiDLeRbBq7tfkdijjK96IcZqYj6vUUcox0M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2G0b8QlTPiDLeRbBq7tfkdijjK96IcZqYj6vUUcox0M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QEJrYUkcc1baByNGcCGP85GEfEvxT7ZT0MajLCRCi75s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2G0b8QlTPiDLeRbBq7tfkdijjK96IcZqYj6vUUcox0M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqdLP8n6KNhGJ9xvGp7R1cHPm-u_atiibvmtFFqZ7rdI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853544347", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11046097, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QjBoOWauI0xdaklHteUIY3rw9SU46FFz1n3_HIstJTT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QOIixI9crxtH3dRFHCxwXYSWhyGzgL2lf4jxk6EWspnA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qsepk4ZhU7q94OfD_qqJI0Wr1_B1vUskovMmsvd70ULg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qufw6cIwcPfdnHQyVX0qCvL63wZl4yxux8Km2GukCvHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QXgrvbT9fA2wk9dL-lWkoRP4DQJ7oRFQAC49KW6ohlww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QjgXTxy5dqcF9npOzYYP68ujzpxXirWIw2rgS6YXj8tk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QjgXTxy5dqcF9npOzYYP68ujzpxXirWIw2rgS6YXj8tk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QjgXTxy5dqcF9npOzYYP68ujzpxXirWIw2rgS6YXj8tk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QNUNc28FnBFo8vpRmHhpRowJbf3bINJaQCGEhQyghDbU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QMM0PlvKAr9Aqy77kdcvYEQpxIq3n_0nKN1ddHgYkwow", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qk3tPBsGmMy27tsDD4rd2UWLaI0FTsZdJXNmGDtBq-YQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15853544348", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13405561, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QxPArhi9tp5yJLcQMgS2IE9BiE8BvinLhCwCx71p8r7A", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QxPArhi9tp5yJLcQMgS2IE9BiE8BvinLhCwCx71p8r7A", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QD3UU8-qDo5n7NUugoJt9eS8LwbrCdKV7wGgC90Vh9nU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QxPArhi9tp5yJLcQMgS2IE9BiE8BvinLhCwCx71p8r7A", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q24msPz9-6u8omsAx1fTrm2DBNFzjwyCQVtOJgPA--fY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QtsU6-60bmEkDN8O7zHu3DlukjMjqbVxSArePbxtOkXY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QN6iTY7uYi019qyysC_4q0tPFECDbUxAovr3X-hI3hYs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QIhFSYaYaLy0TD9uvZwsBGlcr113oWQZPk7OlN3-5szY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QFnX_IB8h0a-me1m1p0jzRQE4CVyFFyBxCYetYdYabxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q25mt9qAOJ4QZFIDv5WupQMUjvEUlOPbdpZu1Lc84xJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q0AC-hCePKdqAuZOSWL8RSCxm-V62oDpGIF7llc8vh2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-powerpc64le-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15853544349", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11697257, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q9z93fv_wk-Vfcy7RdxruvBbRrGxMYGlILTHqjqITBj0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QdHqxtUZ0uwpsk6TT03DAmkpiTZJ3zBhu13dArCK4tbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QfABltZBqBt0VFBHT9e_d7iBNylJo509a-55STHlYia4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QgXBiMOCvmy-8qZ5z3oNmzTKxagoeBw6gbaZjtw0HJ8o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QKd8PIiKGQzKGnVAiEzya31ky7zMvgbngFOwwnLR-o8M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "Qn_mHvtcZmGGnMyuU2TYRZuDGbYh8lPAns9TKVUJgs6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QvAyYl1jhUTreXTtIPHuKSBeY0Wxc4iomYKXtenzooOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QorsAnOTKAHXIDjUWQQDyjKybexF3tngoisQxplWkxko", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QorsAnOTKAHXIDjUWQQDyjKybexF3tngoisQxplWkxko", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgdJsNDZJUly1PflNZlo1sc9Zw6V1GM2Zj7X50MZHQLI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QorsAnOTKAHXIDjUWQQDyjKybexF3tngoisQxplWkxko", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853544350", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11293993, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qeeu4HppSu9lyaw_vwgIz7HjFvm_p4zxV_txcc0MDvZY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QyrAP0vaqFK9NFfAG3Sn-1Hdtp-3dVMeH0wcafn-oEbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QmW2n9H5svMgK-ZjHOEskeAYlxy01BZ_7eYRBg22PNRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMNMYtBo6horCbMS5L26JnpRQGQ5T77oIPjsdU-3k5DY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb7g48GdIdCNAIjcD_-L5dAeNC-byGDxvd1n11Sy6Fm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAE3qmATMf7xpXjg4T---auUtrtysA9B-Vw9UCShvodA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q64thVNZdejD4TgT-mY5Scgtj0EVNw4KjkyQfTBbRx1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qeeu4HppSu9lyaw_vwgIz7HjFvm_p4zxV_txcc0MDvZY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QNSO9ESHBLFjYAlmomCqisQgsBDBGfcx_KgX8DH2g36o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qeeu4HppSu9lyaw_vwgIz7HjFvm_p4zxV_txcc0MDvZY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QM7CaFY-i_HuCUz6UYqklIPGMqGqTrkK5k0dqTp0mzPI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-28-aarch64-whl", + "id": "15853544351", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10981314, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QaGtdQwyVvPSdJsIkx2eMr8KHnxyJY_s-_IQbcuzJhJs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QVRZdjHWG-kma4l-0nOZ389R2lvEgBoAF45yFY_NKw6k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QVRZdjHWG-kma4l-0nOZ389R2lvEgBoAF45yFY_NKw6k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4JtIvZvYbohD6V8t2Slnu3HgapvVZIWFTeZpbDrq6nE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QVRZdjHWG-kma4l-0nOZ389R2lvEgBoAF45yFY_NKw6k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXgrvbT9fA2wk9dL-lWkoRP4DQJ7oRFQAC49KW6ohlww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qufw6cIwcPfdnHQyVX0qCvL63wZl4yxux8Km2GukCvHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qsepk4ZhU7q94OfD_qqJI0Wr1_B1vUskovMmsvd70ULg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QOIixI9crxtH3dRFHCxwXYSWhyGzgL2lf4jxk6EWspnA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qk3tPBsGmMy27tsDD4rd2UWLaI0FTsZdJXNmGDtBq-YQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QjBoOWauI0xdaklHteUIY3rw9SU46FFz1n3_HIstJTT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-28-ppc64le-whl", + "id": "15853544352", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13930490, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QFnX_IB8h0a-me1m1p0jzRQE4CVyFFyBxCYetYdYabxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QIhFSYaYaLy0TD9uvZwsBGlcr113oWQZPk7OlN3-5szY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QN6iTY7uYi019qyysC_4q0tPFECDbUxAovr3X-hI3hYs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QtsU6-60bmEkDN8O7zHu3DlukjMjqbVxSArePbxtOkXY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqWEH5HTXLQFT7Yi7JxaDJ_ioNwqSFRqUnTDAM7SJ4jg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qjdgj4N09Svex34whFFAxTTYv1SqjHp0EoC_BrRt3dIQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qjdgj4N09Svex34whFFAxTTYv1SqjHp0EoC_BrRt3dIQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qjdgj4N09Svex34whFFAxTTYv1SqjHp0EoC_BrRt3dIQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q25mt9qAOJ4QZFIDv5WupQMUjvEUlOPbdpZu1Lc84xJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q6-07-69j1JdtyIHV4kerenxxiFzEJNFtevyxiEpsyXQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q0AC-hCePKdqAuZOSWL8RSCxm-V62oDpGIF7llc8vh2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-powerpc64le-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-28-s390x-whl", + "id": "15853544353", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11865804, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QdHqxtUZ0uwpsk6TT03DAmkpiTZJ3zBhu13dArCK4tbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QKxIYXztX2mE-3m_bt8my_OadjT4QYyBsnXWZCXWjVMg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvAyYl1jhUTreXTtIPHuKSBeY0Wxc4iomYKXtenzooOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QKxIYXztX2mE-3m_bt8my_OadjT4QYyBsnXWZCXWjVMg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QnKP2VHw9IyXAVTrClx43rJxz7c0ja31ow8eOHbZEcFw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QKxIYXztX2mE-3m_bt8my_OadjT4QYyBsnXWZCXWjVMg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qn_mHvtcZmGGnMyuU2TYRZuDGbYh8lPAns9TKVUJgs6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QKd8PIiKGQzKGnVAiEzya31ky7zMvgbngFOwwnLR-o8M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QgXBiMOCvmy-8qZ5z3oNmzTKxagoeBw6gbaZjtw0HJ8o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QfABltZBqBt0VFBHT9e_d7iBNylJo509a-55STHlYia4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2JL_2j2K0-k1bcoBcdDN5oBwmySbdbgZazMhNeCiiZU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-manylinux-2-28-x86-64-whl", + "id": "15853544354", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11253491, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QthD0MBLXTkH_RrfaLZXZjLSMeXTPzHWXASpgkzbRpfI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QwX4KSInc52ZXAtGzU_4nPLFrhr3W7hWZHDnjND_CLPo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q64thVNZdejD4TgT-mY5Scgtj0EVNw4KjkyQfTBbRx1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAE3qmATMf7xpXjg4T---auUtrtysA9B-Vw9UCShvodA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb7g48GdIdCNAIjcD_-L5dAeNC-byGDxvd1n11Sy6Fm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMNMYtBo6horCbMS5L26JnpRQGQ5T77oIPjsdU-3k5DY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QmW2n9H5svMgK-ZjHOEskeAYlxy01BZ_7eYRBg22PNRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QyrAP0vaqFK9NFfAG3Sn-1Hdtp-3dVMeH0wcafn-oEbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QwX4KSInc52ZXAtGzU_4nPLFrhr3W7hWZHDnjND_CLPo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QwX4KSInc52ZXAtGzU_4nPLFrhr3W7hWZHDnjND_CLPo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qy6SWEOsuRBoqo1yeqN5PNOWu3FLY8ePPTZiQPXbUBKc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-musllinux-1-2-aarch64-whl", + "id": "15853544355", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11086551, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QDkE4mlqrRVZtC0AJpbgc3F9_GaN0DNrEHnfgmzB7R3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QhN74xVUR_U5ESV65WI2wyfUBT8P3oRr-DEZAkOiyw98", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qo96_75NUjtzWZa9KCwRyr5aCk6sr5oZT75G1Tnxx9gY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QT7D8GvA4pxMjMPHTF9UyKlVvAdrzctbehVu0rKdBiRs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QX1b6dSPDsExEk2sYQrYtDXiQeGma6X1rTJspuBSYcSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "QZyovx-NCbQtkw5ILa3RJ698JPHLDfDm6_071rKVap3c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMgkqS-VOLsnOsWx6oAZ8zQpLjlKgiGyZj6WHKSySYeM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMgkqS-VOLsnOsWx6oAZ8zQpLjlKgiGyZj6WHKSySYeM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QhX2EGdth6Lf0uZyFl2ao8vf0mRbM9AvxQq2pfeiEe-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMgkqS-VOLsnOsWx6oAZ8zQpLjlKgiGyZj6WHKSySYeM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QykeIJPVZMJBZp6X4Tlxjo147RlXeXoXrqRUXJKsHjVc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-musllinux-1-2-ppc64le-whl", + "id": "15853544356", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13642903, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q123cjoZOMy1-QpNFqu6yuCgj7MVvso2f_i_NqeOB2aM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qt81s9sSXLKTXuokyRoSVVN69tu0tTU-_SnCDxflYmNc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qt81s9sSXLKTXuokyRoSVVN69tu0tTU-_SnCDxflYmNc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QR7On8BTqosfdxpswbWYHR-2Hk_SrYfJJeKgUhOnmbQY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXHljJx09iZNMmyE8io_oS4efgwe-7ELjBjb3CwgkFQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QsNKeCnLIjmlf7yp3cacTrefZaKW3VAy7EDpOCqV95Ls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QQTRPDcQa2xtJRESqPRWEN1UiIRJskVMUvXx2fuzk578", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QQAYtqOgSzCM4lEkkn-GA1bDLvDLRPpcu7Mg_SQg5uFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QLgsM3BA-r_qZzmkqhnyIgjO15ZMrg6xVrNi60jjjkVw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QINRB6MCYjbY9vSo2uBZlq1L1HyOBRdU9mnoOXCwqVPw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qt81s9sSXLKTXuokyRoSVVN69tu0tTU-_SnCDxflYmNc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-musllinux-1-2-s390x-whl", + "id": "15853544357", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12143313, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q58lmJVI9uH05WfJg0HsZzAhDIneYOBSKXjWgE6Uj6Eg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qk4evZL2zQ4HOrU_94bXcYycciJM7VYjIqhkGyUNHLv0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qk4evZL2zQ4HOrU_94bXcYycciJM7VYjIqhkGyUNHLv0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qk4evZL2zQ4HOrU_94bXcYycciJM7VYjIqhkGyUNHLv0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QED850ulqJF8RhArQgqgdcX3aNWZ0JiZRd8E3KjxBSPI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QOiHutwA0hsNSOAbm8nZzhGRtEKxA9eBzAP9owjuylJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QnKbRVxIQS13Qd8D4_fIf3u6olJrOvkgsDjUW-wX6ASs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QIw30rfdkaxvkovnpFycVS7HwUg7p9XC0YUG319yWPFE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QeHya8IaypI7L50QmvS5MnBz7eiPzRF001dmW7zFBRqg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QAFlBpo1iaDqdn3h8-_GqTPVMq4NrP3_uczcCadV3bIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "Q7nEjF1Z-ewEW3XQIRS7IV3_ZFpZ3srXoIMjvrmF5ZA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-s390x-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-musllinux-1-2-x86-64-whl", + "id": "15853544358", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11420880, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qt9qodpkdLGifvCplyH95W_SSkyfoPNNY-apT5rxtpqw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QmnIZl3Dv9BLgogCBE2mteMtsxaPyysJEQohR1bpYzaI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q0Wz7-mnmm8t5OMDJPsjLdwxDsDVFvqpnEUPZaO3opPk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q5i_W3u9W9bfx2xTgcs4LugFW1PE5i8x5B1gOgkTQw4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QABn7STEfYc-Xsje3EJpjeytIl3B0t3u4g-AiPJ6HoWg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QmX_HNisHEfy-X2URUqlh6JtdOpEIqMEB2AXUv-Q4zUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QWoLrqfbgC_TlrU6SV0jsr0WHUgUxSu4h01x2IrMa324", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QZ_PJ_6V-Ohf1_n9n5HGgWF2meLvWkmhNPUYL1jsxt7M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qt9qodpkdLGifvCplyH95W_SSkyfoPNNY-apT5rxtpqw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qt9qodpkdLGifvCplyH95W_SSkyfoPNNY-apT5rxtpqw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFs6B51R5GGxZGBhmSi_LnjiTREfKTLTLy5B4gubFZmI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-win-amd64-whl", + "id": "15853544359", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8596958, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q7bzTN-0WVuWYvUxpk-7lcgQ9Vs-1vV_nn1Qqy62zS74", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp313-win_amd64.pyd" + } + }, + { + "key": "QELEP6y-PfEZdIzTqTVK9H301VaS3W7d3YlBRX1WauqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp313-win_amd64.pyd" + } + }, + { + "key": "QL64N28jxCdnxeucNqAPUyXT8sCW1un7UVheA1cSeWHE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp313-win_amd64.pyd" + } + }, + { + "key": "QMZI-WJsgA_xtPbPcXda1_-Wj8-A1ypRskHCU0rdo5nQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp313-win_amd64.pyd" + } + }, + { + "key": "QwjuFXZLcGZW1aXM9hiJuNCTzqxPbrhVGa98iyzhOx64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp313-win_amd64.pyd" + } + }, + { + "key": "Qwu37u4nfNDyhOzeubQlBeYPle7D73sASTIW6j9XQDCs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp313-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2t9eiI5wUUKYVi3Od-_8LcIajHyBhINlhOP82TX6CsU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2t9eiI5wUUKYVi3Od-_8LcIajHyBhINlhOP82TX6CsU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2t9eiI5wUUKYVi3Od-_8LcIajHyBhINlhOP82TX6CsU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qq7MKeHHEW2Azw_AJ8uGNodjMlBPwKl-1TcAdQidVMQs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QOBy11Xk-74wm5LNEo24zgIn18Jyy6907Ga46fwB3poI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp313-cp313-win32-whl", + "id": "15853544360", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7896001, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Ql0nwGYbLQnPXTUGmsl714nS9Pi_dtzCG5f54ULlbtgE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q1l_oQaBqDwfk3sbeMLUaCuM6m0xiUzNG0sgbcRbb1I4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp313-win32.pyd" + } + }, + { + "key": "Q6NsZhOhi5xPcDvoieZTNcVC9NCuqmhptX8H96Q8H8iw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp313-win32.pyd" + } + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Ql0nwGYbLQnPXTUGmsl714nS9Pi_dtzCG5f54ULlbtgE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QoWybTkxFdcPbBsbpZQBSkyJ3bxskdXw-G5-1UMmtDpU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Ql0nwGYbLQnPXTUGmsl714nS9Pi_dtzCG5f54ULlbtgE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QJ_KtagYHMbacdEoUNOGtfzwuTyqBDqI9HQKNNcyFW8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qxi6nE943RSUZYGEKmEYgEajh77rnpUOdDRLeGB82MUw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp313-win32.pyd" + } + }, + { + "key": "QPqmaFvTbiXAq37ls7HwN9w985Zcw1wDD6_OmLvAzrPU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp313-win32.pyd" + } + }, + { + "key": "QL0elZm9y0e4cG4PPtz8O1pYSqhQoA2gehOrLZ_ksPiI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp313-win32.pyd" + } + }, + { + "key": "Q9TTkCuhnC8epNjeXFLN-EM8lPOGSSL6asvra3alBc10", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp313-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-macosx-10-9-x86-64-whl", + "id": "15853544361", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10421147, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q-f4yfZqbE_3sThTslbEcfLwW_mXTAEGLixJ6V68xSBo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPelrGuTbiCojPgNl3zq8Dlo5AMIRxRz1P-H3-FL0iCs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-36m-darwin.so" + } + }, + { + "key": "QnddHHIGTXPBwit4WRmfkgTUaPz_4MGCzpqUD3rarBro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-36m-darwin.so" + } + }, + { + "key": "QKHS_xD4XEKdSu1ZKXqKDQlXw05_oix7H1eGMgXGPA58", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-36m-darwin.so" + } + }, + { + "key": "QH1pMNPYddCBctWSZvQ_bEGnGiYyIf3ht9vutA1rrvdo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-36m-darwin.so" + } + }, + { + "key": "QdZSGAZB8qeREsWUxpIOOv7KKZG5hejH-fSxZ6LFOwds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-36m-darwin.so" + } + }, + { + "key": "QDl3bDJm7clbRLg6w7egmdn2vrJGDnNxEXctpd8BzbOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-36m-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-f4yfZqbE_3sThTslbEcfLwW_mXTAEGLixJ6V68xSBo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QSOFAR6bDXstCtt4VB22-GwYXLfESGIsYAbayAjkRCfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-f4yfZqbE_3sThTslbEcfLwW_mXTAEGLixJ6V68xSBo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QGBwELdQkl3xTv6VaXqrXMbU2r4p4BB2J2GX-de0loOM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853544362", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11661678, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QFnOQ61Wov_v9gbUHXgC33zf3aMYm9pAwsZoNG9xcWr0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QFnOQ61Wov_v9gbUHXgC33zf3aMYm9pAwsZoNG9xcWr0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QYvQgMuX4HJZFM7pM2WXwbCqkRqVvDL62uuRMmMM_8HE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QVYs9G5wFm9haQr6jVeNBj16BFG-ChZebbFOzBu8PJMA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QVB6RhEQXLU8J6vOyYz_msSDjK-qZfzjOvFNI-TmzaKY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Qe1pnZ7CocHLbWUg7nuiSm6SWgJVil3KQosTE_ePMnk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QDFhFLBezcKyaNkbdkIZ1v7bBNvUnFHam8OGV24vbhzs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Q3dULV15W5ctwIDDAtWTCYfnHS29cSAuaSzPqAtHfUmo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QcoD93RmIBAwERCGZgbl_QmnsLAYpO7r4SL3KpkIYIlQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QFnOQ61Wov_v9gbUHXgC33zf3aMYm9pAwsZoNG9xcWr0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QhwADnLmxYS9zMrl-MwtBjhcQgzMUZ4wBc2XE1jNTUFs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853545893", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11077127, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q_XzSmjaSf-8o23aZniCekn2fYSWGwEfUA5e2PbCLVOM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QCg0SQOjqQgJMKJGdck7tWMma0l_zpwKw0xH19vXbvIo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QCg0SQOjqQgJMKJGdck7tWMma0l_zpwKw0xH19vXbvIo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QKTruiqzvDRBQUTg4okiHUs1plUplydUjMy0_08QbUrE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QCg0SQOjqQgJMKJGdck7tWMma0l_zpwKw0xH19vXbvIo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-manylinux-2-28-x86-64-whl", + "id": "15853545894", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11032690, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QwYxJO2MQ5NfsqYh96WGBSNmIPLpekpJRdVl2_O-OjxM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QwYxJO2MQ5NfsqYh96WGBSNmIPLpekpJRdVl2_O-OjxM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QcnSPfCFKDy_f0hDXR4eZc33I-YMnpUdsRp7XvyJTH3k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwYxJO2MQ5NfsqYh96WGBSNmIPLpekpJRdVl2_O-OjxM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMaCGClf66FzUg2RbkJLh25bbzLGa6awMtxsSaV7f-Ig", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-manylinux-2-5-x86-64-manylinux1-x86-64-whl", + "id": "15853545895", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11411643, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QTvIlgstvUOTk4lS9hBBDbNUg1sb9fV5fSTvGmg21IzU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QTvIlgstvUOTk4lS9hBBDbNUg1sb9fV5fSTvGmg21IzU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QbXUKPI9V-vX8mu5aXSpOEFwXVI0WVrdEqT4CUFtP1mI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QTvIlgstvUOTk4lS9hBBDbNUg1sb9fV5fSTvGmg21IzU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QJKFao4kea8NfB2nIGRbmFXa5M1q8F8MbtseTOws-UAY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-musllinux-1-2-x86-64-whl", + "id": "15853545896", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11163657, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QztqnSnfm_P0qkvioaUCUq74Wsep0Mx1-CNcBQ6mdBBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzf0AjntHovQKc-dIQj-nr7VbQSoMZABzN0D0kjMFkig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QWWL1Svr_wq9zybnZByD7L_8g_tyf7u6bQ_APLHziQgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QTl8iLzi1dd3dfBP9gCMt_3AfpcfzG-zByxLgUPyzyw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8sf5T3DkDFwmWY_EwCrniYAxS-LBUHLZ6vp4nHXk5qE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-mkbrvEa24JZsVB9aUfX-88xfQEwdFCIKjIXIHL-vTY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q3KZUGkucsVPZiXlYj2zjAkT61GCu7FEo52mZCv_6n9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QPZOzQAyv3tCjjZ_ykQC4u6rpodyfEvLejmjdvlU34js", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q-mkbrvEa24JZsVB9aUfX-88xfQEwdFCIKjIXIHL-vTY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-mkbrvEa24JZsVB9aUfX-88xfQEwdFCIKjIXIHL-vTY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q60uMEv_uhQ1pR3jMBg3EhJwStTWYWCRlbul2IQX3Ypk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-win-amd64-whl", + "id": "15853545897", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8870289, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QNmUMqyi7Zxxon2v9Hoa_5IMQkY9hbEnVOvYepntTJOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp36-win_amd64.pyd" + } + }, + { + "key": "QOmHwzJdcDEMnbzbXCpzENeC3Mk9dpHh-DxhmX5w7vRw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp36-win_amd64.pyd" + } + }, + { + "key": "Qq5niINtweiJTrsM9QCFph381pFAguux-204clxLoaZA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp36-win_amd64.pyd" + } + }, + { + "key": "QqATqBjkwixip4SF5TPdQvo8B1zaLg5nvcgj99V5nzzQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp36-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QRj0GS-qtY9z-XU-d0pmrNcEYjsSJkjHbJVwLLuidarQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QRj0GS-qtY9z-XU-d0pmrNcEYjsSJkjHbJVwLLuidarQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRj0GS-qtY9z-XU-d0pmrNcEYjsSJkjHbJVwLLuidarQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q15TvUhxWAneDqfumF2H4ItPbtpANxf-EWj786ADZkdo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QjaFpUHmj1UJvoD-IbcU_TiENOrbjUEeIGrxwPJQiy8g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q69-R5ApjEywM_YC2_5qL8jtmt9-NptG6jet9ukn0oh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp36-win_amd64.pyd" + } + }, + { + "key": "Q6b6KLB9qi1C_y0sXwE8ENJGBZx-Tr9dH6tUS34WoPWY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp36-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp36-cp36m-win32-whl", + "id": "15853545898", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7975283, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QAvhPz3m5F_66_WinNSju7sEIcBuXqvbYFzW5dHMd7fw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QAvhPz3m5F_66_WinNSju7sEIcBuXqvbYFzW5dHMd7fw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QYljM66h--sVbnuBxYD3mwDaWgO9h_KJz6BJAm2i2dRo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QAvhPz3m5F_66_WinNSju7sEIcBuXqvbYFzW5dHMd7fw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPzRMg6BpdCWGpxhgkjTXJ0dkzAdmePbMasYVJLRZiQ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QYlqMHnRv9lHXhcVdRbLs3cMysIemvn0HGCYlZPi-HpQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp36-win32.pyd" + } + }, + { + "key": "Q_B_gcniT18mYSz46wrjsTPF_npD5KfPMuBTvCgiSgNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp36-win32.pyd" + } + }, + { + "key": "QDCF87XxA734xG0kpk4WbXj-Zx0AO9P0NeJVNRizHnVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp36-win32.pyd" + } + }, + { + "key": "QEjPRKxuVMEdYYUc1SnZsWZJaxYH6gmtJzq_H0K0Nec0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp36-win32.pyd" + } + }, + { + "key": "QPXsX5Jcnp1cy4z9dUB8zJTk64ZT0muOX-fGLXqEKWcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp36-win32.pyd" + } + }, + { + "key": "QUX8-wx14ga8JMPqCWe3I4HnL6mau3a0zli-sBblfDNk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp36-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-macosx-10-9-x86-64-whl", + "id": "15853545899", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10501391, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QwKyaE_IDQSBiOxfwNk8yP9LQ58owo5ebNtqk_lm2-9Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2BhSu8G4LE5xu7yaL5fvq9NrWg9m0nJ9FKSOuQkBGvc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2BhSu8G4LE5xu7yaL5fvq9NrWg9m0nJ9FKSOuQkBGvc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2BhSu8G4LE5xu7yaL5fvq9NrWg9m0nJ9FKSOuQkBGvc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvhV8Zd2ApsM6DMHrVmmwL9MntHo9aLL3dhFzmXwNjEA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXmM8WfFJlfvzBhVZ5Gv4LTiERl4X9qYYgmaSyOFCgmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-darwin.so" + } + }, + { + "key": "QJBJDw_InpzT69hud1LuN6mFRAb2VT3x5XHu8pUyoP7A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-darwin.so" + } + }, + { + "key": "QhzoFcApF9tMMUai6sJF4DwHiMNjnuMNykWtMtIYD6_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-darwin.so" + } + }, + { + "key": "QFpwaYapym-35Wjjbzs9ReYR0BuL2K7IIW0pTJTQsdig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-darwin.so" + } + }, + { + "key": "QeNXY2PGTeU4Ww5FH_jf9IvbATzSLk2OTfygvR9uxEuQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-darwin.so" + } + }, + { + "key": "QbwziBTkVuoIJL-nvb3UEWJ30n7tKDCjM7HR-dFlgzmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853545900", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11985430, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QStgDG3iXIwaaqi12SY6k8KaB7xBezAJASBbkXEzmtsU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Qn9MD2k8fWbVPms6mu0zx215wA7sIL2h8srzZS5DmLCk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q-kc1EIzdN9ml53rSx-WNPRapRLq1iFKjx6dsdatB93Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Q1Z4BWh4qtGlwidEsNfaIzXIj2wOtCeVL9QEthCjrQwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Q32buZlHv-BNo1iJ_tpEhYrtdcBiV39dhQp-gYt6gohI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Q_nnGvhV425nyuarbFEUgT610Zh_M2XZjSiCBne0vve8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q_nnGvhV425nyuarbFEUgT610Zh_M2XZjSiCBne0vve8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_nnGvhV425nyuarbFEUgT610Zh_M2XZjSiCBne0vve8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QgoOj5Aj92nJm2MlMJ3Dp-ep4MCU-Cdoh24XuiFV8JsE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q47IfHSnB72OCXoXxRAR1yzWBtafaNRfQcOxvUmqoo3I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "Qy_VnbAqfglZudITFcSlMPaKRRIThzMK1C5W4koeO8Yw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853545901", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11250511, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q06jXXRlvKUhFKjO2NmbWwEoIqmC7kSuUPSXDY0Q5sT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qc0qtrJb1zYY2ElrcpcwfLEoe166j2sb40krIKI0j6Zk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QfsVgQ1ZqoRvSnraVlmtf2Tu6pYiDfo7zeS1N8_Ji5VU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QJ1wsILZHXQZu9yHU0U0i5YbTbN91OROUflXXr_BmgIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QkJwCh6LwniaWBFd62mdo2A75vLhtqeQGnElfvesf2dg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QXPCD0892PDZZrYoBtnyr1am_mr6gq2gyt8ewyIuXuZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qd40uFrkeOOec9BokhLlfPY4tVjzG5PuIXS9JsCqmKls", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qd40uFrkeOOec9BokhLlfPY4tVjzG5PuIXS9JsCqmKls", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QH2W0jBDTXfGdtLnlcvEM3d-tc1Nok4dguFIhjyMbWIM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qd40uFrkeOOec9BokhLlfPY4tVjzG5PuIXS9JsCqmKls", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QIS9CibotXb_d-5d7U0vX8_ISzmciOgekPxtOEwjVyiY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853545902", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11380559, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6b1EWeuFEBAKK2cxOj-5sVsPM7WQUIux_EGXaQ9WpKc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQ2Fsramh0oXm4qD3AOxudars98506aaLsVrfpKDH4Ys", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QzTIwntioIrfR1ovNtQXPI0SnYyALsIZRR3nZ5V38Oeg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QwVZwAiKjpCKzJQcB3U0QedGk1_S83vTP37DOCbqLFmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q6b1EWeuFEBAKK2cxOj-5sVsPM7WQUIux_EGXaQ9WpKc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QN2m_UyyQDMYRKDXwVMlZq2x1ngyP9gmA4xjFl-RqFEA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QD6o3cCVl5XTN55hdX1UGyV2Ns82i9oHd0tQyn9U_6hM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QA1lWa4j0iEOL_Lj8cu4cej2kgmNb4Lg8GQRh7HrA0qI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9TM-jsc-D-XRKPwKUYtj8X6HDia3dH4CmyvOaBZBSxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q6b1EWeuFEBAKK2cxOj-5sVsPM7WQUIux_EGXaQ9WpKc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-IrCZk9nn-VuJ6nkO4NcssEAT9lDPrI-P6eczOjoXFw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-manylinux-2-28-aarch64-whl", + "id": "15853545903", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11251345, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qu4A48OF-xtrLDBZBD6QWH1grak4Mhw7TuAbWtvpQ-Fc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QT0IgTlZnd7Tp7tmtDtXSosvWVxBJlPX9CuIpp4kD6cM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q06jXXRlvKUhFKjO2NmbWwEoIqmC7kSuUPSXDY0Q5sT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QJ1wsILZHXQZu9yHU0U0i5YbTbN91OROUflXXr_BmgIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QkJwCh6LwniaWBFd62mdo2A75vLhtqeQGnElfvesf2dg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QXPCD0892PDZZrYoBtnyr1am_mr6gq2gyt8ewyIuXuZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qc0qtrJb1zYY2ElrcpcwfLEoe166j2sb40krIKI0j6Zk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QfsVgQ1ZqoRvSnraVlmtf2Tu6pYiDfo7zeS1N8_Ji5VU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QT0IgTlZnd7Tp7tmtDtXSosvWVxBJlPX9CuIpp4kD6cM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QT0IgTlZnd7Tp7tmtDtXSosvWVxBJlPX9CuIpp4kD6cM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QP3ugPGs84-gt_UcDkyxZeWkV01sR9WPpJtci3LU5Q-k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-manylinux-2-28-x86-64-whl", + "id": "15853545904", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11348410, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q9TM-jsc-D-XRKPwKUYtj8X6HDia3dH4CmyvOaBZBSxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QA1lWa4j0iEOL_Lj8cu4cej2kgmNb4Lg8GQRh7HrA0qI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QdHbUK1BX7nRR1RM8KSAZ1-D5TnU4aqq7xLhw2WjMIgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QRdryGSEh4NL8yu17mGedkloadxy_okvkgGIIm5WCvd8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QRdryGSEh4NL8yu17mGedkloadxy_okvkgGIIm5WCvd8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QRdryGSEh4NL8yu17mGedkloadxy_okvkgGIIm5WCvd8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QVTGKM98wy9ZhqK4QJSCNoe7K7i_vXdVtp6Mwdk8Wi4s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QzTIwntioIrfR1ovNtQXPI0SnYyALsIZRR3nZ5V38Oeg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QwVZwAiKjpCKzJQcB3U0QedGk1_S83vTP37DOCbqLFmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QN2m_UyyQDMYRKDXwVMlZq2x1ngyP9gmA4xjFl-RqFEA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QD6o3cCVl5XTN55hdX1UGyV2Ns82i9oHd0tQyn9U_6hM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-musllinux-1-2-aarch64-whl", + "id": "15853545905", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11422080, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QJ1wsILZHXQZu9yHU0U0i5YbTbN91OROUflXXr_BmgIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qc0qtrJb1zYY2ElrcpcwfLEoe166j2sb40krIKI0j6Zk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Q06jXXRlvKUhFKjO2NmbWwEoIqmC7kSuUPSXDY0Q5sT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QpcuCv24xgJKb59s5T63kDwzLCEmFYTy5AasZFXiMF2Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QouMTyiD_XoRLbbCkr2zdrCWzdmaAJfty37inCWjm66E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QpcuCv24xgJKb59s5T63kDwzLCEmFYTy5AasZFXiMF2Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpcuCv24xgJKb59s5T63kDwzLCEmFYTy5AasZFXiMF2Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMxPzENUDQXfKnCGSgTwpGV3MqgQypMDwwpCi8mTcaD4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXPCD0892PDZZrYoBtnyr1am_mr6gq2gyt8ewyIuXuZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QkJwCh6LwniaWBFd62mdo2A75vLhtqeQGnElfvesf2dg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QfsVgQ1ZqoRvSnraVlmtf2Tu6pYiDfo7zeS1N8_Ji5VU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-musllinux-1-2-x86-64-whl", + "id": "15853545906", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11487153, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q8lYU1bMzB2HXErApU29T7-ybt3w9IhW7DKL7hMPeYnE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q9TM-jsc-D-XRKPwKUYtj8X6HDia3dH4CmyvOaBZBSxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QA1lWa4j0iEOL_Lj8cu4cej2kgmNb4Lg8GQRh7HrA0qI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QzTIwntioIrfR1ovNtQXPI0SnYyALsIZRR3nZ5V38Oeg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q8lYU1bMzB2HXErApU29T7-ybt3w9IhW7DKL7hMPeYnE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-Zv9Fg2sxRfYTeP_8t2Eht3w_p0XJyzJMByueS2aOrg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QD6o3cCVl5XTN55hdX1UGyV2Ns82i9oHd0tQyn9U_6hM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QN2m_UyyQDMYRKDXwVMlZq2x1ngyP9gmA4xjFl-RqFEA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8lYU1bMzB2HXErApU29T7-ybt3w9IhW7DKL7hMPeYnE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QsNe4e1ihLum6hPbrK-ubYGaovh7JNshP47CX4x6ST50", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QwVZwAiKjpCKzJQcB3U0QedGk1_S83vTP37DOCbqLFmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-37m-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-win-amd64-whl", + "id": "15853545907", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8528351, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QpdQCrVb-MZ38rEQ8MsPFJH2n1sHVVd5oYwMhk-S5tuE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QO8XG34m_1vL1bj9aHlM8h-sTbtiJgFz3DpjsAt2aRUw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QpdQCrVb-MZ38rEQ8MsPFJH2n1sHVVd5oYwMhk-S5tuE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QpdQCrVb-MZ38rEQ8MsPFJH2n1sHVVd5oYwMhk-S5tuE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QVb59XVS7hCgEGbzf8iGTcI_bmD4_XFd6g0NWJgaQZM8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QwD7LPOleuWFTuRTgk0BeCTZoUmcNmk8iQn152Gl5q40", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp37-win_amd64.pyd" + } + }, + { + "key": "QVfCaEHSPhrULS54kHTSf3_IPndnXtbPkvy7rstN8ANY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp37-win_amd64.pyd" + } + }, + { + "key": "QSkea71rs2PlArEKagx_DOFyS2r-bXAk_wJCG3UCzcz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp37-win_amd64.pyd" + } + }, + { + "key": "QPwbK326cmG2r2DSzKB87W7CnwCInU2D-AJe5hIoISy0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp37-win_amd64.pyd" + } + }, + { + "key": "QaneU6ZwmTFhIJ_8FJ8USLbjb_2GX8Cv28Y8M1Ks5cCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp37-win_amd64.pyd" + } + }, + { + "key": "Q4KrDDFVItGR_37E0-dVT1vXGkR2QRSu9KsJt-lDHZNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp37-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp37-cp37m-win32-whl", + "id": "15853545908", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7743938, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q8rGGwT_QTcAxtag4NtWF72XWS7KMKkLfIHiQw1FK5is", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp37-win32.pyd" + } + }, + { + "key": "Qgu5NJ7AMyyvnXS5xX4To7eA7t8Bi6gdyRrwYe3NJLGo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp37-win32.pyd" + } + }, + { + "key": "QlrQH7XtDOxOwwH-APCBj2kv3FJZwnVGcUxUElmreps4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp37-win32.pyd" + } + }, + { + "key": "QIxXB2otYJOTuLyJpulesP9phJGkdOza7ssV375FaJcI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QIxXB2otYJOTuLyJpulesP9phJGkdOza7ssV375FaJcI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QCA0bpTFlvqI6kiii5jwyG7pthUp-gPVXdw9IMomTOCs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QIxXB2otYJOTuLyJpulesP9phJGkdOza7ssV375FaJcI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QXZhCi9cFhgwwzZlaEtMJcGapUFsQA9vAJCwkPfG7roI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qm99dU4AEeRKlywRrxnsL9x_uArXdMnzOgclIfYsjUPo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp37-win32.pyd" + } + }, + { + "key": "QSv6zWnYChXf_B3Fw9umTj7TKbRnCYWJv2ULY2M9HdtM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp37-win32.pyd" + } + }, + { + "key": "Qu0ix4S_XsOoORXAVqZsjnBjXCwZDiGyfF0uBOge7XYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp37-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-macosx-10-9-x86-64-whl", + "id": "15853545909", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10476848, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QPFHV_VgVyW_-MLM9inBs5H590D2C3LocfEYQal_-Los", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-darwin.so" + } + }, + { + "key": "QtS972tnl3E_eYY-EywDXSyB0UQnGaEj6_C_4g-p454U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-darwin.so" + } + }, + { + "key": "QZjF1FSvA0E-SZDdWNgfv6AnL8az1w7vuT01b5TrmxeI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QYgcyD6nNjaS6rXQOkG2Udkr2tl8XOFS9EnKlkoX5KKI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QYgcyD6nNjaS6rXQOkG2Udkr2tl8XOFS9EnKlkoX5KKI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QKjEt-OrceVKFI57zoUS5TYi0elN0RCm2TqntXKB-XBQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QQlfmNqkA0yUMmo6d1LcgLhMiLD-ns9_E7VYu0sbR9_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QYgcyD6nNjaS6rXQOkG2Udkr2tl8XOFS9EnKlkoX5KKI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QimP_toXDW4WTtegJm8o2BL-yJRZHeF3luI59BCE7lcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-darwin.so" + } + }, + { + "key": "QiQUZbq4WCvZijVWizF1N0jBSTQ1GvyIhn5oknmddGE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-darwin.so" + } + }, + { + "key": "QoNPN95n76psVgM6eGSnuEqu_7YlJUrPrwbOed4G27To", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853545910", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12054708, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q_BErJ0PdUgrDXfy7GCgiMg8juoJjs34Ektp6yhbdcpw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QxKdN4-_PBkzRZoWIybe8QU6ziMs1LngKH5FS8-jbXco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QNK4wgKMty4gLquWSynknALcqe3-kuVteIvaZO-P88z8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "Ql4NfoorWwqW-ZQZY4PSNCv0t4tRYIVXEJjHhtqz6atM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QJUetQSBQbaqcrMydyHDmsJq66GDvJgrM9edn6ix2EOc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QedtGLTvpgEKf11bczqxlksYWUbVKaOBBWcNbKJPfcrQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QJOyegN4TrGKp3IZinoJSjs00YEDESX6srkTdYMx0zTM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QBq2B34oezDhBgH-hw2j6VdbYxcXtQo4X3MFOZNiPCzg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QBq2B34oezDhBgH-hw2j6VdbYxcXtQo4X3MFOZNiPCzg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q7FVZerbiZEW5QYgUyJo9OfOW4Z1DzL77EACONZHmlQE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QBq2B34oezDhBgH-hw2j6VdbYxcXtQo4X3MFOZNiPCzg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853545911", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11242863, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qtmg0zm_i00Dfaq13lDyeqwEepA8PUgR_Xqq2UYnbHA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QhDOt9nfBc4ztbYcSrcFZTyf_KqfVnwyOnDFgnIE7l0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QelQECnauaOIpMoWnR5xFAEbg916HB8MB_SDUUcbFvqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QeIk1wtsXgMPXzfbjbILokfniL3fD_XZ74jJ4E89YHSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QQTHAavEEpmj0m_-rL9ujSE1YMoYxJIwXO5D2TQJt6Jk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QrpP723PoawqrG0TgpKicXGTMzBP9iKAA3x-41KlJD5o", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QrpP723PoawqrG0TgpKicXGTMzBP9iKAA3x-41KlJD5o", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QrpP723PoawqrG0TgpKicXGTMzBP9iKAA3x-41KlJD5o", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QeHM0H-3S0iUnnYa0zte-cQytnoqOdw-uV7_ANHVNTqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Q1k2YSvkC2sYCKVjuDSeeAhmDhUTjdFwXoJQFYXyVtEg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QyzKz8Ly1_CgQucL2budy9TxUWH_-qIb6wSCws_4lN9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853545912", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11441559, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QDl15wC0PaLh73nQfZ0ubn-fqSQqPqz7Zt1QsN0djDac", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q31FczK29OMUXyg5LGwWspyF9_4x2aDeGF3-p7-8SVAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeWjkNgYF1cI6wU6SILts1mQjQmpC7htFJHJNZI6LGA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfipINKlFAy2XjEMZvYbPCm7i59gO6CqAOUdnFnLrgzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlqnMY0hQCs0qNsS2eXQ9yxg_D9Ye23CphmAGyFfo2XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXJIc19LRmA4mvKMJtXKPeckgjJt9NQBJltUhfczHbg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qf64W3wHOfd-DQ394XsoDE1i9l5DiUn7l9cREJ5hAIbs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qf64W3wHOfd-DQ394XsoDE1i9l5DiUn7l9cREJ5hAIbs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2J_-SgjQzeFSyeNBG-5LR_zBB1gudvrlU8eLvuCDxuY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qf64W3wHOfd-DQ394XsoDE1i9l5DiUn7l9cREJ5hAIbs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2m4JVKQGDJdWaU5Qts_qOz5u2ClGBEAYKBPH50ucMUg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-manylinux-2-28-aarch64-whl", + "id": "15853545913", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11112562, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QtJPml3dd-lLLIBrS20cZTOoZrOmhAocqLkTRYkUBhEQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2hNrXZ0VYCYgT_CRReUBzC-7Oo8aMa1k8jFvDLI3_pg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2hNrXZ0VYCYgT_CRReUBzC-7Oo8aMa1k8jFvDLI3_pg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QyzKz8Ly1_CgQucL2budy9TxUWH_-qIb6wSCws_4lN9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qtmg0zm_i00Dfaq13lDyeqwEepA8PUgR_Xqq2UYnbHA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QhDOt9nfBc4ztbYcSrcFZTyf_KqfVnwyOnDFgnIE7l0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QelQECnauaOIpMoWnR5xFAEbg916HB8MB_SDUUcbFvqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QeIk1wtsXgMPXzfbjbILokfniL3fD_XZ74jJ4E89YHSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QeHM0H-3S0iUnnYa0zte-cQytnoqOdw-uV7_ANHVNTqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXenjsFJby45BLIDW-08GN7NxfKzLZ2cfUQHjHhvcsz4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q2hNrXZ0VYCYgT_CRReUBzC-7Oo8aMa1k8jFvDLI3_pg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-manylinux-2-28-x86-64-whl", + "id": "15853545914", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11405227, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QEM-9aWd37ari4fpFQZcNOAhlxrNV_30qjmbbh5yBxBs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QEM-9aWd37ari4fpFQZcNOAhlxrNV_30qjmbbh5yBxBs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXJIc19LRmA4mvKMJtXKPeckgjJt9NQBJltUhfczHbg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlqnMY0hQCs0qNsS2eXQ9yxg_D9Ye23CphmAGyFfo2XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfipINKlFAy2XjEMZvYbPCm7i59gO6CqAOUdnFnLrgzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeWjkNgYF1cI6wU6SILts1mQjQmpC7htFJHJNZI6LGA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q31FczK29OMUXyg5LGwWspyF9_4x2aDeGF3-p7-8SVAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2m4JVKQGDJdWaU5Qts_qOz5u2ClGBEAYKBPH50ucMUg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QEM-9aWd37ari4fpFQZcNOAhlxrNV_30qjmbbh5yBxBs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPq6Cvtrbw6vk7hPTCcBpcig6OjGhYm1tMaYs_GSrNkU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QRbn7JefBVKiW7PAmcMVt6OMs94TQcZO_sYaA8VpPxyw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-musllinux-1-2-aarch64-whl", + "id": "15853545915", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11283425, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QeHM0H-3S0iUnnYa0zte-cQytnoqOdw-uV7_ANHVNTqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QeIk1wtsXgMPXzfbjbILokfniL3fD_XZ74jJ4E89YHSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QelQECnauaOIpMoWnR5xFAEbg916HB8MB_SDUUcbFvqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QhDOt9nfBc4ztbYcSrcFZTyf_KqfVnwyOnDFgnIE7l0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qtmg0zm_i00Dfaq13lDyeqwEepA8PUgR_Xqq2UYnbHA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QyzKz8Ly1_CgQucL2budy9TxUWH_-qIb6wSCws_4lN9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QWMjvUQB6Ryn9Z3rDFtTWUV7w8Vw80y7ooy4MAcZesVY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QWMjvUQB6Ryn9Z3rDFtTWUV7w8Vw80y7ooy4MAcZesVY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2ic-c2a0A9efCpcbwAqJflNmEApOdLtjjLm8TdBrFuU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QWMjvUQB6Ryn9Z3rDFtTWUV7w8Vw80y7ooy4MAcZesVY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QktXNjD3-95aiqin0ZXY11eTFvU--0dX8Z3u93rJMgHk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-musllinux-1-2-x86-64-whl", + "id": "15853545916", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11527650, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q-q9Xu1CpbyGrQLiOYngD0M_adSkOq2F2RIcReleXOng", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4nXfR2P6RxiBx4EijAbso3WNqU85EPJLl9PAr12Vv0o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q-q9Xu1CpbyGrQLiOYngD0M_adSkOq2F2RIcReleXOng", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-q9Xu1CpbyGrQLiOYngD0M_adSkOq2F2RIcReleXOng", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q1zCJXT1kmL7rO1V0wCGA6aUyxVClCp5uktLN__dCi-Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXJIc19LRmA4mvKMJtXKPeckgjJt9NQBJltUhfczHbg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlqnMY0hQCs0qNsS2eXQ9yxg_D9Ye23CphmAGyFfo2XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfipINKlFAy2XjEMZvYbPCm7i59gO6CqAOUdnFnLrgzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeWjkNgYF1cI6wU6SILts1mQjQmpC7htFJHJNZI6LGA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q31FczK29OMUXyg5LGwWspyF9_4x2aDeGF3-p7-8SVAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q2m4JVKQGDJdWaU5Qts_qOz5u2ClGBEAYKBPH50ucMUg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-38-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-win-amd64-whl", + "id": "15853545917", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8516053, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4EYLp3FUxWdVPmPA3jsyqVudwRZ1jUPdwLLkwHX0p4M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QPgpOhLvPmSbXgzIX_m_IE-J-otdzs95pHwyDo9YMy4E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4EYLp3FUxWdVPmPA3jsyqVudwRZ1jUPdwLLkwHX0p4M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4EYLp3FUxWdVPmPA3jsyqVudwRZ1jUPdwLLkwHX0p4M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QNuSObq3laLweel912-c6qNogzBwwJUFOF1Wmcku9Hy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qrx_vn1DhWZaeSO19G4UFPTHxAsA4qx0XUfD9TLDfl_4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp38-win_amd64.pyd" + } + }, + { + "key": "QlP_mTiXlQs78HmRAaSGY55ojuo54JWw5xfGvtRNdBjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp38-win_amd64.pyd" + } + }, + { + "key": "QIy0GtTnfq1i8Xpl5JjL1BLUKiWNULIpz-2foHySwd94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp38-win_amd64.pyd" + } + }, + { + "key": "QHGkPvFEWXe7eYbOYgHLnN80boP8V5ibGaGKsrX-tOHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp38-win_amd64.pyd" + } + }, + { + "key": "QAOQiIHzJzAwvdM_3fihD0kEgszsIT6qkiwZO7KT5gMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0hM8Zcl7LKBzIuom9Iqtpr-nf3VJLlMqjTMBlpf88UM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp38-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp38-cp38-win32-whl", + "id": "15853545918", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7717305, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QnXxl1fNUu3dWxHJKQUYIsI-qDAHTVxlM_lLczzI_7wY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp38-win32.pyd" + } + }, + { + "key": "QCqHKGOEUSxqbcUAVgi6Ah_heg8Gp4W08QtMwk62rQDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp38-win32.pyd" + } + }, + { + "key": "QCLx4OO4zWDFbktziB5rex3-ndzWef38fmcd2MFxEGZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp38-win32.pyd" + } + }, + { + "key": "Q8aFlQ2iuFpP82FJdJIcCH7KcPIy0SQOEBSAL6iLlDDE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp38-win32.pyd" + } + }, + { + "key": "QCC7jXoZe7sD1x7E9_1xy8Mj-oOwkaNMnYutx0BDt2Tc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "Qjjwm-0cs2SDPWa2Pp4i_QyHr5V_p6-J4ZiDDqELkaWM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qjjwm-0cs2SDPWa2Pp4i_QyHr5V_p6-J4ZiDDqELkaWM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qjjwm-0cs2SDPWa2Pp4i_QyHr5V_p6-J4ZiDDqELkaWM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMyfquuPgZJnPg30jvyVkPob-aYrSEfPL__DWNh2pERY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QV80UIg2VpO__bapRn_13QtNYBfaqd0m4v846y2LS-Io", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp38-win32.pyd" + } + }, + { + "key": "QtrG0qM_aw186HMGliHrQ_YAhXQ7ArAHHaPZhFKFsmns", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp38-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-macosx-10-9-universal2-whl", + "id": "15853545919", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 18312764, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QM80koQjbpXd27vZDrUeSh9Teq-qpQKlrBZqVDoGNxtU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QlozXKUe9sluS56z8oGRSTgXLAiA_DpSxgTICzvCqhnE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QM80koQjbpXd27vZDrUeSh9Teq-qpQKlrBZqVDoGNxtU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QN5Vmy_HDcolCDoPvlyJFprx4oUQjTNmyNezpKbxsW70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-darwin.so" + } + }, + { + "key": "QQ9ZBXt1ysI92HzxdjJ5aO1SFppyqLl9QYfAWz-ScXC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-darwin.so" + } + }, + { + "key": "QTkzdHgXUHZPnG8aqKKw7dJmX6-8iExs8VoUBvL6TnJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-darwin.so" + } + }, + { + "key": "QuQ3yrU3X5QQVe-5hzZBxzY51m6eZbkJ6OHYbjVR3d1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-darwin.so" + } + }, + { + "key": "QuwaWML-0mXbyI1Dva5Fwh18G2F2vl3iWfxh7iGkmVFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q1TLUa0X-He2eCp7XKuyj7QJOB1xNjkDpyiiiwumOYvw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q83yaAZQm6Tj6QiJlX1f8DDUn1nAmsJFCnhnpEOR1cZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-darwin.so" + } + }, + { + "key": "QM80koQjbpXd27vZDrUeSh9Teq-qpQKlrBZqVDoGNxtU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-macosx-10-9-x86-64-whl", + "id": "15853545920", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 10160592, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QTkzdHgXUHZPnG8aqKKw7dJmX6-8iExs8VoUBvL6TnJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-darwin.so" + } + }, + { + "key": "QQ9ZBXt1ysI92HzxdjJ5aO1SFppyqLl9QYfAWz-ScXC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-darwin.so" + } + }, + { + "key": "QN5Vmy_HDcolCDoPvlyJFprx4oUQjTNmyNezpKbxsW70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-darwin.so" + } + }, + { + "key": "Q83yaAZQm6Tj6QiJlX1f8DDUn1nAmsJFCnhnpEOR1cZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QuwaWML-0mXbyI1Dva5Fwh18G2F2vl3iWfxh7iGkmVFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-darwin.so" + } + }, + { + "key": "QuQ3yrU3X5QQVe-5hzZBxzY51m6eZbkJ6OHYbjVR3d1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-darwin.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QgUeW-M6_5N-dbyYd0MyF2Cx-EbKGORRhIL-5t--gcEY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QgUeW-M6_5N-dbyYd0MyF2Cx-EbKGORRhIL-5t--gcEY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QXAk8iGxDweqCet25xzZDsLRKr970RRbYrfxx51pUUhM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QgUeW-M6_5N-dbyYd0MyF2Cx-EbKGORRhIL-5t--gcEY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QsJIij9gZGHjF1WnA_Bbq1sWucyCsX__5AtWTmbR6V8E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-12-i686-manylinux2010-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15853545921", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12058900, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qv63bDlXupLweGF8CUBgtDbf44VFsb1I0OvRnaSm4NJ0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwFQIYe6dfoaRbrv4V9iqr5zGovFqv3NvDeULJCO700A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qv63bDlXupLweGF8CUBgtDbf44VFsb1I0OvRnaSm4NJ0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qv63bDlXupLweGF8CUBgtDbf44VFsb1I0OvRnaSm4NJ0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QQOowdrzoOFv9UdsgFBnZadhm_4gFGcq72e33QyqsXzk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QrvnaKR__AUS_v73PXNBPSUKg0_M0DSUxHfdeDRGOyak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QLGaFK7m21vIGuuNelur5k_nygOnDpv9IDon0UoqVDiw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QkCJsMJX7PjHjSvUb73f1zckUfBROk2Gy7nr1FL6Cza8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QI9BihJ_C0LAIPkQUWiwva7eTsKt9XSjayg8sy_MdMk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Q6irG-l9XPDJX8fK_l6E6JT_KSNaECcJDLFbuqaS7Vj4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Q3YnDmq4CpLPCYjhySWA50aBApTWVC05eVLJsaTJX2Q8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853545922", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11110247, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qf0wMUq34Ilnd2WPSocivtQsvtKb3J08DUJGyY4Wpzt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q8sBN1-_uiSUCLlzpdBeaXc8OxyfTK6XzZD-DK97mGJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5ocEYNYOXvUXZrCicps2IV32pw5PCVlQncHb0BtaDvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QG1xivA1GLRgq2dKXQxVjOvYhh3Q-eCo1EECyLWjWrck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIdaddtrVRyuR9IINXol2xuKlBcwJs_2eyRIRQIGL2-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QSbmhsr_s2SWd39pSD6KqIrz3GYit76yqVxGVe7nQgQE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvRux_X8RFNlvZmwD5BZxQEie6jgZZJjOKZAm91Q1tdY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvRux_X8RFNlvZmwD5BZxQEie6jgZZJjOKZAm91Q1tdY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QqBk6qOJz36yK_0gKbpw58RtaouPSInw36cddNi6JjIs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvRux_X8RFNlvZmwD5BZxQEie6jgZZJjOKZAm91Q1tdY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QLVkiTH28v0jMk1Ub0sv5Gt2zkhdFR5_tdr9sH3Bbx3A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15853545923", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13469679, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QrRUcn1a-Z1qbAZw7MOJj_Jex1hMLfrc4UmRCFrhZsPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qq13I18emzQ0mmlco4Y3JsZJpeujWKvUIeRxSha4hN3k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9wn_SpP_oqsP_ecqta_grDKzkGbllKKP2vAdEehzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QTHhQigcbhvJxNqTAOcd1lveGk114yesoCXW5Rzi4CBU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvasLQGWD7HElvwx_sYfkM3M_A2gcAkwwbIDRVlnI664", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QVkwNvpHYpX0wBJIn-QXS3Xlp_xA3BIzK4JCjCvLMMY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QfL3HHfyibQ07UBSTvX_U6zggh10ntsMO-4f0dCh_gPE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QfL3HHfyibQ07UBSTvX_U6zggh10ntsMO-4f0dCh_gPE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFG8Jo6bkqayLVjOtu-mkjfDOmCnkxQP0K55rariMlDI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QfL3HHfyibQ07UBSTvX_U6zggh10ntsMO-4f0dCh_gPE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QQFUq-EbPOwkvzB84GP_B8Njwz69nkqOLf7s-K95TDts", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15853545924", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11785967, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QIbAnkaI7vr6j1TSwcoTditE0ntKjrg26VPjuSdYN-hA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q9DSeM9b-G4b2TawRWHrDLU6MDe7y5SbLnoENWNm33_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q0C7s-WWjyAOQzgDnvNoASCXZGvFk3tLZOPYmcVq_oqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QbY4wgupVFKx0hqajKJYkWrslucnEfZPY6mpge0FG6A8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q73wLjMNnveglMlJzkxQRFsQ-4Qwe_SBE7tAhXLmkIXg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q73wLjMNnveglMlJzkxQRFsQ-4Qwe_SBE7tAhXLmkIXg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q73wLjMNnveglMlJzkxQRFsQ-4Qwe_SBE7tAhXLmkIXg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QsZvbJVOZuQAH7x_G1v95VLZRtw4Iqgl5ViDnqACutCc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qr62CYDAqIfUjydkBzg00-q2Cs97D3ek15XtYcKqqBhw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QR_MuWuy1MV6l2uw8mMSCeqMv_FMIThM6n9kXn1WADf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QNwcVi6NO1pFeeEQgrCvACtJrxH0QKe0fiItYnkM9kSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853545925", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11417047, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QthvYrE-XlyscDjC9-oixNU-f6yTjt4sBsB5HKvUTMXs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QthvYrE-XlyscDjC9-oixNU-f6yTjt4sBsB5HKvUTMXs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QVrSXOGQTtKYJNbh_oWpkKDSdmXu2ss5brU8hptXs-YI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvnY2K5lHV0kbltFVN9aLIghtSO-2cravw7h-SGScepw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu1cNsso_mFbd_4Q_wHyZK5KWW9i1QYTPWN2HwE-MqzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIufQd_2sUQ07QTcY9zqWNdW-67hAJNQ2opwOcaZiydo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIUaZlxszcCUZ1zdIi6XwqOlcn-hZgTyW8XvzuV3ELUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5iCnaXHyWQp407Yyq_NxhtUAUT-jXmMwK04HAJtEzqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QthvYrE-XlyscDjC9-oixNU-f6yTjt4sBsB5HKvUTMXs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q8I9TFSRCsorLZFWQweQkfqDX_6jBQMUrzZZf7AwZz9o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QfZDI9i3MGr8Q534FihRD29Rs82Gt6qDtTDhsNq1ApgI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-28-aarch64-whl", + "id": "15853545926", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11045474, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QcS7FlZ_MbeylXkO5VQg574UEgWLZSxaxfgDUHJZE-Kw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q5ocEYNYOXvUXZrCicps2IV32pw5PCVlQncHb0BtaDvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q8sBN1-_uiSUCLlzpdBeaXc8OxyfTK6XzZD-DK97mGJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qf0wMUq34Ilnd2WPSocivtQsvtKb3J08DUJGyY4Wpzt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QG1xivA1GLRgq2dKXQxVjOvYhh3Q-eCo1EECyLWjWrck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIdaddtrVRyuR9IINXol2xuKlBcwJs_2eyRIRQIGL2-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QSbmhsr_s2SWd39pSD6KqIrz3GYit76yqVxGVe7nQgQE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QcS7FlZ_MbeylXkO5VQg574UEgWLZSxaxfgDUHJZE-Kw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QcS7FlZ_MbeylXkO5VQg574UEgWLZSxaxfgDUHJZE-Kw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QEbeett3yOCbnjhqs9TYhoZIp605taF5taww3sWa4sBo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QoXc01oVrb_1L-YXsZ_Drho4pO-onEqkBnfRbLevKdeI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-28-ppc64le-whl", + "id": "15853545927", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 14060122, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QXiOHI7-R-cl9ImtohICu2nCTkRDrrhCnsnjAJXYsW_Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QXiOHI7-R-cl9ImtohICu2nCTkRDrrhCnsnjAJXYsW_Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6Wd6Xdk6pSJw60cluEhOORNAGrHjOiK__8nTlXtF_IQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qq13I18emzQ0mmlco4Y3JsZJpeujWKvUIeRxSha4hN3k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9wn_SpP_oqsP_ecqta_grDKzkGbllKKP2vAdEehzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QrRUcn1a-Z1qbAZw7MOJj_Jex1hMLfrc4UmRCFrhZsPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QTHhQigcbhvJxNqTAOcd1lveGk114yesoCXW5Rzi4CBU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvasLQGWD7HElvwx_sYfkM3M_A2gcAkwwbIDRVlnI664", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QVkwNvpHYpX0wBJIn-QXS3Xlp_xA3BIzK4JCjCvLMMY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXiOHI7-R-cl9ImtohICu2nCTkRDrrhCnsnjAJXYsW_Q", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QuQRxaBPqSakTTFOSUB1IjiRcJd1vKYGytdf5ZMzNJJ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-28-s390x-whl", + "id": "15853545928", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12003668, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QR_MuWuy1MV6l2uw8mMSCeqMv_FMIThM6n9kXn1WADf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QGpLJpaubP31HQBh7wjR4lRKtJcn8Db-HF7PXxEHejIE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QLpFd3LiuFfe0aomW9sj1nCmowd1CIWUWgb2xbr69zNQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q9DSeM9b-G4b2TawRWHrDLU6MDe7y5SbLnoENWNm33_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q0C7s-WWjyAOQzgDnvNoASCXZGvFk3tLZOPYmcVq_oqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QLpFd3LiuFfe0aomW9sj1nCmowd1CIWUWgb2xbr69zNQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qr62CYDAqIfUjydkBzg00-q2Cs97D3ek15XtYcKqqBhw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QNwcVi6NO1pFeeEQgrCvACtJrxH0QKe0fiItYnkM9kSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QrR_BoP053eaqsT57W2edmG8sOZVte42Zn2hpeTMXac8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QLpFd3LiuFfe0aomW9sj1nCmowd1CIWUWgb2xbr69zNQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QIbAnkaI7vr6j1TSwcoTditE0ntKjrg26VPjuSdYN-hA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-manylinux-2-28-x86-64-whl", + "id": "15853545929", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11323371, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QnHjauspRIqiyO3Nx7_c80uEFVOvT082IMxCtpWq9POU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5iCnaXHyWQp407Yyq_NxhtUAUT-jXmMwK04HAJtEzqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIUaZlxszcCUZ1zdIi6XwqOlcn-hZgTyW8XvzuV3ELUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QIufQd_2sUQ07QTcY9zqWNdW-67hAJNQ2opwOcaZiydo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu1cNsso_mFbd_4Q_wHyZK5KWW9i1QYTPWN2HwE-MqzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvnY2K5lHV0kbltFVN9aLIghtSO-2cravw7h-SGScepw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVrSXOGQTtKYJNbh_oWpkKDSdmXu2ss5brU8hptXs-YI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnHjauspRIqiyO3Nx7_c80uEFVOvT082IMxCtpWq9POU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qe4DsMxxWOPR_YE3dpX3Ctbts5-Zq1mlx99npYHUZIt8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QnHjauspRIqiyO3Nx7_c80uEFVOvT082IMxCtpWq9POU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qk15iaczV1rxMFoot7A2rNoU-TJGMyrJ7XnrF4HMiXVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-musllinux-1-2-aarch64-whl", + "id": "15853545930", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11216153, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QxF6D2LQYJ60UrJn-8UrvKNkZDbeXsncs59CMisWH5IQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QWaUDfODUgOXS6Z2tr0ZoqUVjDEWD9LPk2U5s-Z1l8AA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QWaUDfODUgOXS6Z2tr0ZoqUVjDEWD9LPk2U5s-Z1l8AA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QWaUDfODUgOXS6Z2tr0ZoqUVjDEWD9LPk2U5s-Z1l8AA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QZ96Zv4k8w8nRruO7mn3n7HSUQ3gXv54O7TSL8nX2ynM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QSbmhsr_s2SWd39pSD6KqIrz3GYit76yqVxGVe7nQgQE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QIdaddtrVRyuR9IINXol2xuKlBcwJs_2eyRIRQIGL2-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QG1xivA1GLRgq2dKXQxVjOvYhh3Q-eCo1EECyLWjWrck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qf0wMUq34Ilnd2WPSocivtQsvtKb3J08DUJGyY4Wpzt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q8sBN1-_uiSUCLlzpdBeaXc8OxyfTK6XzZD-DK97mGJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Q5ocEYNYOXvUXZrCicps2IV32pw5PCVlQncHb0BtaDvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-musllinux-1-2-ppc64le-whl", + "id": "15853545931", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 13903561, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Q7xk-nTx8fInfwpBGo_t7VHVoKTIlL5SAcF6RvlLJT_M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q7xk-nTx8fInfwpBGo_t7VHVoKTIlL5SAcF6RvlLJT_M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q7xk-nTx8fInfwpBGo_t7VHVoKTIlL5SAcF6RvlLJT_M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QpvXIcTdoj7XTBBXzKYFtngz4hCHhSbFbW4x6o3eJGzY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QoYj6ACKUhuw_vBXY_hc4h0J8yw7saoZHrObiEdT-gd4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qq13I18emzQ0mmlco4Y3JsZJpeujWKvUIeRxSha4hN3k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qqh9wn_SpP_oqsP_ecqta_grDKzkGbllKKP2vAdEehzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QrRUcn1a-Z1qbAZw7MOJj_Jex1hMLfrc4UmRCFrhZsPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QTHhQigcbhvJxNqTAOcd1lveGk114yesoCXW5Rzi4CBU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QvasLQGWD7HElvwx_sYfkM3M_A2gcAkwwbIDRVlnI664", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QVkwNvpHYpX0wBJIn-QXS3Xlp_xA3BIzK4JCjCvLMMY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-powerpc64le-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-musllinux-1-2-s390x-whl", + "id": "15853545932", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 12272915, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QgScWYHq16pKqu-IvOJ11MDLF_P3HSjPLDYUEeZIu58w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgScWYHq16pKqu-IvOJ11MDLF_P3HSjPLDYUEeZIu58w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QgScWYHq16pKqu-IvOJ11MDLF_P3HSjPLDYUEeZIu58w", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4uTvDwokcxhQcIDHLU-lMgLXBp0Mz5kaaPIsRMV6xVg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qr62CYDAqIfUjydkBzg00-q2Cs97D3ek15XtYcKqqBhw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QR_MuWuy1MV6l2uw8mMSCeqMv_FMIThM6n9kXn1WADf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QNwcVi6NO1pFeeEQgrCvACtJrxH0QKe0fiItYnkM9kSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QIbAnkaI7vr6j1TSwcoTditE0ntKjrg26VPjuSdYN-hA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q9DSeM9b-G4b2TawRWHrDLU6MDe7y5SbLnoENWNm33_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "Q0C7s-WWjyAOQzgDnvNoASCXZGvFk3tLZOPYmcVq_oqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QsI3dpDvYFTZtxp82gO7ioGWEajn1ry4DcacPEGtPxN4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-musllinux-1-2-x86-64-whl", + "id": "15853545933", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 11445666, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QVYpBnysBNkZepDAx2WjjcJ-PkuELxzaqIyPE_lSNTNs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qq6EuvVAJbxxvtdWCm2o97Jlyi0mjgGcQqvEgc8Aj9Vw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qq6EuvVAJbxxvtdWCm2o97Jlyi0mjgGcQqvEgc8Aj9Vw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q-d-Lt8dZfIaBUx3-3utIa9RHa-CQAGeVaoRWUP94aI0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QVrSXOGQTtKYJNbh_oWpkKDSdmXu2ss5brU8hptXs-YI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvnY2K5lHV0kbltFVN9aLIghtSO-2cravw7h-SGScepw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu1cNsso_mFbd_4Q_wHyZK5KWW9i1QYTPWN2HwE-MqzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIufQd_2sUQ07QTcY9zqWNdW-67hAJNQ2opwOcaZiydo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIUaZlxszcCUZ1zdIi6XwqOlcn-hZgTyW8XvzuV3ELUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5iCnaXHyWQp407Yyq_NxhtUAUT-jXmMwK04HAJtEzqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qq6EuvVAJbxxvtdWCm2o97Jlyi0mjgGcQqvEgc8Aj9Vw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-win32-whl", + "id": "15853545934", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7706553, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QhClOSvyOzAX9TIeUM16FpJGOlVFy8rnmxuVdgvTc9DA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp39-win32.pyd" + } + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqG-BB42FAdrTTb-IldyLigj7pZp1GjeUtLnKXFdejL0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "Qy544g9WpckyXty3r3y9mkzPJR0YTFLMUuPFq0UmtavU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QD8Y_bd8UcPvM1XjWrLkdz_WonWJ28JsQpXk3Nl4vjAg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp39-win32.pyd" + } + }, + { + "key": "Q_qC1p2SdPfO3d_toH_8pAN-vyj611QczH-FpzeTl7B4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp39-win32.pyd" + } + }, + { + "key": "QisLfS_bznC0s1coKDuFXKASKtp3a19yZwVDixH4BUJI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp39-win32.pyd" + } + }, + { + "key": "QlmkfyxQdiyQjyALS5X4xLOb7L52SG0lxHRjYTkxmiMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp39-win32.pyd" + } + }, + { + "key": "Qox7bdVEZwI1JqbrFw-P5q1LoX05XXSdCP0WCMDH4ylo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp39-win32.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqG-BB42FAdrTTb-IldyLigj7pZp1GjeUtLnKXFdejL0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q0fxynNZy4Bh70FKlNcgQVezFId6635MlvssLhnibYCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QqG-BB42FAdrTTb-IldyLigj7pZp1GjeUtLnKXFdejL0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "tar-gz", + "id": "15853552632", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND GPL-2.0+ AND HPND AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 29180692, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_incremental_xmlfile.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/tests/test_html5parser.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/tests/test_html5parser.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/tests/test_feedparser_data.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/html5parser.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/html5parser.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/_diffcommand.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/__init__.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/__init__.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/etree.c" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/ElementInclude.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/ElementInclude.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/setupinfo.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/setupinfo.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/setupinfo.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/setupinfo.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/setup.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/s5/ui/default/slides.js" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/mklatex.py" + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/mkhtml.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/mkhtml.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/searchindex.js", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/searchindex.js" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_io.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/tools/xpathgrep.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/update-error-constants.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/searchindex.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/searchtools.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/js/theme.js" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/js/html5shiv.min.js" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/js/html5shiv-printshiv.min.js" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/jquery.js", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/jquery.js" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/jquery.js" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/doc/html/apidoc/_static/doctools.js" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/buildlibxml.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4rxpny_4oY6OXkMCi8O6Mf8RiXd3TxZfGnSh6ktkWtc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/buildlibxml.py" + }, + { + "key": "Q_ShpVMIsWYX4LWnC8kQYFbk-J2Q1pvkA-4m-bxCC4yI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/buildlibxml.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/buildlibxml.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/benchmark/benchbase.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/benchmark/benchbase.py" + }, + { + "key": "QFULt66OcJNWO0kCJ4OjCzBcVv0YPoWDllu7ahNfKkvw", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0/LICENSES.txt" + } + }, + { + "key": "QGk55n_IV2qUSKp2h6TjmCQA4tvkEVz005wsvCHN0qC0", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only AND GPL-2.0+" + } + }, + { + "key": "Q8G9sdfTcFz0fTQ68iAkOVBiKvDDXPu3Gbp6bAvY4t3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml-5.3.0/doc/html/apidoc/objects.inv" + } + }, + { + "key": "QU0EHJ9wqrUxH1bPUQfRhhh0En1nf7UGWPSDkSo96RG4", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only AND GPL-2.0+" + } + }, + { + "key": "QNw4U-ko1X8oUq-LCLmdDtyoZETwrfu3zkigSHpOVQk4", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: BSD License", + "filepathOrProvenance": "lxml-5.3.0/src/lxml.egg-info/PKG-INFO" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/versioninfo.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_nsclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_relaxng.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_unicode.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_xmlschema.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_xslt.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_xslt.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/tools/xpathgrep.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/tests/test_html5parser.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/html/tests/transform_feedparser_data.py" + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/isoschematron/__init__.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/common_imports.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/dummy_http_server.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_doctestcompare.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_elementtree.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_etree.py" + }, + { + "key": "QPfG9PayWDleFBWgW-dW1yFvAzYVo0ejlDwlUJIdn0Uo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_htmlparser.py" + }, + { + "key": "QVIJBg8RpsCDMIg9voNNQZzncetmERLs4xmD6fD71MNY", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_http_io.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q22MouM64aYZ9Zt3pWVDkvvBF8Bg97KBV7Ns6vKucnXw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml-5.3.0/src/lxml/tests/test_incremental_xmlfile.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "cp39-cp39-win-amd64-whl", + "id": "15853552744", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8505301, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QPvwY_Rv5LWaXUzXSzcWSbiRdvWv2RAFv4P8ZwACJwQw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QPvwY_Rv5LWaXUzXSzcWSbiRdvWv2RAFv4P8ZwACJwQw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q_ecogLd7wSRAnqogqIFoqR7FL5Gcwf_7I2NC7Sz2njY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/sax.cp39-win_amd64.pyd" + } + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "Q4S5zQDHYbRY-6BMaf6VKTDQ4eEQhnfSuoBefEOkNdIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QQkfNdkHWoM0j7jaZ9iIbc600h2U83VANhC3SbpP5MtM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.cp39-win_amd64.pyd" + } + }, + { + "key": "QRHLvYPZCANmQ02QrjL9Wy9CGQKDoMb_tgPIuHivj8c4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/html/diff.cp39-win_amd64.pyd" + } + }, + { + "key": "QV5RHSwl6jrQVtpEpDcN_nKzfkfsZ69VWlFemTJNtRd0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.cp39-win_amd64.pyd" + } + }, + { + "key": "QvxZikrorDLYv5s_e1iAax0E_uT4_LvKPNMKMWMCm10s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/builder.cp39-win_amd64.pyd" + } + }, + { + "key": "Qx4kzivT1ZDBvn2V06oxbX43KkgH78lqtdPMVHOoEf8Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/_elementpath.cp39-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QPvwY_Rv5LWaXUzXSzcWSbiRdvWv2RAFv4P8ZwACJwQw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5JFwCkaM8yrprqXhylWP2OvGT29XTsK9MFO93h0_ihg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp310-pypy310-pp73-macosx-10-15-x86-64-whl", + "id": "15853552746", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8881039, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Q7gGrRo_qtOqsARvZdxGViAdxDezprxLN_obAF0Ldam0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q7gGrRo_qtOqsARvZdxGViAdxDezprxLN_obAF0Ldam0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QNR8nOkF_0XwGSx6MPBwkJI0cm1MThGM4p4jB7vHie7I", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QF9-YmLptVmlrsJISx2LdLvSAOT2BQvw_x1l94z1aCuQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy310-pp73-darwin.so" + } + }, + { + "key": "QoVjrmJnQkYSaJiWdBjUGtN2-Dm628K-kFG4P5eNI_uI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy310-pp73-darwin.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q7gGrRo_qtOqsARvZdxGViAdxDezprxLN_obAF0Ldam0", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QZU7L-bR683zEr3G5E6H5H-Pvq5TQyUOaSlEFeI7FpQM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp310-pypy310-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853552747", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9621634, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QsqPk1UEDy5cuqGUUEle4IzdZ8faygtovDqN2F2UWAdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Q3sbK82WF68XBKJmzoglO4BUy-2a0FRxj98uWm3keRJ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbRF1DsJK1qGMoKYgIE4KhHBpSEBVznRnp7Bg7EUyyyk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QtGB_RY0jZC1iSV8pV-2E3hx_byHfaUD5FPfv6H0-Odg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QbRF1DsJK1qGMoKYgIE4KhHBpSEBVznRnp7Bg7EUyyyk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QbRF1DsJK1qGMoKYgIE4KhHBpSEBVznRnp7Bg7EUyyyk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI7xeWwZ1_zjcDggLCV8HRZ70aUm_4IkVLstOaGkvgD8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp310-pypy310-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853552748", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9808774, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QDGA2nn1qtnYoUYmJQ_jkM7JLiT8EwZNEoUy1qTxfw1I", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Ql5zbmy4abIVltyoViDAZ3wyjScQuIGbtJMC38Jpmxt4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Ql5zbmy4abIVltyoViDAZ3wyjScQuIGbtJMC38Jpmxt4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Ql5zbmy4abIVltyoViDAZ3wyjScQuIGbtJMC38Jpmxt4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QuYvS-qsXPoFtO47Gl_-N4xwLqyTmTyCsnDe0IeiDFig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qz4mlHp11qN8CUeLJHuGt_R75gZoVvBdFXnq_cuqZEfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QOsxS7rInciBpqsq1Fvd4t2YgKo5LJHeh6NLmgA3c2pE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy310-pp73-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp310-pypy310-pp73-manylinux-2-28-aarch64-whl", + "id": "15853552749", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9556316, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QFOKujRwlyvjEeIcZa9K794QyRvd2OxtbE57m7FNqu-k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QFOKujRwlyvjEeIcZa9K794QyRvd2OxtbE57m7FNqu-k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QsqPk1UEDy5cuqGUUEle4IzdZ8faygtovDqN2F2UWAdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Q3sbK82WF68XBKJmzoglO4BUy-2a0FRxj98uWm3keRJ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy310-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QaVYCSdAhPwL614Xl56xhC4OuAkWwE8YoDClRnAC39TY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QL9pf3wlRTJ3BzN76e1Spzg1HVjirW68K8TxvimH2YZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QFOKujRwlyvjEeIcZa9K794QyRvd2OxtbE57m7FNqu-k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp310-pypy310-pp73-manylinux-2-28-x86-64-whl", + "id": "15853552750", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9771977, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qz4mlHp11qN8CUeLJHuGt_R75gZoVvBdFXnq_cuqZEfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qwop6tJgsOf_Bj_zZseFkuJCMJfY9KzsJ8TpKSOTPEQE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qwop6tJgsOf_Bj_zZseFkuJCMJfY9KzsJ8TpKSOTPEQE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qwop6tJgsOf_Bj_zZseFkuJCMJfY9KzsJ8TpKSOTPEQE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QOsxS7rInciBpqsq1Fvd4t2YgKo5LJHeh6NLmgA3c2pE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy310-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5ACKhnHHKy3PrdgePe4XaWykxdbE1YdZQGQ_Uq0zpSM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QS1-QyppU4apkj7MOXUuQbWHi52Y_rcCaKkEONP-uySU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp310-pypy310-pp73-win-amd64-whl", + "id": "15853552751", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7785093, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Qp4-dXspy8sBbAsjczVYPafwsKLpJG_A28WvYpmLo9Fk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QcT0OVHJI-BnsCoCnamlwaPbR4nLoBiYFmCuP3D_QN6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy310-pp73-win_amd64.pyd" + } + }, + { + "key": "QUID8vXJw3kr0T-kvFaYwn8snCYG3jlAq1nGFGsc6LPc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy310-pp73-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qp4-dXspy8sBbAsjczVYPafwsKLpJG_A28WvYpmLo9Fk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qp4-dXspy8sBbAsjczVYPafwsKLpJG_A28WvYpmLo9Fk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qg_QpXYXJ04o18wB1FBvZmk3Q2yFxbswaS-eyC_v9YbU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QDUrvdM3AqW7jauUat4w7wOYgTtZTefA717HZ9_nunbY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp37-pypy37-pp73-macosx-10-9-x86-64-whl", + "id": "15853552752", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8875930, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QwEelhmFykfwL-PklSpqidq0d0ph7jGPYSoAcs8wOUF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy37-pp73-darwin.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QkPrzIo8KRRsch0iyuWJApE67csi4A2BcBXMMchD3fsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy37-pp73-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QGmwAIxJKmW4gdJfXVF_M9cSu7E06uVO5Zg9WavdCIqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QgY_XQGohaAID2aeH0cnE6nBTlMsenf8DPvj8N4YmFZI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QgY_XQGohaAID2aeH0cnE6nBTlMsenf8DPvj8N4YmFZI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q3pnCw34_k_KLr15aQVWmI0XrmApl1IBhOagt_H-hZbs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QgY_XQGohaAID2aeH0cnE6nBTlMsenf8DPvj8N4YmFZI", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp37-pypy37-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853552753", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9768020, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q-iqjvmSNgculg0vECxFAfHWlcwGkIjy6sAm58dSKvlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QH1M1FnT_1ukZrHdXgHImHAFBFfZhyfNZ48RENZFqGTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QOSUlOjHSMwLcIQesjDVoZCWeNyprf-Z7i6grKrAE4bA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QrU-1qmHxRUXh8v74kKhVwXgA8JeL-bdYw3eK5rgM-ko", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QOSUlOjHSMwLcIQesjDVoZCWeNyprf-Z7i6grKrAE4bA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q5nf7_mbfnXk9RqJBdE8paH_l1XRe5tXtiwf--L_aXsU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QOSUlOjHSMwLcIQesjDVoZCWeNyprf-Z7i6grKrAE4bA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp37-pypy37-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853552754", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9938696, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QwbcjzF6Qz11z3RjM1pij9JgUWJiFkfn5L0rkt3NGvY8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_WCwGHQhclWit4dYWpTFRroFwI24kcT8-Gk4qNnJu-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qvzn5QIZGWM6qqpUgT_BrUvogyN9MlR8XgS5BNdnOFY8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qvzn5QIZGWM6qqpUgT_BrUvogyN9MlR8XgS5BNdnOFY8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QTgeMlUQsb33Oq9Mk3BpzjssTtllCA1NENLhm5J7fle4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qvzn5QIZGWM6qqpUgT_BrUvogyN9MlR8XgS5BNdnOFY8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q72gzDTN47S73WqJbqRxgLgsohfUrhZoHrxv0-YPR3rY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp37-pypy37-pp73-manylinux-2-28-aarch64-whl", + "id": "15853552755", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9702656, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q-iqjvmSNgculg0vECxFAfHWlcwGkIjy6sAm58dSKvlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QH1M1FnT_1ukZrHdXgHImHAFBFfZhyfNZ48RENZFqGTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy37-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QbEUYPYttU5fHduBwkiSg09bHbbHhg7O25mOe5YvlUhU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QbEUYPYttU5fHduBwkiSg09bHbbHhg7O25mOe5YvlUhU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QhzvrHrsUCXzft901ZSRfeLI_ipEDosISF31PpMLLQRw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QbEUYPYttU5fHduBwkiSg09bHbbHhg7O25mOe5YvlUhU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qxk1L0pi96HENjDWEvmz8EvkVkBlnL7NeqW3ig5yPhNA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp37-pypy37-pp73-manylinux-2-28-x86-64-whl", + "id": "15853552756", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9897837, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Qkx68OppmrMgMHPjCCcM8D6qX4c1sfneL5pfFra5JAnQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvEo5tEIWj0PsELS8i3DuG7JgyhmHqJEcrVm7MhGx3ic", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvEo5tEIWj0PsELS8i3DuG7JgyhmHqJEcrVm7MhGx3ic", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QwbcjzF6Qz11z3RjM1pij9JgUWJiFkfn5L0rkt3NGvY8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_WCwGHQhclWit4dYWpTFRroFwI24kcT8-Gk4qNnJu-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy37-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvEo5tEIWj0PsELS8i3DuG7JgyhmHqJEcrVm7MhGx3ic", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q6XRtlFtqg4RjHa_CSyh-1dqMKJTdLiv1jK7puAGzakA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp37-pypy37-pp73-win-amd64-whl", + "id": "15853552757", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7790729, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QomONNcT2xalT_nwdx-tLWs8hZKJGeM9d8EsKX9VoJvs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QpTFAZluMllpw48M8B9IlyA_b21sVUK4llsVvGMxFay8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QpTFAZluMllpw48M8B9IlyA_b21sVUK4llsVvGMxFay8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QpTFAZluMllpw48M8B9IlyA_b21sVUK4llsVvGMxFay8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvCQeQDY_eJhZRewuLTfX0Mob-SY0Th9Wt09x3xxSJUI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q16MVYIwkhWcaWxudeHjeo3u7vTHvOonUhGcqtpkBfIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy37-pp73-win_amd64.pyd" + } + }, + { + "key": "QCPx3ZOcGBrKVcnWDV22JRkQtb_8BfRbgbttjtxAh_gc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy37-pp73-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp38-pypy38-pp73-macosx-10-9-x86-64-whl", + "id": "15853552758", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8880154, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QROPubFXaeQUD8sC1-qrXd29fUDT68yqfmGhaEQ7JP6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy38-pp73-darwin.so" + } + }, + { + "key": "Q7zO8YtKCP43agthJliumtmI0YDI3-9wqLxB2Fp55M5Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy38-pp73-darwin.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QMYXUTvHVVEkuUxh-V94fcB1EZIwVLvWghxhAjY_k6gg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QUjUJqSd8cDUeObJPWiNhTfRMNNZFW3eV2p-gjNDBJGk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QMYXUTvHVVEkuUxh-V94fcB1EZIwVLvWghxhAjY_k6gg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QMYXUTvHVVEkuUxh-V94fcB1EZIwVLvWghxhAjY_k6gg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QIwAqJOiL3_iMojcfX8if5ObaN2d6wSLaZlTJAwMgG1k", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp38-pypy38-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853552759", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9622876, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Q2_8MOPpEGKV_RgKXDhNfY0kA6M7QrnEjUmdY93KoR-4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qhxaa1ymmn3Z620l-piGUpOFEmOv89A9eLyeki_UInmc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q2_8MOPpEGKV_RgKXDhNfY0kA6M7QrnEjUmdY93KoR-4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q2_8MOPpEGKV_RgKXDhNfY0kA6M7QrnEjUmdY93KoR-4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QyZ5cmrnV9TjUjzIlwsWnJbmHFcx7cyZFu9Au7aH_zk8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QPlGISuq4frMTfJFWw09BT7ZsgZwwgP1Lrp3stF3nRXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QApS1T8qSELk5oxwTvt7V-DaGJ6V2y6PGwYPoqwb7WjU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp38-pypy38-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853552760", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9843072, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QAdRmsYlZLpVdQHcHmU8KwZhK82u7zVtXJpvBIS1ults", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QHyCN5tGhrTupjVCjPOzA0fcico7Fazk4NjbC9UVHKsw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qctpmz40gljWddGMDiVru_2M4kZa3wttPJstFUXSTOrM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qg052q7ysIy_UGammhoU7eblvBxDo2AVMWCu4S9AXWJ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QHyCN5tGhrTupjVCjPOzA0fcico7Fazk4NjbC9UVHKsw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QHyCN5tGhrTupjVCjPOzA0fcico7Fazk4NjbC9UVHKsw", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QwNN-dqFxc-PBT9qoQmmpL_zFmn6Ljq0icCXSzLQxqZs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp38-pypy38-pp73-manylinux-2-28-aarch64-whl", + "id": "15853552761", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9623080, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QK_ZejUgjBTk9q7asuYL395FktT8N8w6Y6UE3UfEPIcU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QK_ZejUgjBTk9q7asuYL395FktT8N8w6Y6UE3UfEPIcU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q4DuFc5NF_0-LJ9lMXU6dadcFBic-uTQG9OEqpZUypG0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QK_ZejUgjBTk9q7asuYL395FktT8N8w6Y6UE3UfEPIcU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QU945pRKqLpWoXeFIjgiBafdpjHmgD1oTzqWDiqXhuVk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QApS1T8qSELk5oxwTvt7V-DaGJ6V2y6PGwYPoqwb7WjU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QPlGISuq4frMTfJFWw09BT7ZsgZwwgP1Lrp3stF3nRXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy38-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp38-pypy38-pp73-manylinux-2-28-x86-64-whl", + "id": "15853552762", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9798117, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Qga1PVE_deBV7f1kJLda_DazR7K95UCYwbNQS2U492ww", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qctpmz40gljWddGMDiVru_2M4kZa3wttPJstFUXSTOrM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qg052q7ysIy_UGammhoU7eblvBxDo2AVMWCu4S9AXWJ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy38-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qga1PVE_deBV7f1kJLda_DazR7K95UCYwbNQS2U492ww", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QI6irkk8e8ZUfq_6GIO-dycX6XsqRxwV5mfk8D7-Eg54", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qga1PVE_deBV7f1kJLda_DazR7K95UCYwbNQS2U492ww", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QuKON0t58wHeTkGBTgYibmtP1IGInka8RQSerDxtWgOw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp38-pypy38-pp73-win-amd64-whl", + "id": "15853552763", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7793281, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "QZUdhxDjTeo0aNT7RFRVpShU67vEx3N_S6gmexHBAw2k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QZUdhxDjTeo0aNT7RFRVpShU67vEx3N_S6gmexHBAw2k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QZUdhxDjTeo0aNT7RFRVpShU67vEx3N_S6gmexHBAw2k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QI2jr-nMn9bBqo4mSh0TS9ND91J5q9we69JbcoKlbwWw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QqLXXSQ6elZeYohWypBdfTakZUu7TNGmVh8MFzLge3tg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy38-pp73-win_amd64.pyd" + } + }, + { + "key": "QK9yC3TCFXUCHsqquGmgiElscZrxQMpJAK7x72pmgs4s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy38-pp73-win_amd64.pyd" + } + }, + { + "key": "Q-K_eOWlvK4794S254AhxSp4xQJ14ElDD4Q7DuiakVJw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp39-pypy39-pp73-macosx-10-15-x86-64-whl", + "id": "15853552764", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 8880931, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QXXx7PUbBSCCEhXWJ0vF_hAp2pW5bAQzfFxtqNnaMz0k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QXXx7PUbBSCCEhXWJ0vF_hAp2pW5bAQzfFxtqNnaMz0k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QXXx7PUbBSCCEhXWJ0vF_hAp2pW5bAQzfFxtqNnaMz0k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q5eCw-LFxGNXnw3B7_wdz467AjbOg1ILR7k4X9pwdq8s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QhB9vMS8JSoo_g9a7s5ymPmDF6cRVqOivveSDuSyQkjk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QEG9yOjRPJJVXxkuF2RwYYZsamS07bNvDcKi12PBi_94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy39-pp73-darwin.so" + } + }, + { + "key": "QhkCHkfoh8YKy1Xja59UhWXh-LxwkhYIBA5AzsUsNcAU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy39-pp73-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp39-pypy39-pp73-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15853552765", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9624556, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QXHEYOeP_5ZlS2X-WtgPSu5t4KXNRkS-d_v9cFhBGeVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QS9ftoiZs3KSrlPyWmYduTj3MGYAPhrzONLpkCHnhiEo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QJ2TubKyITBEloLI1-yxKqKeWosrSih4eITm0FU4W8z8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QJ2TubKyITBEloLI1-yxKqKeWosrSih4eITm0FU4W8z8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QJ2TubKyITBEloLI1-yxKqKeWosrSih4eITm0FU4W8z8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q1FPjSAFvB9Ve_04v3OshGR6yiZ4ZQJOgoreEoZHWf2c", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Q3euU8NezLMRoNzxC8JafT7G-6PoSDKgLmzEmiHuJQs0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp39-pypy39-pp73-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15853552766", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9806432, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Q8rkVaSTFloD26GihEJwS29TqnnungWsKlsPJQStth-U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QX4uBNvcqkZDuxsQ8nm7j-gzPMsTzJ1D1ISpUYMK4PZk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "Q8rkVaSTFloD26GihEJwS29TqnnungWsKlsPJQStth-U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Q8rkVaSTFloD26GihEJwS29TqnnungWsKlsPJQStth-U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qt_u5jnq0Z-gUrZaodIJkkYXUui1vVcqt1SpOjTnyQZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QS1xR-urAGvqalfec_L7FxUDmnXD7tJmFU1OZaEpb530", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9r802dnmRchq83phtAJ54kzKTv_j6y67lN69xOclt-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy39-pp73-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp39-pypy39-pp73-manylinux-2-28-aarch64-whl", + "id": "15853552767", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9559240, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "Q0K2vXHc3rrc828ZuyrQQUGcAcaePEgJj8FuPRnPCz44", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QS9ftoiZs3KSrlPyWmYduTj3MGYAPhrzONLpkCHnhiEo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "QXHEYOeP_5ZlS2X-WtgPSu5t4KXNRkS-d_v9cFhBGeVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy39-pp73-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnQuAgUbIsiAsxjiY4BehCLKxVHb79OWr0dHeeKDTufg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QnQuAgUbIsiAsxjiY4BehCLKxVHb79OWr0dHeeKDTufg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QU63bxK6ZnQh6DKH9K0_VnxLb1U3EaN8xfNgvHH-UmCU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QnQuAgUbIsiAsxjiY4BehCLKxVHb79OWr0dHeeKDTufg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp39-pypy39-pp73-manylinux-2-28-x86-64-whl", + "id": "15853552768", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND GPL-2.0-only AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 9769669, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QvNdW7U49SWbjMXEOxN1YDuW1Y-5KcVAVX4ruxBPE0QQ", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + }, + { + "key": "QS1xR-urAGvqalfec_L7FxUDmnXD7tJmFU1OZaEpb530", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9r802dnmRchq83phtAJ54kzKTv_j6y67lN69xOclt-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy39-pp73-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-51xBeO3_UayGMIudYxSv99OYLPAziFvGv0OUB90dpg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + }, + { + "key": "QB3rVl2PsYKyHEXC1IQrzoZfsxmV92qCfXXMagiR3Zh4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QB3rVl2PsYKyHEXC1IQrzoZfsxmV92qCfXXMagiR3Zh4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QB3rVl2PsYKyHEXC1IQrzoZfsxmV92qCfXXMagiR3Zh4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "Qswn8fs7AH0nPiK58KRNbjhFOxapJQMco0Q83g06ejMg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "Qi8EcPlmSkqX0bLdrJZ1LKW_gw8dvBB7Ucxyen0xPNHM", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0-only" + } + } + ] + }, + { + "type": "pypi", + "name": "lxml", + "version": "5.3.0", + "release": "pp39-pypy39-pp73-win-amd64-whl", + "id": "15853552769", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause AND Kazlib", + "licenseDetails": [], + "author": [ + "faassen", + "scoder", + "zope.wineggbuilder" + ], + "size": 7783553, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QnUSUABb0fkP4eLK1wjMHTJY_hFMT-g7w1_xf462SM5k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "Qc5tLwh4OJayM2Na-sDnjsQZq9E0V35rH88oxfVMRET4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/etree.pypy39-pp73-win_amd64.pyd" + } + }, + { + "key": "Qo2lTsDImIUq57-aGFQmhziCVzY7KTkdI9lmo7n6dqbE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "lxml/objectify.pypy39-pp73-win_amd64.pyd" + } + }, + { + "key": "QqN-EK0MfRXKKX5tmQ4mv7id_v6Y4U4ArbFfMQUd8eK8", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "lxml-5.3.0.dist-info/LICENSES.txt" + } + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QnUSUABb0fkP4eLK1wjMHTJY_hFMT-g7w1_xf462SM5k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/ElementInclude.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QnUSUABb0fkP4eLK1wjMHTJY_hFMT-g7w1_xf462SM5k", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/html/__init__.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/_diffcommand.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/html5parser.py" + }, + { + "key": "QcpfEGB8l_UA3OAP6j1PquGcIh3h0ytrbBM755igpBJM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "lxml/html/soupparser.py" + }, + { + "key": "Q5DyiDL-N5XuSi081LQPVpiNwH74J05RLC1IWtms31J0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "lxml/isoschematron/__init__.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27m-manylinux1-i686-whl", + "id": "15861168425", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 358363, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QM1fNuQJLvrEf4wForE2Y3bNKHCL41-3HlGZ6phOCjDI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QM1fNuQJLvrEf4wForE2Y3bNKHCL41-3HlGZ6phOCjDI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QIle7fk38bwLL-e11qpgbX9e6pn7MPak9ChfVfSZGzXE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZCj89--uucMp3IaMX0mD2yuHVu9C-qQqb2PR3Py_umk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QM1fNuQJLvrEf4wForE2Y3bNKHCL41-3HlGZ6phOCjDI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QIle7fk38bwLL-e11qpgbX9e6pn7MPak9ChfVfSZGzXE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27m-manylinux1-x86-64-whl", + "id": "15861168426", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 397245, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q7XV4RH_Ir5EvA60HZteeGk628owWC7vn9LsmACWc8jU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QouVO2MpNCIJe5decH2tQ_RtxStriACzJV2_5Lp5NuWA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q9JUUKd7t6TwOPYHIyjhrithwXUkWZS6J_xYFwP9jkcU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q9JUUKd7t6TwOPYHIyjhrithwXUkWZS6J_xYFwP9jkcU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QouVO2MpNCIJe5decH2tQ_RtxStriACzJV2_5Lp5NuWA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q9JUUKd7t6TwOPYHIyjhrithwXUkWZS6J_xYFwP9jkcU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27m-manylinux2010-i686-whl", + "id": "15861168427", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 358366, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QTkN7lUXmumpxZnm0qvQfePxlJwKBaTbBqGAPqSoen8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QQnxwbaQsrqTSW3QPPsc-RyyXzrCY3msz50K9edKjVps", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZwzIwlvVSu6Fmm7OwWnRZ-20iPlNDNQmWgXVC8NnR2w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QTkN7lUXmumpxZnm0qvQfePxlJwKBaTbBqGAPqSoen8c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QZwzIwlvVSu6Fmm7OwWnRZ-20iPlNDNQmWgXVC8NnR2w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QZwzIwlvVSu6Fmm7OwWnRZ-20iPlNDNQmWgXVC8NnR2w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27m-manylinux2010-x86-64-whl", + "id": "15861168428", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 397248, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QaukDjh3wwilmrc5OfMyZa_5Y9MxjLR8e1wexVBnmjBw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "QDIy9EFtTOcNgK_blFrKXuJd3E7PggLOzQ5wkGScK7yY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDIy9EFtTOcNgK_blFrKXuJd3E7PggLOzQ5wkGScK7yY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QaukDjh3wwilmrc5OfMyZa_5Y9MxjLR8e1wexVBnmjBw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QKyhMnZ5843Fi2VfVvpc1T28_Mu8QXs0IseFXezm0no4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDIy9EFtTOcNgK_blFrKXuJd3E7PggLOzQ5wkGScK7yY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27mu-manylinux1-i686-whl", + "id": "15861168429", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 364900, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QsfrWe-seS5vT3xccNfdcwCx6R27voaa84VE31T3b2y8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q_X6Ea-eJiaFMoTpEH4CjmmCAYUzYYnzz37iHdW1u-iA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QsfrWe-seS5vT3xccNfdcwCx6R27voaa84VE31T3b2y8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QKu7eUZvzwk8ACLfuJGtdO5s2hKY7ZjMb_FxKtfIGdKg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_X6Ea-eJiaFMoTpEH4CjmmCAYUzYYnzz37iHdW1u-iA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QsfrWe-seS5vT3xccNfdcwCx6R27voaa84VE31T3b2y8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27mu-manylinux1-x86-64-whl", + "id": "15861168430", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 399526, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QGlJ5LzpnNY5YF0YZBmfgwfx-yf-It7U7Hvo-0LdoUt4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qb4LaW4q9Bt_6BKZQZjatSKFT71WZt5GRSLT4YhYlZ_E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qb4LaW4q9Bt_6BKZQZjatSKFT71WZt5GRSLT4YhYlZ_E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qw2JzX_Jb4HvTH-91MDJJ0rkyjj3u4SN1Q96inN7pmhU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QGlJ5LzpnNY5YF0YZBmfgwfx-yf-It7U7Hvo-0LdoUt4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qb4LaW4q9Bt_6BKZQZjatSKFT71WZt5GRSLT4YhYlZ_E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27mu-manylinux2010-i686-whl", + "id": "15861168431", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 364903, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QXlfj6vOlv46g90VedpKs6V90coqcpKEvc5m4lrcxKlg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QXlfj6vOlv46g90VedpKs6V90coqcpKEvc5m4lrcxKlg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qzh6uFI1fwEndkAkwPRVGcjB1YzIHieb2w-yyT83OqRc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QpqSlqCV6dJVCkXD9xdz-SYc4tQVsjWIysZ_qYegDIh0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QXlfj6vOlv46g90VedpKs6V90coqcpKEvc5m4lrcxKlg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qzh6uFI1fwEndkAkwPRVGcjB1YzIHieb2w-yyT83OqRc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp27-cp27mu-manylinux2010-x86-64-whl", + "id": "15861168432", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 399529, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q64oHbeEmEystTsJyIcIU-05uGyekbvUuAuDRb5hyJXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QRKKbPCyAftxRQiE9KyucMXlK7d-Xk18Wt_OxSSkAE8g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QRKKbPCyAftxRQiE9KyucMXlK7d-Xk18Wt_OxSSkAE8g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QEyQjjo8Y60lpOQKhL9E0sbGxtpBFGoX7qA37K6Obm-E", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q1W9hxUD-JVckVtn1bKrjNWC2nWFN2wW2E4Snd-NFe0M", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRKKbPCyAftxRQiE9KyucMXlK7d-Xk18Wt_OxSSkAE8g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QEyQjjo8Y60lpOQKhL9E0sbGxtpBFGoX7qA37K6Obm-E", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-macosx-10-9-universal2-whl", + "id": "15861168433", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 307589, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QCiJlsyJcqTfsVkyv1YACeO7jevRgZO8jCPu5MzYRrSw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qta00BveTS9QoWO7jKWVCQyuWpbBf6bhDurUlo8so9vQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QCiJlsyJcqTfsVkyv1YACeO7jevRgZO8jCPu5MzYRrSw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qttd2huMw_QTr-vM3ofyOs4m-P3bkjdo0YDVSoa_msl4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qta00BveTS9QoWO7jKWVCQyuWpbBf6bhDurUlo8so9vQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QCiJlsyJcqTfsVkyv1YACeO7jevRgZO8jCPu5MzYRrSw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QJAbwlBWg39tAwB6qsBf79wEWlXHRjK7OiSJVnGL78s0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-macosx-10-9-x86-64-whl", + "id": "15861168434", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 225880, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q3lN79-wFvuIzean5r0usKayzIsL94ZO6To8zYwI2iWc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QZs3PCjnhjImifePHZkz58zVU1yXcWAT7PuJ8ouVVDj0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QANGGzTVvYOSwQ24u1cOXdCLoRFzwqbTyMBo_6Je5wxE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q3lN79-wFvuIzean5r0usKayzIsL94ZO6To8zYwI2iWc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZs3PCjnhjImifePHZkz58zVU1yXcWAT7PuJ8ouVVDj0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QZs3PCjnhjImifePHZkz58zVU1yXcWAT7PuJ8ouVVDj0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJAbwlBWg39tAwB6qsBf79wEWlXHRjK7OiSJVnGL78s0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-macosx-11-0-arm64-whl", + "id": "15861168435", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 258447, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QJAbwlBWg39tAwB6qsBf79wEWlXHRjK7OiSJVnGL78s0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-darwin.so" + } + }, + { + "key": "QeGmW7s9GZcweRr_qoP4Ek58lV_ltqusytfIS7hZ4lcQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q43tIs4L4u5JmlaGLjbxcJxm25LuxEBkhgxQboo8dCjM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QA0SzbKfDTRsPmV7gMrHvBfu8z_Xj__Mp8NwkEZoDXwY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QeGmW7s9GZcweRr_qoP4Ek58lV_ltqusytfIS7hZ4lcQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q43tIs4L4u5JmlaGLjbxcJxm25LuxEBkhgxQboo8dCjM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q43tIs4L4u5JmlaGLjbxcJxm25LuxEBkhgxQboo8dCjM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861168436", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 456615, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QMKtzwHKzFUy8CtFBU086ExbYEqbcsp5oAcVizb_8GGU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qp7L0Z8Poxt0ypGUc3rxexdSby3IXwviYWaxKmDjRn30", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QMKtzwHKzFUy8CtFBU086ExbYEqbcsp5oAcVizb_8GGU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QVVOvZqvipGesqEVGmrwmy8r2FJMHg8f4SbvOF-52TG8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qp7L0Z8Poxt0ypGUc3rxexdSby3IXwviYWaxKmDjRn30", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QMKtzwHKzFUy8CtFBU086ExbYEqbcsp5oAcVizb_8GGU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QVVOx58kXfuWtCQMmkrvvp2RTS_d6dBdvVjM3wf6N3P4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861168437", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 472515, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q_t8STxirzP_0m56l7-jfmarxEjQ0yeM3BbJh-witRPQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-62Kt0JqJcAsmc615YKKvynNMuaCeKIoxvXf-Yf_QYk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QcX5bCsO0_28z5dXrKtum3nAeUu-Dbwhe8e2q2-InpqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QcX5bCsO0_28z5dXrKtum3nAeUu-Dbwhe8e2q2-InpqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q_t8STxirzP_0m56l7-jfmarxEjQ0yeM3BbJh-witRPQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QWdIEtiTrE1wkNbBt0cAmGoYK1YpwuGRmQxiMkBj4Qv0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QcX5bCsO0_28z5dXrKtum3nAeUu-Dbwhe8e2q2-InpqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861168438", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 371751, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q296eRVwiHZpTiOU6Cuk3v1_hcjQUBYWCRssW3W1NLbQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QrHMtKR2dHNQ7xSqkQ5Kp5_0hQoQXJ5T2FCgYRCYbtJc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QBZjV5ubNLC0kcwqFOKYIzd1CUZzD3FnuQvSYEKdG7LY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q296eRVwiHZpTiOU6Cuk3v1_hcjQUBYWCRssW3W1NLbQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QrHMtKR2dHNQ7xSqkQ5Kp5_0hQoQXJ5T2FCgYRCYbtJc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-8p-WC0ARjVNGJYd0jebvLPDszkWuhfiZIZURq0xRxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "QrHMtKR2dHNQ7xSqkQ5Kp5_0hQoQXJ5T2FCgYRCYbtJc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861168439", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 429437, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QDUzH_56YCJA0T2HZ84aGqeXtjHrFoW_YggBx2seRChg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbaWVV5N3tQkKlpGluE0ub6NAjJeXsaH1FTvNiFAfP8I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QmaTTWYM3NrXqnS_AqN_NYpqwAh-ooNHoSDlqOM_0naQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qu7p1H-EiNugVaPtgxdCOoBc3WtLSVtYznlusypBydpc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QbaWVV5N3tQkKlpGluE0ub6NAjJeXsaH1FTvNiFAfP8I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QmaTTWYM3NrXqnS_AqN_NYpqwAh-ooNHoSDlqOM_0naQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmaTTWYM3NrXqnS_AqN_NYpqwAh-ooNHoSDlqOM_0naQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-musllinux-1-2-aarch64-whl", + "id": "15861168440", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 394151, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QVVOx58kXfuWtCQMmkrvvp2RTS_d6dBdvVjM3wf6N3P4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Qi2G72_cjF9qCj5UsaSfuClp8xHE-aqM-98wCMyrWM1w", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QLbujq1byGtmVdTemtno8t0oJe3EFiHAcIz-Rb1l304Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qi2G72_cjF9qCj5UsaSfuClp8xHE-aqM-98wCMyrWM1w", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qq62NzK-MqRiQdsgdkpaBeZG1n3KC3RBtG563mRgILmQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qq62NzK-MqRiQdsgdkpaBeZG1n3KC3RBtG563mRgILmQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qq62NzK-MqRiQdsgdkpaBeZG1n3KC3RBtG563mRgILmQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-musllinux-1-2-i686-whl", + "id": "15861168441", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 371021, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QaALT73_GTmpAPbxw2PTeEQpYxFKm3oDYMKWddPs8EtE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-8p-WC0ARjVNGJYd0jebvLPDszkWuhfiZIZURq0xRxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Qfy5c7QlhAicFAbbwMgC5b_hwLxzm7Q4kZUAlKXhfppM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qfy5c7QlhAicFAbbwMgC5b_hwLxzm7Q4kZUAlKXhfppM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q_chiv96u_25vZKUzUP_TlbXGWWhJe-ys1HINKBFe3PQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qfy5c7QlhAicFAbbwMgC5b_hwLxzm7Q4kZUAlKXhfppM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QaALT73_GTmpAPbxw2PTeEQpYxFKm3oDYMKWddPs8EtE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-musllinux-1-2-ppc64le-whl", + "id": "15861168443", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 407819, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QDPXHpNegLgRtX7X9_wDznR6fRx6sKSyK7D0yQnLfvFs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q-62Kt0JqJcAsmc615YKKvynNMuaCeKIoxvXf-Yf_QYk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q9dYPtre4BjWUdDJxymYagru77SE2tvSpoD5vosftMpM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q9dYPtre4BjWUdDJxymYagru77SE2tvSpoD5vosftMpM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QDPXHpNegLgRtX7X9_wDznR6fRx6sKSyK7D0yQnLfvFs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_8Lfly8J05Jd--glSDkShI66uezcR2StL4xGv_doZG4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q9dYPtre4BjWUdDJxymYagru77SE2tvSpoD5vosftMpM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-musllinux-1-2-x86-64-whl", + "id": "15861168444", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 378781, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QLPaSW0aIAGcbn9WvzIwi0rEU6BCmJwQzMYygPuAvrLU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QLPaSW0aIAGcbn9WvzIwi0rEU6BCmJwQzMYygPuAvrLU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QLPaSW0aIAGcbn9WvzIwi0rEU6BCmJwQzMYygPuAvrLU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qtjs-gd2REBDQv50mtm0TFyNVKIBduhWYCFUUTktnVzU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJmE0Amkwg6NxijyPuNqER_CVXaX75qXbclwP4D_ASUs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qtjs-gd2REBDQv50mtm0TFyNVKIBduhWYCFUUTktnVzU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QDUzH_56YCJA0T2HZ84aGqeXtjHrFoW_YggBx2seRChg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-310-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-win-amd64-whl", + "id": "15861168445", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 227135, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q3WatlDtrmFWco6b_Ob-GcUnxZnIsj61IE0co7copL9k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QeaOeV12RJYoWFNhvatTL7JPjH52E4HlMNP5EQ55RS1o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qxi2qfiBT-zdVMTAudhEy-ihc3R435PgWJVIg0ZroK4E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qxi2qfiBT-zdVMTAudhEy-ihc3R435PgWJVIg0ZroK4E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qxi2qfiBT-zdVMTAudhEy-ihc3R435PgWJVIg0ZroK4E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QYbOD6cNGTfFISpvE1bZnnvzqqMt3yBdJG2xNJtwiXHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp310-win_amd64.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QeaOeV12RJYoWFNhvatTL7JPjH52E4HlMNP5EQ55RS1o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp310-cp310-win32-whl", + "id": "15861168449", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 221494, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QDG0utlljuTFLzwgf0Qsosw4c2hvaQKbsxGqU2w0OrBI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QPh7XUw60gjXh1l9i61tIJ28sP2WJKWB3_vrPPnB1Gjo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q520neZ9-kAfqb8TqOOLfPx1wnc0-vfmfIGPAuXDUEP4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp310-win32.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qo1laJHRfgFUoECb6t7vuafXTyksX8aM8Kx1IAxSknT8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qo1laJHRfgFUoECb6t7vuafXTyksX8aM8Kx1IAxSknT8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qo1laJHRfgFUoECb6t7vuafXTyksX8aM8Kx1IAxSknT8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QPh7XUw60gjXh1l9i61tIJ28sP2WJKWB3_vrPPnB1Gjo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-macosx-10-9-universal2-whl", + "id": "15861168450", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 307109, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QA8ZqJxYoU7GtuJYxg5s3-zDTZ61JevGBKu3vNrv12Uw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QMsZ4XAUmIp6xWRzpyBn0pi9YryRfhm1I8_REsQKEKYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QA8ZqJxYoU7GtuJYxg5s3-zDTZ61JevGBKu3vNrv12Uw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QA8ZqJxYoU7GtuJYxg5s3-zDTZ61JevGBKu3vNrv12Uw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QpDyzZeqzbbaPXFe0hZMFhrr7XuJBbdwcnr53VlbTTqk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qf9oACMOQjnG9V8Ag1igwuQ96N6TZV9K3clREYBEzrBs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QpDyzZeqzbbaPXFe0hZMFhrr7XuJBbdwcnr53VlbTTqk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-macosx-10-9-x86-64-whl", + "id": "15861168451", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 225400, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QDfnkiYLUU3JC4hjOxN312GOc4PwGv3ryWL6PYLznA3I", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDfnkiYLUU3JC4hjOxN312GOc4PwGv3ryWL6PYLznA3I", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QloYiML0PjwF7UE619qD0IM3WGbiv9lJHb6SLb_okplg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QHBvE0k5J8xp2QqZZz8yWXzvNbabLvUsKOLt9kG4VR68", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QloYiML0PjwF7UE619qD0IM3WGbiv9lJHb6SLb_okplg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QMsZ4XAUmIp6xWRzpyBn0pi9YryRfhm1I8_REsQKEKYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QDfnkiYLUU3JC4hjOxN312GOc4PwGv3ryWL6PYLznA3I", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-macosx-11-0-arm64-whl", + "id": "15861168452", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 257951, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QlhvqaoVSUfRlAUhHBW-0Gve8sdSmP1DMsg6Keom9bu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QlhvqaoVSUfRlAUhHBW-0Gve8sdSmP1DMsg6Keom9bu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QJJ5FqNWKn1baKStQCeYOnAL3ptnduKhoPZKwgSwFO_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJJ5FqNWKn1baKStQCeYOnAL3ptnduKhoPZKwgSwFO_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QCFSBLukgPv-EHG62_i18bUOm1yZP3m66YrdJl647IAw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QMsZ4XAUmIp6xWRzpyBn0pi9YryRfhm1I8_REsQKEKYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-darwin.so" + } + }, + { + "key": "QlhvqaoVSUfRlAUhHBW-0Gve8sdSmP1DMsg6Keom9bu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861168453", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 479495, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QF7PS-Bru5-Iv7r3C1oKzo1dZj7gyEOTGIG-4BxT40wI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QGGl3NivBYwF7oHeCPk5R7FF0i2N464eXypXEZOyHqlg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "QMNw7CNSBxillkbtgOtnh6jG7hIp23ww6f97Uj9z-xiM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QMNw7CNSBxillkbtgOtnh6jG7hIp23ww6f97Uj9z-xiM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QMNw7CNSBxillkbtgOtnh6jG7hIp23ww6f97Uj9z-xiM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QF7PS-Bru5-Iv7r3C1oKzo1dZj7gyEOTGIG-4BxT40wI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QR57crqiETr_Do3rdKIJgDu9xMq8VaxPPYUNf82XmQ1k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861168454", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 501947, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q22zRTpLe6Xi6xROcNUGHURVv1xBNnX54pVOZP73kUjQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QFn8GGdAZFI30Bqh8FaOaniaSAVs2jeeg8N-1pvyzFbg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QFn8GGdAZFI30Bqh8FaOaniaSAVs2jeeg8N-1pvyzFbg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QHy3YHXJiCuFluA2s9aiN85VH-f21Ugjh77nBmhSxLy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QHy3YHXJiCuFluA2s9aiN85VH-f21Ugjh77nBmhSxLy8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q9RlThJFcJTrf9iuXGatnSS8XWBJaPWtxuV1qYu_-LE8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFn8GGdAZFI30Bqh8FaOaniaSAVs2jeeg8N-1pvyzFbg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861168455", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 394715, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QOfHtVBMXwOmv9pBYf9WBE3XljhBsgONQYSgM0pQTtUM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QbQfVsQMa_kM2E_W9BqfipSFR7jPc2p4mI_ZGhoLVYYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QOfHtVBMXwOmv9pBYf9WBE3XljhBsgONQYSgM0pQTtUM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QKewF1mWOsZLJ4qwZDI7fJVXfHLfW09nT0I2C6xEJKN0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QKewF1mWOsZLJ4qwZDI7fJVXfHLfW09nT0I2C6xEJKN0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QKewF1mWOsZLJ4qwZDI7fJVXfHLfW09nT0I2C6xEJKN0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QqH6T_941pJJ3JkRBgQmEyvZ7JUqGzVArTVWGM_Q2-sc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "tar-gz", + "id": "15861179106", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 373523, + "score": { + "supplyChain": 0.72, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.72 + }, + "alerts": [ + { + "key": "QLinXSwSD8B-yojLJeOzyR1L8F7xh9Qs-ToKsSDKfb1E", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/simplejson/tests/test_tool.py" + }, + { + "key": "Q85eVxH2GMlHE7SuPD4HiF7eMJaufTnWMp49QmHv9tpk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/simplejson/tests/test_unicode.py" + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/simplejson/tool.py" + }, + { + "key": "Q-cj3rQFJAKi_yzCdqfLg26juMrNA3hLg2ZirsAgyJ38", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3/PKG-INFO" + } + }, + { + "key": "Q9BotidEitAfxgtEtNoqs4LgaeXI9T93emNf3k-IBhxI", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3/setup.py" + } + }, + { + "key": "QpV4lyBhsVotC5WVoEGimRXZBfgn5zAgaEnDYdfxZPJM", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3/simplejson.egg-info/PKG-INFO" + } + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/scripts/make_docs.py" + }, + { + "key": "Q85eVxH2GMlHE7SuPD4HiF7eMJaufTnWMp49QmHv9tpk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/simplejson/tests/test_decode.py" + }, + { + "key": "QLinXSwSD8B-yojLJeOzyR1L8F7xh9Qs-ToKsSDKfb1E", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/scripts/make_docs.py" + }, + { + "key": "Q85eVxH2GMlHE7SuPD4HiF7eMJaufTnWMp49QmHv9tpk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/simplejson/tests/test_fail.py" + }, + { + "key": "Q0-BE9Y0UdYk7k41duGlst5liox-6CumIgtK2EcqAyqc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLinXSwSD8B-yojLJeOzyR1L8F7xh9Qs-ToKsSDKfb1E", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/setup.py" + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/setup.py" + }, + { + "key": "QLBpAMJ11jti5YJrYI23Z8S52lQCiJORrk7GxahHLly8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson-3.19.3/simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "py3-none-any-whl", + "id": "15861179107", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 181929, + "score": { + "supplyChain": 0.88, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.88 + }, + "alerts": [ + { + "key": "QEBUKwUGAqbNfgk0Lf-724l2FykJm38TLMw2mDWD9biA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qa5QKMGxXd_IbbsLEsUDTU_-a6YnBR2Z6pmaYpFjbecs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QYKYAujqr14kLXx684skq8k_fBZCjreHaTHVAXd4IrKw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qa5QKMGxXd_IbbsLEsUDTU_-a6YnBR2Z6pmaYpFjbecs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QEBUKwUGAqbNfgk0Lf-724l2FykJm38TLMw2mDWD9biA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QEBUKwUGAqbNfgk0Lf-724l2FykJm38TLMw2mDWD9biA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179135", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 460701, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QOSJq84j6G-J60pKs7n6WbGZcEOwimHDgK6D2UY2ajFE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qwoyc4ImqcXlNXG1bQmrxY7VNaWOel_Olr9EvzvXmUgc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q8d_g5-bScdu8RpJcXp-kAwU6ps7KJJL9Q7o6jQlrBPU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QOSJq84j6G-J60pKs7n6WbGZcEOwimHDgK6D2UY2ajFE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QTRVKMFJH3Myw3jvttLcCz2pbPBXfkp1seqamTZn7L0c", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q8d_g5-bScdu8RpJcXp-kAwU6ps7KJJL9Q7o6jQlrBPU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QOSJq84j6G-J60pKs7n6WbGZcEOwimHDgK6D2UY2ajFE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-musllinux-1-2-aarch64-whl", + "id": "15861179136", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 406928, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q8HuDOJOPnIwYjhuGanfimGvyizuGTHJAHKVWHC1os1E", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q8HuDOJOPnIwYjhuGanfimGvyizuGTHJAHKVWHC1os1E", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QMuIzP-YTQFv5eHOrnds3w9hVHOFyn3YTkp1dyvhuIfg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QvbDw9AFNjnP-yCdXc6J2hkyQglC23VPu712W1ij_k3U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QMuIzP-YTQFv5eHOrnds3w9hVHOFyn3YTkp1dyvhuIfg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QMuIzP-YTQFv5eHOrnds3w9hVHOFyn3YTkp1dyvhuIfg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qxqt6cKuICVXGrMWK7yFFnJcqH1rL_-LVSehHiMidLF8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-musllinux-1-2-i686-whl", + "id": "15861179137", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 383482, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QAri8Gat8SRtYmLBZ6hYs308ON9f0sREidpoqjTNMTdk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q6FTscBm50bhvdHIRZ8BNHku9l8Eza3HxL3aRIjFCfeI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-i386-linux-musl.so" + } + }, + { + "key": "QIYB16Gr9Cb9VbezxUS-29QWDKHtfKqhKhXO9htNN7Ls", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QBNlA4CaoQHiqufPbXD9jpxMQM07BzX1y4jcd8icahSk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QBNlA4CaoQHiqufPbXD9jpxMQM07BzX1y4jcd8icahSk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QBNlA4CaoQHiqufPbXD9jpxMQM07BzX1y4jcd8icahSk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QIYB16Gr9Cb9VbezxUS-29QWDKHtfKqhKhXO9htNN7Ls", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-musllinux-1-2-ppc64le-whl", + "id": "15861179138", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 423500, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QvJ1h1xYhQiJJ7RbvWaG0L9yYyPVhFTAC9HmO2ryGN14", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QQ7CETnw3QYgsuyrCynCQzx1l3HaGOPYDwrTHljEY3_M", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QQ7CETnw3QYgsuyrCynCQzx1l3HaGOPYDwrTHljEY3_M", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QCQZFLi4N0RiyvRs1dN0sdJK7oV-8KztEFOD9Xo70XqI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QuBx3hxHvBWs4Dp6er9GMG7TBtqGGpfSdu4F9JrNegbc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QCQZFLi4N0RiyvRs1dN0sdJK7oV-8KztEFOD9Xo70XqI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QQ7CETnw3QYgsuyrCynCQzx1l3HaGOPYDwrTHljEY3_M", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-musllinux-1-2-x86-64-whl", + "id": "15861179139", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 395718, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qzc93FEOgC5G9DHIKtUWzJYzbuh7ZVgYVzv6Qgvmt38I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QwVSLINXYf-p7zCYGC5_qC-5QGjsCZYZkQM4wPm0mD84", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qzc93FEOgC5G9DHIKtUWzJYzbuh7ZVgYVzv6Qgvmt38I", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QECx9cAr3k44lHkVXv-lH1EV9FEP6c3J4pwgnxXokzd8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QECx9cAr3k44lHkVXv-lH1EV9FEP6c3J4pwgnxXokzd8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QlT1PaQpTBNBvFPKJhsTIW-O2E2asopd_yjjN3CUz_Rg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QECx9cAr3k44lHkVXv-lH1EV9FEP6c3J4pwgnxXokzd8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-win-amd64-whl", + "id": "15861179140", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 226623, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qb3btTBdH9oE6C-rablHmSCgOnpTOhd07bZzouHMcSrk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QHxQ-m5ABaRT1ha5T5el1gMSEJMl9a3hMXFYKyfDz7gs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp311-win_amd64.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qm1k2W_ZZUBrI52ZhIjEoDqhUWPc238EqCtK5ldX3Aa0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qm1k2W_ZZUBrI52ZhIjEoDqhUWPc238EqCtK5ldX3Aa0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qm1k2W_ZZUBrI52ZhIjEoDqhUWPc238EqCtK5ldX3Aa0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QwHKaQMH0sJ1hbXjF1aETNBAETUPNQI22l0FfhEoBo2U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QwHKaQMH0sJ1hbXjF1aETNBAETUPNQI22l0FfhEoBo2U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp311-cp311-win32-whl", + "id": "15861179141", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 220470, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QKkmbzkYmo3LQi-OFLMbDI5mNQ4yYmgzAx3IA4iKwpHw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q1ujei_SJzs-BLaAtjE9ARXXw55NFpEnc-LiXaVxeTm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp311-win32.pyd" + } + }, + { + "key": "QIjFE_R4wZbzo4fJv-Ziny448fGnnUeaidwYUlk6a0Cs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q2xLylVbHcnlaYAkgLXgiBDuN-U_RDSS9LG84vqXBb5s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q2xLylVbHcnlaYAkgLXgiBDuN-U_RDSS9LG84vqXBb5s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QIjFE_R4wZbzo4fJv-Ziny448fGnnUeaidwYUlk6a0Cs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QIjFE_R4wZbzo4fJv-Ziny448fGnnUeaidwYUlk6a0Cs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-macosx-10-9-universal2-whl", + "id": "15861179142", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 323509, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QZW808GkereFSwYVnOCysJsvOrKw5Tn2Q5RY_S9ZD3FQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QY48xILZXhxAKDFXvABiW5VPTjUC-rX2W50r0jA0uHa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-darwin.so" + } + }, + { + "key": "QZW808GkereFSwYVnOCysJsvOrKw5Tn2Q5RY_S9ZD3FQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QrK5UilDswa_UL8tmTyrVoNgSujZpPvkOMJMQMTrz8Rw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qz_JkfWYZlmjIj6Mcs5yy05KX47yn-gILpbQYHv7EB2g", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZW808GkereFSwYVnOCysJsvOrKw5Tn2Q5RY_S9ZD3FQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QrK5UilDswa_UL8tmTyrVoNgSujZpPvkOMJMQMTrz8Rw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-macosx-10-9-x86-64-whl", + "id": "15861179143", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 229520, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QTAkW4MT_L5lwM4pPpVua6_HragVmV3aShOFH8WsBD_o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QQR-AiZkx7ooX07bzxjq0zCzTyssrux6bwj2QvKUbfKk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QQR-AiZkx7ooX07bzxjq0zCzTyssrux6bwj2QvKUbfKk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QY48xILZXhxAKDFXvABiW5VPTjUC-rX2W50r0jA0uHa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QQR-AiZkx7ooX07bzxjq0zCzTyssrux6bwj2QvKUbfKk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QW4Wzr6jn55PQHo7cC-rOoynXgcMeY6jDp7pep2MXCHE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QTAkW4MT_L5lwM4pPpVua6_HragVmV3aShOFH8WsBD_o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-macosx-11-0-arm64-whl", + "id": "15861179144", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 257967, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe8vvvGlSmPVGgsLGx_MAC9mAjpasuixvQ5fhS9nD6PM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QpteI_-uD6_0_EvrhkIeghK982mSVZtk-KztesR7z7kc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFTuLUHImep8EOPW1Ak3OGY-QH9fwdmBKe2_rc0482RI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QY48xILZXhxAKDFXvABiW5VPTjUC-rX2W50r0jA0uHa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QFTuLUHImep8EOPW1Ak3OGY-QH9fwdmBKe2_rc0482RI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QFTuLUHImep8EOPW1Ak3OGY-QH9fwdmBKe2_rc0482RI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe8vvvGlSmPVGgsLGx_MAC9mAjpasuixvQ5fhS9nD6PM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861179145", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 506239, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QOw7EAL-Om4kiq8ArxlcXj9Ze6DBTCEIfOn2NOXL9-UA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QOw7EAL-Om4kiq8ArxlcXj9Ze6DBTCEIfOn2NOXL9-UA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QOw7EAL-Om4kiq8ArxlcXj9Ze6DBTCEIfOn2NOXL9-UA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QI-YXbhYzKEJEbjoMfc6tuxWPrn4OzOB0L0EI3OMW-gY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QI-YXbhYzKEJEbjoMfc6tuxWPrn4OzOB0L0EI3OMW-gY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qn5Zq2EI3iGHQBBHocyAZPaKwIbOYKCkXlVyF7L-WLv0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaA7RVX1ZHDY8mJTvHXMZ4D80e3PvD2pXCJ82FTnS3dM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861179146", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 524035, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QSWPlBY3N8Cb9Jk88sraF3bNKHgHjO0bn1ydlP_Pw3tg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QPZRIYk3vw7tVIE1fNPQO7tUL9_3bUD34-0jo_mmEpVI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QPZRIYk3vw7tVIE1fNPQO7tUL9_3bUD34-0jo_mmEpVI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QwDxj03_K12Dneqmu1NoZdrBgZZHOkH73yrJGNXHRZD0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QJ4wZGddKL-sJm6s-OVf_EvEubRt-ibsejLhX_Gems0g", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QPZRIYk3vw7tVIE1fNPQO7tUL9_3bUD34-0jo_mmEpVI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QSWPlBY3N8Cb9Jk88sraF3bNKHgHjO0bn1ydlP_Pw3tg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861179147", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 417679, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q4cyExPtChFbkvG7MN3Ru0hZK809j81noaLhnezlXFZk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qo0iaN4P3WJD1zwhu8GT3WuDvjEPBXNe6SjibTkQULPs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q4cyExPtChFbkvG7MN3Ru0hZK809j81noaLhnezlXFZk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qo0iaN4P3WJD1zwhu8GT3WuDvjEPBXNe6SjibTkQULPs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qo8EQcVpTeaBmiv09qTSaxQ-gYxJ37nmeC3XmmIOKDiI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "QzmupmKpaPN0CaYmganWgkW-EeH85OtipAgus5ogoTS0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qo0iaN4P3WJD1zwhu8GT3WuDvjEPBXNe6SjibTkQULPs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179148", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 488157, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QJqcbByQFEQ964zZULs3OIK_PNvPTJRPQiCfe9dWQpMU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qw3Tb7jKI-3KEwU1g-wfls1-YYkLIRgV3p4yG_cPnhjM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qw3Tb7jKI-3KEwU1g-wfls1-YYkLIRgV3p4yG_cPnhjM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qw3Tb7jKI-3KEwU1g-wfls1-YYkLIRgV3p4yG_cPnhjM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qi1V7teMD8R22uaproDM5q_1-iYufRiRiQwsLxdewNi8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qw5SrfXp9tqylTDhkAANCbrXpdjwXV0AB0UqkmmkBVKs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJqcbByQFEQ964zZULs3OIK_PNvPTJRPQiCfe9dWQpMU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-musllinux-1-2-aarch64-whl", + "id": "15861179149", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 423408, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QAEtQf5hXs7qDWl2_c956NG5S9fc-CbLvPpRFP6lSuC8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QC3rj3lCURBDmWLtBDpaKWVPjgcsbKux1BGGPqee8S_8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QK7svL2u_5NVofdPiP1y_TemCLeRSW_oqMtkwFeQZmcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "QC3rj3lCURBDmWLtBDpaKWVPjgcsbKux1BGGPqee8S_8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QAEtQf5hXs7qDWl2_c956NG5S9fc-CbLvPpRFP6lSuC8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QC3rj3lCURBDmWLtBDpaKWVPjgcsbKux1BGGPqee8S_8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QaF0K22e2MmSKvQ44aoh-yBTsVEF_9f7kcM35DZoT_w0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-musllinux-1-2-i686-whl", + "id": "15861179150", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 403674, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QE3RHTTgRK-yJ2-ltm-0bTZXrRb2CLk0Q0bQD3sQrvkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-i386-linux-musl.so" + } + }, + { + "key": "QcotQ-buUdZ9PTOlX4bxwyVLIk2ADzJN9sfxGTUxKTiA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe4pLMsiHZpJdcx9SXvNygNN04_x0_viE4kv1k2ncmCs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QU9nXsPzCD7FeB46F1wfd2wkAVOo8KKwtraQDJlMAROg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QcotQ-buUdZ9PTOlX4bxwyVLIk2ADzJN9sfxGTUxKTiA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe4pLMsiHZpJdcx9SXvNygNN04_x0_viE4kv1k2ncmCs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe4pLMsiHZpJdcx9SXvNygNN04_x0_viE4kv1k2ncmCs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-musllinux-1-2-ppc64le-whl", + "id": "15861179151", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 437508, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QLd-BdNMp4OsENM4i__m0ZsesAxNodyKegs479CjnHzQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QNwYzBnlqmjIGGyyDoTSI-PWixJehoJvgi_DmeaEXezk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "QLd-BdNMp4OsENM4i__m0ZsesAxNodyKegs479CjnHzQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QLd-BdNMp4OsENM4i__m0ZsesAxNodyKegs479CjnHzQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QXL94qGYGXna0PTrPzEBniyQUrBI6lKBMjiFv4iSNIlc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSlGDAYnQTpEOZ0wcincJ55fdfu4ehuKLiIwdht2Xs0U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QXL94qGYGXna0PTrPzEBniyQUrBI6lKBMjiFv4iSNIlc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-musllinux-1-2-x86-64-whl", + "id": "15861179152", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 414486, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QBx5u06L4RcQpa9028v2OIkgKsWGCzeP7gYwybmUpyCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q-Rui-9ezrtIWHHIEOPJvV54OZ3bX1hlmqAlXiTR-MXY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QZMM15F7iHBpYSYlG7kCZQXOvPxwNTXklaPn1JasWNuY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q-Rui-9ezrtIWHHIEOPJvV54OZ3bX1hlmqAlXiTR-MXY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZMM15F7iHBpYSYlG7kCZQXOvPxwNTXklaPn1JasWNuY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QZMM15F7iHBpYSYlG7kCZQXOvPxwNTXklaPn1JasWNuY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QOD78hDBSahk29F0YuTbBOW8ZeoHpCqZPllcI0eOWGOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-win-amd64-whl", + "id": "15861179153", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 227647, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qha03KrV6SqxNwUYZRgiyL7IjbRROLkZpz_K2I_QBfxY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q3oybLwvyh8EwIDwNi5cH6mcnvB_j1-KoId9KqUDndMg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp312-win_amd64.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QmTVYvgbz4EWFb5IvnS4mY8HmaRssSryql6ao1r5NeNg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QmTVYvgbz4EWFb5IvnS4mY8HmaRssSryql6ao1r5NeNg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmTVYvgbz4EWFb5IvnS4mY8HmaRssSryql6ao1r5NeNg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qha03KrV6SqxNwUYZRgiyL7IjbRROLkZpz_K2I_QBfxY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QExIbPPW7k55l9U4D0tjL2m-Ov4t-1Gj2doOkMQhjfWI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp312-cp312-win32-whl", + "id": "15861179154", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 221494, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QaGpDsneTLgVjmy3xNQ9P75xluLgx7cUUvixNiHuVv1U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QY6k085zJA9SHtSOtIxJIPNu0pMyHh-JYacXN7uoXgw0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp312-win32.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qqpwf57Y9GuXhvGcIyUUyY-pd3l_xEQK4qxmxYGrRnV8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qb_EsD7ZRuORxNiKlYKNIwWhcEKM2Vv2l53aqYW6z6_E", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaGpDsneTLgVjmy3xNQ9P75xluLgx7cUUvixNiHuVv1U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qqpwf57Y9GuXhvGcIyUUyY-pd3l_xEQK4qxmxYGrRnV8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qqpwf57Y9GuXhvGcIyUUyY-pd3l_xEQK4qxmxYGrRnV8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-macosx-10-13-universal2-whl", + "id": "15861179155", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 323510, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QmEoYc6SACJH32AmqepNYtYkNyaDOK1_Zyx9yRBw8f8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QUQ7EndinJlEKA0Hvk5hBFuIYEPQWcd1_5URNdtPtoKI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QUQ7EndinJlEKA0Hvk5hBFuIYEPQWcd1_5URNdtPtoKI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QAilFGAEOtiLIa4wno4h05kl7Za5lCb12r5t_vFonsog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QqI4N1Hz-lQy3XIegNhKwNrZRIdr8t3E71HsQbPIhMoM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QAilFGAEOtiLIa4wno4h05kl7Za5lCb12r5t_vFonsog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QAilFGAEOtiLIa4wno4h05kl7Za5lCb12r5t_vFonsog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-macosx-10-13-x86-64-whl", + "id": "15861179156", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 229521, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q-L9H1eRJyiw1z__izotS3MtqAg3HrvgVoG7qdQb2kb4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QBlIeXm075JMLSrJbODTx-mhNSjM4UgmUFktQJm8HUBc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QBlIeXm075JMLSrJbODTx-mhNSjM4UgmUFktQJm8HUBc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QBlIeXm075JMLSrJbODTx-mhNSjM4UgmUFktQJm8HUBc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmEoYc6SACJH32AmqepNYtYkNyaDOK1_Zyx9yRBw8f8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-darwin.so" + } + }, + { + "key": "Q-L9H1eRJyiw1z__izotS3MtqAg3HrvgVoG7qdQb2kb4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QH4doGABa_dbKQZD99iTtju6KD1yvN4uv7-ga9oBZkWY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-macosx-11-0-arm64-whl", + "id": "15861179157", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 257967, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QRYFpAH2KqiI1wkBJtKUEVn3ebr0NNQJXhbX9YsAgbpA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRYFpAH2KqiI1wkBJtKUEVn3ebr0NNQJXhbX9YsAgbpA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QwlwBRgkj0UOi7L0TzXA8a68S5Vza1Vz_XIJq99lz5gc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QwlwBRgkj0UOi7L0TzXA8a68S5Vza1Vz_XIJq99lz5gc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QwlwBRgkj0UOi7L0TzXA8a68S5Vza1Vz_XIJq99lz5gc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmEoYc6SACJH32AmqepNYtYkNyaDOK1_Zyx9yRBw8f8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q9IEaZRKm8SCX_NT4Z7DcsXV5f86n9NGuokUUUKTjdd0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861179158", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 506263, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe0xAXX8lPMP_fqpv854J8BoLfvGIDnXE3tj-xhgxLZ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QZHcA3Zh7hCTckqTMBSMfHJPYMse_jB483f6N4gvrK_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qa_wfQImg0rwTBmQjW8kcfOZJihtrCUL1LgEcejxL4eQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QZHcA3Zh7hCTckqTMBSMfHJPYMse_jB483f6N4gvrK_Y", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QLMyuI5uCUoRROUbBI9Pcz0O8LVTENJJ4Ga_M2K2jxOQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qa_wfQImg0rwTBmQjW8kcfOZJihtrCUL1LgEcejxL4eQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qa_wfQImg0rwTBmQjW8kcfOZJihtrCUL1LgEcejxL4eQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861179159", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 524139, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QCXQI-Kg6mUmFba17gkgg05QyBxPoHmcmp-XuWntTGi8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QaqJhF_z-EOCwtyrBHqKFLOn2YlKWoFLyn1IdEpFnQKM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaqJhF_z-EOCwtyrBHqKFLOn2YlKWoFLyn1IdEpFnQKM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qj6BIB8j4qArOuJPTePuQR4jwMLP8yVRRmwfbPx94MRg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QRjZCEq7ohxCJKWXsI_xIMOYtYzJe5QTJzBX2lQxSfRw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QCXQI-Kg6mUmFba17gkgg05QyBxPoHmcmp-XuWntTGi8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QCXQI-Kg6mUmFba17gkgg05QyBxPoHmcmp-XuWntTGi8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861179160", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 417699, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q5IypoPfN_R0whMoqVnnZaynhkzHIFO4orWXPYz0xA9o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QMU21lr1ibHrzBznG2mjkb8epzF25iXSFO6DF9Cc8fDM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "Qv3M7g2Ub3G9joCYH856vzWNPwQn5KUaudlX-07lmhIc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qv3M7g2Ub3G9joCYH856vzWNPwQn5KUaudlX-07lmhIc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qv3M7g2Ub3G9joCYH856vzWNPwQn5KUaudlX-07lmhIc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q5IypoPfN_R0whMoqVnnZaynhkzHIFO4orWXPYz0xA9o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QxmYNqbWiDSKPM_ikrteu5c4hD46h7JjM4HnHxyodoPE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179161", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 488181, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QiaYIaxS6ByhosN_wDNwIzrNIM1PlgM4zgqNBnuNJlhs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QiaYIaxS6ByhosN_wDNwIzrNIM1PlgM4zgqNBnuNJlhs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q0aJp9rtMXrS0JhIETM27c44U-Hvb09zMvta93B1g_JE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QYgmeyiRM6aK5MSKWj4w5j_8_hKaKh0Gwr-5e2wVr8AY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QgTXQq-WBwZ9phQnPiUYFODAFEtX5Se79DxnOURfgyyQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QgTXQq-WBwZ9phQnPiUYFODAFEtX5Se79DxnOURfgyyQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QiaYIaxS6ByhosN_wDNwIzrNIM1PlgM4zgqNBnuNJlhs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-musllinux-1-2-aarch64-whl", + "id": "15861179162", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 423568, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qglp1BgV_nSpfnjRvaVtxKrM12cZLwHSaoGCAxrOhbZc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QWTjNJTVQ3ju44fes4fvQE44fAzqF3_X8HkkTFXCCei0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qglp1BgV_nSpfnjRvaVtxKrM12cZLwHSaoGCAxrOhbZc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QVjlu8FSz2c7m89ieGC02G4bjfW5JmJy1Oa-nnPaXb38", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qc0lxoDNf9iKeR88l0daK8ADnxCARsWe0VPKXRlqskTs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QVjlu8FSz2c7m89ieGC02G4bjfW5JmJy1Oa-nnPaXb38", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qglp1BgV_nSpfnjRvaVtxKrM12cZLwHSaoGCAxrOhbZc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-musllinux-1-2-i686-whl", + "id": "15861179163", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 403834, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QF7FHC8oXcsFmRNerWOHUibiB3fHLK3Dvg7Ki0OT21KA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-i386-linux-musl.so" + } + }, + { + "key": "QUlMXyYMdk61R4A0hxK_aU1k2hWl5i70YiC2hToAhwhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QUlMXyYMdk61R4A0hxK_aU1k2hWl5i70YiC2hToAhwhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QUlMXyYMdk61R4A0hxK_aU1k2hWl5i70YiC2hToAhwhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QSik6dbyn-iDSxGVRtoAurfLgoqcqBEj3tq85csReqE0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qk4V0mEUVgq7YGDKjNTcwXvtrxWeizGI6m9eNvqWk0_E", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSik6dbyn-iDSxGVRtoAurfLgoqcqBEj3tq85csReqE0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-musllinux-1-2-ppc64le-whl", + "id": "15861179164", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 437652, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qd1xIOi3ODyMGu4qo-bozQojfuU0JB_wvpMLgDfVx4kA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qs94JqyWl9Z8L60Dex3H0tcDVHuE92sKoDgT79NT3kfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qd1xIOi3ODyMGu4qo-bozQojfuU0JB_wvpMLgDfVx4kA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qd1xIOi3ODyMGu4qo-bozQojfuU0JB_wvpMLgDfVx4kA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q2Azm7qeA2OzzVsntRA8vXLjcONoKmYQgZJz4XZDs7v4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QsNyNogA1ou6tAM_mgZ8arXwN5Oj6WVv3pD6g_VGsImk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q2Azm7qeA2OzzVsntRA8vXLjcONoKmYQgZJz4XZDs7v4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-musllinux-1-2-x86-64-whl", + "id": "15861179165", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 414622, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q51IfxWFn1tyHHgpGpD9clBsWBIAAov7_lrfqzo-p_L0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QCu63Gc8Twr7lP3eFNSW1dE6YmTHHRcPARgeqNcZO4hI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QrLMTvp242de4RpP2uWqPQ4uAckMsXcRCk4pCq5XAS48", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QrLMTvp242de4RpP2uWqPQ4uAckMsXcRCk4pCq5XAS48", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QrLMTvp242de4RpP2uWqPQ4uAckMsXcRCk4pCq5XAS48", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q51IfxWFn1tyHHgpGpD9clBsWBIAAov7_lrfqzo-p_L0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QqtsvWo7JXSdNXUZYjwGaPsgQhEhzHjVJDxHuXeoOemg", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-win-amd64-whl", + "id": "15861179166", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 227647, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QODNctWvLMA2j15bJ86qbT1rugoP2s4uCQ4WxFgrVGFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp313-win_amd64.pyd" + } + }, + { + "key": "QrmysOjNKgAQSR8xtqKDVZLm77PHiAJ0UZLAvjFJSRVM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qi6bzH0JAM3dBI0a54_vPUaObHeLPspqyyBD3OEtSs1A", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QrmysOjNKgAQSR8xtqKDVZLm77PHiAJ0UZLAvjFJSRVM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qu1h47DGZ_cZKMVwVCiKjMrR4zqPPV0XqvXe3CruY0cg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "Qu1h47DGZ_cZKMVwVCiKjMrR4zqPPV0XqvXe3CruY0cg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qu1h47DGZ_cZKMVwVCiKjMrR4zqPPV0XqvXe3CruY0cg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp313-cp313-win32-whl", + "id": "15861179167", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 221494, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QiwDz_07rbgCZn9UH5aWzvLHff0Ciua9EcxFg3xqObhQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QjTezNHJ3kiEjaOm7blcJ7MQEg9gv3DKFrU0g2DqPz_A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q4qcBtfPLpuz62DAgWQ3GWN1xQ0zj0Y9mXbxbbMoFdYs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QjTezNHJ3kiEjaOm7blcJ7MQEg9gv3DKFrU0g2DqPz_A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QXPWEv9BFEFYKZ-AGlM6HLU9ZQbRBEiqjN6mup5XiDoM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp313-win32.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QiwDz_07rbgCZn9UH5aWzvLHff0Ciua9EcxFg3xqObhQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QiwDz_07rbgCZn9UH5aWzvLHff0Ciua9EcxFg3xqObhQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-macosx-10-9-x86-64-whl", + "id": "15861179168", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 224987, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qx3Kwwo7mB7ID-dvlZUyW8x0eneItWuyft2esxquuoF4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qx3Kwwo7mB7ID-dvlZUyW8x0eneItWuyft2esxquuoF4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QV94qgEk9JXSZlNeQsdEXqhTz3lOB3BSGQr-IuMYHGDQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QqN_JlrbyeubLUQWPxnoSfkSyXArc1TixhaFXyy7IVJE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QRnqP0EylnuRzFeXrOYf4EsH-BlkfRDyaqzteROi2SXQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qx3Kwwo7mB7ID-dvlZUyW8x0eneItWuyft2esxquuoF4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QV94qgEk9JXSZlNeQsdEXqhTz3lOB3BSGQr-IuMYHGDQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861179169", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 404648, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QUgCa-xeG9uO8I0wL8jCpRSBtkQ5dqZWz39y7oaQNxPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QpxZh6KTISW6mSwcLUZXMq1c_XUICfkHJeX27TYXaL8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QD2fDjDmGOMwlTtdyr_rMM9JjdB8TJax4qyFqzIeCaoc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QD2fDjDmGOMwlTtdyr_rMM9JjdB8TJax4qyFqzIeCaoc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QD2fDjDmGOMwlTtdyr_rMM9JjdB8TJax4qyFqzIeCaoc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q_mA8PaAcdurjGKy_jK6UiJelEQVsxKI5P04TiX1G-Kw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QUgCa-xeG9uO8I0wL8jCpRSBtkQ5dqZWz39y7oaQNxPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861179170", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 423852, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QWH5ipIr3EtBO3BKJsA_Kno7bO5LMJe8YwuVwnY5XEXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QjQVBxOIDAKPp8eKvLdKaqpj8VuRzvHQqA1zxqnbb9Xg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QjQVBxOIDAKPp8eKvLdKaqpj8VuRzvHQqA1zxqnbb9Xg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QjQVBxOIDAKPp8eKvLdKaqpj8VuRzvHQqA1zxqnbb9Xg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QuKNSvgS_VmdeA8Cea6iox9q6V-M2qfJuP-ma1Z-CuJU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDGPQclILkHbgA18xg7I5H71aVJKyNp7FwSKTh3MhwDE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QuKNSvgS_VmdeA8Cea6iox9q6V-M2qfJuP-ma1Z-CuJU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861179171", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 341530, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QRL4zU98qX_iMs7fw3vDMMx9Zg3L4yf_N9IiHQCGg540", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "QwW0FsmVriq7fnuEnJOzT4SFYtcppFgF3WsezGBFmbJs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QsceopJlqaPZKqDM2UZjm3fCDf-CcEvk2gIif6dY5WNs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q1S3GDqQFZc2fuTPjlsxdphOklIJSvCrwITCnWIdpwmQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q1S3GDqQFZc2fuTPjlsxdphOklIJSvCrwITCnWIdpwmQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QwW0FsmVriq7fnuEnJOzT4SFYtcppFgF3WsezGBFmbJs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q1S3GDqQFZc2fuTPjlsxdphOklIJSvCrwITCnWIdpwmQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179172", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 384452, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QpRs7w4MdwBJ7cxNfCurItW5fd2mUBR2ZFotBqKQJD08", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QpRs7w4MdwBJ7cxNfCurItW5fd2mUBR2ZFotBqKQJD08", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QFB2yDgSK-6xnOYWcdT8_XRKZq76cFaGOjVzD6XzYQ8A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDX1RU1CONQZjh2rKhncwLeoqkAQfM-s0I1e_5xx8fhQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFB2yDgSK-6xnOYWcdT8_XRKZq76cFaGOjVzD6XzYQ8A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QGH5RqfqEo9eZP_sw4YkkkztexMkahdoc1I5Y-t1u298", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "QpRs7w4MdwBJ7cxNfCurItW5fd2mUBR2ZFotBqKQJD08", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-musllinux-1-2-aarch64-whl", + "id": "15861179173", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 365993, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QoR4rPU-lF8JOAd8TfrANg8Jzna37uNo8ylLkpNeNTto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QeXk3Gtl1o66REksIYvNd0OMn5aUSjMqSObngL2Nje80", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QpxZh6KTISW6mSwcLUZXMq1c_XUICfkHJeX27TYXaL8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-aarch64-linux-gnu.so" + } + }, + { + "key": "QoR4rPU-lF8JOAd8TfrANg8Jzna37uNo8ylLkpNeNTto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QcL4enGxRW-BMxArq0AYmPs5Lt6SLJPLt6mX7vtNSNJk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QcL4enGxRW-BMxArq0AYmPs5Lt6SLJPLt6mX7vtNSNJk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QcL4enGxRW-BMxArq0AYmPs5Lt6SLJPLt6mX7vtNSNJk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-musllinux-1-2-i686-whl", + "id": "15861179174", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 342935, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QRL4zU98qX_iMs7fw3vDMMx9Zg3L4yf_N9IiHQCGg540", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qyw0EnTFFJdgdvncREPoXM1emDeVSV4Uc9EW6uoxnDGA", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QF_OowWzfcenhj2_E4Kb-39kWIaE1LPMiX7WJbPEmPqM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qx3EpwMYXNJnLKUkAzruLC4mphJEl0NDVOFDQpOLla-E", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qx3EpwMYXNJnLKUkAzruLC4mphJEl0NDVOFDQpOLla-E", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QF_OowWzfcenhj2_E4Kb-39kWIaE1LPMiX7WJbPEmPqM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QF_OowWzfcenhj2_E4Kb-39kWIaE1LPMiX7WJbPEmPqM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-musllinux-1-2-ppc64le-whl", + "id": "15861179175", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 379597, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QWUfdISBW6JAaQMjPKFg8YquL4gzgFuYIdTtuAb5gSSE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvwUArr34Cz0xKI7nsFjnvNUoD-_poprm9Kg3tHr9PBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QYNKnbQ9DE0z0ShKkcsuFZqhVL-4kZhxbIQmFHcq9N8s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QYNKnbQ9DE0z0ShKkcsuFZqhVL-4kZhxbIQmFHcq9N8s", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvwUArr34Cz0xKI7nsFjnvNUoD-_poprm9Kg3tHr9PBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QWH5ipIr3EtBO3BKJsA_Kno7bO5LMJe8YwuVwnY5XEXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QvwUArr34Cz0xKI7nsFjnvNUoD-_poprm9Kg3tHr9PBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-musllinux-1-2-x86-64-whl", + "id": "15861179176", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 352303, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QUMtLOdu7N-YQUAutd7eg6jaqRt8kOeLSTN1EmNJBS2w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QUMtLOdu7N-YQUAutd7eg6jaqRt8kOeLSTN1EmNJBS2w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QUMtLOdu7N-YQUAutd7eg6jaqRt8kOeLSTN1EmNJBS2w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QxVKGgfvxplWJkFjAqMwi0OF-tj67k7BdPspvuMq4Efw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QIz5hh1QDevL3Fy_16ZTz2yvzWp3RDJ-OH-YS94tsQFY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QxVKGgfvxplWJkFjAqMwi0OF-tj67k7BdPspvuMq4Efw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QGH5RqfqEo9eZP_sw4YkkkztexMkahdoc1I5Y-t1u298", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-36m-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-win-amd64-whl", + "id": "15861179177", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 231674, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QfR2-RQOawa7j-45txVMfJRvFeyLOrwrQ85dayqc7iVw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q-IfQ1-UXwUoTzGqC-BvodoEvdBspyy3gVjwQ_zgxY44", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QfR2-RQOawa7j-45txVMfJRvFeyLOrwrQ85dayqc7iVw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q3FABW5oeTftsdGLTmALX8-DW1v7HhwLQKhjpF-efiXo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q3FABW5oeTftsdGLTmALX8-DW1v7HhwLQKhjpF-efiXo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q3FABW5oeTftsdGLTmALX8-DW1v7HhwLQKhjpF-efiXo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QM_nTVqHH4dSLVxZ8-qKNWvYs167E9jwAuQGyL447Bms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp36-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp36-cp36m-win32-whl", + "id": "15861179178", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 223985, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QD8LveurPzo92b1IxNXzxRsu0iBmkCI4Q0VXfSUTvH-s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QD8LveurPzo92b1IxNXzxRsu0iBmkCI4Q0VXfSUTvH-s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QEDfNW7uo0KUt34OB-N8ZCT9593Yua-WRCXAWGq7QJcs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QeynUuOI6F5-BI-DLCM9dA0xZfuJV8-tR5RRrcF83sOE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QEDfNW7uo0KUt34OB-N8ZCT9593Yua-WRCXAWGq7QJcs", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QZcXtnRRm20WamTvfahDT-GLXzwHwi0vG4K7UkGSUok0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp36-win32.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QD8LveurPzo92b1IxNXzxRsu0iBmkCI4Q0VXfSUTvH-s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-macosx-10-9-x86-64-whl", + "id": "15861179179", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 225040, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QrMYqVcvMelYUWX9KtdHLmzE2E2-uSii2ZW2pUL-6_RU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-darwin.so" + } + }, + { + "key": "QRrtRJeraXQpG4mI2MwZu-iLTEhRAspCNR-acwZvvxgo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QRZ-XaYlqHd-zbrQFKySCRCjHVg8N88tVGnl4pMJFyv4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QRrtRJeraXQpG4mI2MwZu-iLTEhRAspCNR-acwZvvxgo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QZO9LifpFwPsyDHUPI_WTGgQfBiNVrADOV2W0bKZs_ZY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QZO9LifpFwPsyDHUPI_WTGgQfBiNVrADOV2W0bKZs_ZY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QZO9LifpFwPsyDHUPI_WTGgQfBiNVrADOV2W0bKZs_ZY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861179180", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 406462, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q3gMUMIce1gb-LuVBTKq8r0z_S52V23laGDDONXTRb18", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q4GcA2Dgwsz81JHDibnNl4SdqTfI2yn1cEFgtdvDGwR0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "QMugl5ttsfbeVQzbQMe42_eby1wouISTcy_OZPAhC5Ts", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q3gMUMIce1gb-LuVBTKq8r0z_S52V23laGDDONXTRb18", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q81EynJGbNJgLBjM-MVB5wlJ2lhMJGzDLjST_AFIWscw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QMugl5ttsfbeVQzbQMe42_eby1wouISTcy_OZPAhC5Ts", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q3gMUMIce1gb-LuVBTKq8r0z_S52V23laGDDONXTRb18", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861179181", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 425666, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QvKNzD1_AHsCsFp-2BqPUUHNIIWC-RWTTiQrYUqoLL2M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QQAbhWtFmB93U_SgzEX6R1--UmPR8Q5OE1YnKlinvDEg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QQAbhWtFmB93U_SgzEX6R1--UmPR8Q5OE1YnKlinvDEg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QQAbhWtFmB93U_SgzEX6R1--UmPR8Q5OE1YnKlinvDEg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QX2Pa4NwhGB9pqXBMSXobAh7nONjxbp1Wm6OR12X5Omw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QVZ7XL5NOwjLTRTSD9uIb_VCfBf6BLFATlS6r_RIhnao", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvKNzD1_AHsCsFp-2BqPUUHNIIWC-RWTTiQrYUqoLL2M", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861179182", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 343356, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QE06wDcCRFX6DoCJE-vg6A5wdIR5JLCsI_ntyTSkyPVI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QJoHjxe26Zt1niioNxFi-5VXJtuNeeK-kGiM4DpnKzBA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QA4SRnFY9hD_Gl4hjUe0I3PKiNIortbKk7HuI8SuB-8g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QJoHjxe26Zt1niioNxFi-5VXJtuNeeK-kGiM4DpnKzBA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QJoHjxe26Zt1niioNxFi-5VXJtuNeeK-kGiM4DpnKzBA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QvGF5vFayphS3TJDrCJ6ME65WcmKSevLkhLKsuXbKFHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-i386-linux-gnu.so" + } + }, + { + "key": "QA4SRnFY9hD_Gl4hjUe0I3PKiNIortbKk7HuI8SuB-8g", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179183", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 386266, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QorfRIXqmIxGHfwh7_d6Nwd7IhH8UFMUSRz97488g3Io", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QyAPFw-0fPZ2pk_sGfw28TDOGzlDXrcgvsSJ9b_BHUqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QorfRIXqmIxGHfwh7_d6Nwd7IhH8UFMUSRz97488g3Io", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QorfRIXqmIxGHfwh7_d6Nwd7IhH8UFMUSRz97488g3Io", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QNGUaGtdoy0J7Ppvtphu8rzhxUZCkHKBljWtqWfuhz5A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QNGUaGtdoy0J7Ppvtphu8rzhxUZCkHKBljWtqWfuhz5A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QR21BreT_2WUCKhbEYi879DpwOg75_-8L1loWb1r9qyM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-musllinux-1-2-aarch64-whl", + "id": "15861179184", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 367823, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q4GcA2Dgwsz81JHDibnNl4SdqTfI2yn1cEFgtdvDGwR0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-aarch64-linux-gnu.so" + } + }, + { + "key": "Q4Mru2zDneMJRskrtsdZcYUiTyQ9gYlYgw-GQbGYhC2E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q4Mru2zDneMJRskrtsdZcYUiTyQ9gYlYgw-GQbGYhC2E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q-qWVCevna9Z1FdMk73w1nNdwJJJ0SKDdn4eSxLirgTY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QTI3UGJRVYXeAAtw6Ck01qwGSDjP5UbchRgrTNqEPfho", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q4Mru2zDneMJRskrtsdZcYUiTyQ9gYlYgw-GQbGYhC2E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Q-qWVCevna9Z1FdMk73w1nNdwJJJ0SKDdn4eSxLirgTY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-musllinux-1-2-i686-whl", + "id": "15861179185", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 344761, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qi26KYxy5BtLg4b_Erp601rID8uOketpndo612h_SESc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qi26KYxy5BtLg4b_Erp601rID8uOketpndo612h_SESc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qi26KYxy5BtLg4b_Erp601rID8uOketpndo612h_SESc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QfLSREBCRhdBcCmdfUXJhQmdBCqwuayUDMEMjp0JL_CY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q59YUAPAPlyoqZsm4VZWo4uMzFCGKDQv3MnEbA_3j6bM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QfLSREBCRhdBcCmdfUXJhQmdBCqwuayUDMEMjp0JL_CY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QvGF5vFayphS3TJDrCJ6ME65WcmKSevLkhLKsuXbKFHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-i386-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-musllinux-1-2-ppc64le-whl", + "id": "15861179186", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 381427, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QX2Pa4NwhGB9pqXBMSXobAh7nONjxbp1Wm6OR12X5Omw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QmLAzMuVOgVSZ66-2PtplGiotETdV9TOkRRWYaB89dnA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QmLAzMuVOgVSZ66-2PtplGiotETdV9TOkRRWYaB89dnA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QmLAzMuVOgVSZ66-2PtplGiotETdV9TOkRRWYaB89dnA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QnJ7ScilNY9ZdBD9SCKHc1pF5DGknc66Ozt3g-WT4kiM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QnJ7ScilNY9ZdBD9SCKHc1pF5DGknc66Ozt3g-WT4kiM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QXEUCYOlCpzH_sXXpNToSaLst0ZKH7EPIW06JXXfw7CI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-musllinux-1-2-x86-64-whl", + "id": "15861179187", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 354133, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QRcMV0FTJq-PUsqIzurbmSfEPJUzAMaJYa_a9rWgZuos", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QFgVOwRpep2jycDMCAb0imeXXFfOMVAV65OF__cHatL4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QviHwIAn2R0IrPkIGqk8FdE3gpAaPg87KWn61DeeB4Hk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QviHwIAn2R0IrPkIGqk8FdE3gpAaPg87KWn61DeeB4Hk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QviHwIAn2R0IrPkIGqk8FdE3gpAaPg87KWn61DeeB4Hk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QyAPFw-0fPZ2pk_sGfw28TDOGzlDXrcgvsSJ9b_BHUqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-37m-x86_64-linux-gnu.so" + } + }, + { + "key": "QRcMV0FTJq-PUsqIzurbmSfEPJUzAMaJYa_a9rWgZuos", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-win-amd64-whl", + "id": "15861179188", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 226622, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QyCmpgP-QIJPDJn8Pp3ulE2jjByEGHo1HDW_t6i5-tO8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QOFvFR1oCmK_Ho9IftTCjjWsrWYN-jKeuaKIXJ1k2SIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QOFvFR1oCmK_Ho9IftTCjjWsrWYN-jKeuaKIXJ1k2SIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qv_WZSdKLF0EPKR9z9B9wC5spwO7hFAhjj7w5FO0W57E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp37-win_amd64.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QOFvFR1oCmK_Ho9IftTCjjWsrWYN-jKeuaKIXJ1k2SIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QV2ErkGcbxf3nw-DOSPASZVqiPSjtz1mXapOwmfWQnNM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QV2ErkGcbxf3nw-DOSPASZVqiPSjtz1mXapOwmfWQnNM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp37-cp37m-win32-whl", + "id": "15861179189", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 220981, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QVEncUtTyso1r0AJYXh-JRsiKhdvOEgaR93MBJLSM7wM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp37-win32.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QJEI5asFuhcTUe5HnEKzgCF2X6JB5iwJGoW9h_BVx_fk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJEI5asFuhcTUe5HnEKzgCF2X6JB5iwJGoW9h_BVx_fk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJEI5asFuhcTUe5HnEKzgCF2X6JB5iwJGoW9h_BVx_fk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qz41Qqf4OirGbnNEdVDw8BRhfcE4GWFh8ged4g3U7_YQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QnYCE4cOR-1uLz8r_dF4aUNPN_KgOGglfN6CH-qwY-Uk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qz41Qqf4OirGbnNEdVDw8BRhfcE4GWFh8ged4g3U7_YQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-macosx-10-9-universal2-whl", + "id": "15861179190", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 306898, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QCIXnH6mIslTAmsL2ndH87ASAooyFr6XFY6XnFOd7iD0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QCIXnH6mIslTAmsL2ndH87ASAooyFr6XFY6XnFOd7iD0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q8UX9pzpH-11wwAND5n0AJm52VcFhQh0gzeKVX49L8vE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qy5VGE0IFDQ2AAwSWxIRAM8aLgVQC4xPj4o5fkdK_e-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-darwin.so" + } + }, + { + "key": "Q8UX9pzpH-11wwAND5n0AJm52VcFhQh0gzeKVX49L8vE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QmHpIKB86_3YmuxlY3PIXRa4uSe4cnY0GzK6AUsMc854", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QCIXnH6mIslTAmsL2ndH87ASAooyFr6XFY6XnFOd7iD0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-macosx-10-9-x86-64-whl", + "id": "15861179191", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 225197, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Ql5UGeyRxcF9MFMwUbI8hOHzwTBg2tpbHukWPGe4Y_5U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qmr5r3UpeoDpuQDBJuepBlxe9r9FdBrQIWcdVuUFq10U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qy5VGE0IFDQ2AAwSWxIRAM8aLgVQC4xPj4o5fkdK_e-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-darwin.so" + } + }, + { + "key": "QJiUI1orcInVWgetfAabl4-Q0Pt51Fj-9JwofR_IOpw0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJiUI1orcInVWgetfAabl4-Q0Pt51Fj-9JwofR_IOpw0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QJiUI1orcInVWgetfAabl4-Q0Pt51Fj-9JwofR_IOpw0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Ql5UGeyRxcF9MFMwUbI8hOHzwTBg2tpbHukWPGe4Y_5U", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-macosx-11-0-arm64-whl", + "id": "15861179192", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 257756, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QSWWCy3uPLH7Q4aeXgMDSsqiF46TFlJ75rKmf4UkpiIU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QkpP-9UgzZc1Mmp5h7NnpLYXME8RfYSJhrqbUrBRXYqE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QSWWCy3uPLH7Q4aeXgMDSsqiF46TFlJ75rKmf4UkpiIU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qy5VGE0IFDQ2AAwSWxIRAM8aLgVQC4xPj4o5fkdK_e-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-darwin.so" + } + }, + { + "key": "QkpP-9UgzZc1Mmp5h7NnpLYXME8RfYSJhrqbUrBRXYqE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSWWCy3uPLH7Q4aeXgMDSsqiF46TFlJ75rKmf4UkpiIU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q4aWDmBZqto4TkbEK37abYysLHWPctBQH6t2M_J7-Wf4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861179193", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 452370, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QnV8IBdpRiv8594WYxvwAxpcOYQ5kzRrew6a7x_gXQhY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QHtxOz3YvNTolSMPmJplBqD0oNzphxSNFRNbACJDYCtw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "Qx2QoYumTQz98lF72S6OlSFNoE1R9Ur_b8qMvbfXg9sI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qx2QoYumTQz98lF72S6OlSFNoE1R9Ur_b8qMvbfXg9sI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qx2QoYumTQz98lF72S6OlSFNoE1R9Ur_b8qMvbfXg9sI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QnV8IBdpRiv8594WYxvwAxpcOYQ5kzRrew6a7x_gXQhY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QvgegVti0zuYpk3jn9D5S7kIu2LlKin304-zT0-C-PZk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861179194", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 474030, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QP6ZWXWrHncF5tyX3FVhUyJF9hIn2mFt2rxOdHHjFaMQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QjZAsofKYUjdcseDUKV6aoLw9Wht2pS4lI0F_U_pOQXU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaSHCC9VG6ZNt9zZJpGLFsIO6w57V8bungE8ljaSaHqE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QP6ZWXWrHncF5tyX3FVhUyJF9hIn2mFt2rxOdHHjFaMQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QP6ZWXWrHncF5tyX3FVhUyJF9hIn2mFt2rxOdHHjFaMQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qt91gRm9dOX33X6HpJ0n91qS887eoXK87HK1rKwjPbKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QaSHCC9VG6ZNt9zZJpGLFsIO6w57V8bungE8ljaSaHqE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861179195", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 372342, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q9XUnSyRxoG9SsD05N4jx7Xj0jrqDfqpwQoCcCvheUo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QSNox6ahKUacFaJLyyaHLE67_Ya90zY3Jm3q5q42u7rY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QNRk_2pVuSVGzsAAsJ2_DqWoZFYAMRKwlasS52aX9G6g", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSNox6ahKUacFaJLyyaHLE67_Ya90zY3Jm3q5q42u7rY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qr8vaPklUbfuOT1txDs-FWpuJ-igiXMW-FmjbteIntEk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qr8vaPklUbfuOT1txDs-FWpuJ-igiXMW-FmjbteIntEk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Qr8vaPklUbfuOT1txDs-FWpuJ-igiXMW-FmjbteIntEk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179196", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 429932, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QaOJ3YE3UIQy7k0aUipaEjNjLjFUh418sk0pVdVEnrLk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QZMH-zr-v_fFekwLh6dei3nF4JSBY2R6gjNlRIncqbjQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QXZ0cXXe-_MhB5t7PXnN-SomrcWRFG7EToEgUhfw4Ks8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QZMH-zr-v_fFekwLh6dei3nF4JSBY2R6gjNlRIncqbjQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QvUmIm2wbpOnXq6pHM3HKSSKdOzM8n_xqbxoL48vzsxQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaOJ3YE3UIQy7k0aUipaEjNjLjFUh418sk0pVdVEnrLk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QaOJ3YE3UIQy7k0aUipaEjNjLjFUh418sk0pVdVEnrLk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-musllinux-1-2-aarch64-whl", + "id": "15861179197", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 389228, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QVSZLW3c6UWst5H77airsE9gOa9oDRkO_UMSDuiKbFoY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QoQHczp6qcbtLZwNHsHB2-hwuPQm68vifk3e-TPIqyuI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QWrW_I6Mbe-7yEFULvx1M5XYfjbxaPoO0vLUKEpGT8Ps", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QHtxOz3YvNTolSMPmJplBqD0oNzphxSNFRNbACJDYCtw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QWrW_I6Mbe-7yEFULvx1M5XYfjbxaPoO0vLUKEpGT8Ps", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QoQHczp6qcbtLZwNHsHB2-hwuPQm68vifk3e-TPIqyuI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QWrW_I6Mbe-7yEFULvx1M5XYfjbxaPoO0vLUKEpGT8Ps", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-musllinux-1-2-i686-whl", + "id": "15861179198", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 365910, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QObuE-XxARrp0zHlJyBO6Kk3NT2bff7n4mcSznfFBdP4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QObuE-XxARrp0zHlJyBO6Kk3NT2bff7n4mcSznfFBdP4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QmOMzlDV1MPasI6gHt1qc2ccBgJ9Toy-I9-_f-SuvzXw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDI-JnIGRqlYUAI9UTIPXD7xlAGfC35xcYmpvqn7PYHg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q9XUnSyRxoG9SsD05N4jx7Xj0jrqDfqpwQoCcCvheUo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-i386-linux-gnu.so" + } + }, + { + "key": "QDI-JnIGRqlYUAI9UTIPXD7xlAGfC35xcYmpvqn7PYHg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDI-JnIGRqlYUAI9UTIPXD7xlAGfC35xcYmpvqn7PYHg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-musllinux-1-2-ppc64le-whl", + "id": "15861179199", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 406392, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q-kBleFZy8EPbpQ2eXepnovCTUF510AchVo9cYhA4rqk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qx6vpdzwow60h-93kQGHd0ExqCBDhJDIXW7_iTjwfZZg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q90b_sxMeXJRiDhzGXHglzhBLUc4ZBl28aImF668tCl8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qt91gRm9dOX33X6HpJ0n91qS887eoXK87HK1rKwjPbKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qx6vpdzwow60h-93kQGHd0ExqCBDhJDIXW7_iTjwfZZg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q90b_sxMeXJRiDhzGXHglzhBLUc4ZBl28aImF668tCl8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q90b_sxMeXJRiDhzGXHglzhBLUc4ZBl28aImF668tCl8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-musllinux-1-2-x86-64-whl", + "id": "15861179200", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 374794, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QFgCBf28XXPjQ0S6eiO4tKBsGl0Wr3dK4NzQ0qpdVI-I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q5hEVklbzp_dFQWZn3FfA5pOVBKuLaJIu0XXCih7N_uA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q5hEVklbzp_dFQWZn3FfA5pOVBKuLaJIu0XXCih7N_uA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QrxWvFKj1kILWwfVSY5tEyEXZT9HSZyb2d23ykohfKyk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QrxWvFKj1kILWwfVSY5tEyEXZT9HSZyb2d23ykohfKyk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QrxWvFKj1kILWwfVSY5tEyEXZT9HSZyb2d23ykohfKyk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QXZ0cXXe-_MhB5t7PXnN-SomrcWRFG7EToEgUhfw4Ks8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-38-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-win-amd64-whl", + "id": "15861179201", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 227131, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QD-QEDudcD77w3ekf3BaruscPhcQUtths2q96_Fo7BT8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp38-win_amd64.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Qlc0tsiXvQKq7umEkW4MlO9eoG7MpwYgqkHoROtSc8-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QDZYctxz256qF_X94TpvYgjiX-t0bmR6FbbCorVqws64", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qlc0tsiXvQKq7umEkW4MlO9eoG7MpwYgqkHoROtSc8-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QzKwqaO1nxK6aWRfM5Tv5O1-nE7J4_SEsl9WqIOoLZsk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QzKwqaO1nxK6aWRfM5Tv5O1-nE7J4_SEsl9WqIOoLZsk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QzKwqaO1nxK6aWRfM5Tv5O1-nE7J4_SEsl9WqIOoLZsk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp38-cp38-win32-whl", + "id": "15861179202", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 221491, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q76xjGrUg8PFLi3Wqryx5pn2sSEt0swyhl6JiK8u09us", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp38-win32.pyd" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QNkFSOXC8tYnRXGwQKqLsnqeSuL5Ka08pd7AmJ85WUUA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QNkFSOXC8tYnRXGwQKqLsnqeSuL5Ka08pd7AmJ85WUUA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QNkFSOXC8tYnRXGwQKqLsnqeSuL5Ka08pd7AmJ85WUUA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QDy6vOo_L5LxCRN4xVWvEadkLK1Us9P1JvFwM815NNnk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QhXV81mzIz_S7InyH9eIIGtuCkorYmrSFKws-eB-O69s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QDy6vOo_L5LxCRN4xVWvEadkLK1Us9P1JvFwM815NNnk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-macosx-10-9-universal2-whl", + "id": "15861179203", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 307586, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QGmmJ_bXqwOzW5Fzx4z01aiDA3KuxAPlQpJSA0l06fvI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QGmmJ_bXqwOzW5Fzx4z01aiDA3KuxAPlQpJSA0l06fvI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Qd77Vd8WgsXnsGUpYXaDM7TlIdCi8WsxDX6K6nftDYsU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QSaR5tZbslI2ZHVv8uare9l6LwPJ7AzKWyZoC1N7TsuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QGmmJ_bXqwOzW5Fzx4z01aiDA3KuxAPlQpJSA0l06fvI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qd77Vd8WgsXnsGUpYXaDM7TlIdCi8WsxDX6K6nftDYsU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QHdZhRtW2yakiUmnUH_2R3J5UFYv_e64Wx2UtWeAV9_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-macosx-10-9-x86-64-whl", + "id": "15861179204", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 225877, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QYGNQODpreuS05Fx3HymADNOYx7Fi-WkoJnB2DvIKclI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q62w05hULEOQiO2WExZ_mL7Uus96k_y6SgB-zCruCk58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QufQmTcZ75xEzzYOAEFDL6VhJCBJYfTNvpdGmFGBa-Uo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QufQmTcZ75xEzzYOAEFDL6VhJCBJYfTNvpdGmFGBa-Uo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QHdZhRtW2yakiUmnUH_2R3J5UFYv_e64Wx2UtWeAV9_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-darwin.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q62w05hULEOQiO2WExZ_mL7Uus96k_y6SgB-zCruCk58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QufQmTcZ75xEzzYOAEFDL6VhJCBJYfTNvpdGmFGBa-Uo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-macosx-11-0-arm64-whl", + "id": "15861179205", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 258444, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QHdZhRtW2yakiUmnUH_2R3J5UFYv_e64Wx2UtWeAV9_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-darwin.so" + } + }, + { + "key": "QY6fwWth-TsRkllo-qRqijPX4ptVTQJF89mA00H_Z_iI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QTQxrnVG0SlXLfyWlcAF0RLfd4_4p2NZS6S3LWlNm_a8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QTQxrnVG0SlXLfyWlcAF0RLfd4_4p2NZS6S3LWlNm_a8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QTc4JkiS5maMdop26HE1TpXSgoEIEBmsigXXnApHanvs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QTc4JkiS5maMdop26HE1TpXSgoEIEBmsigXXnApHanvs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QTc4JkiS5maMdop26HE1TpXSgoEIEBmsigXXnApHanvs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15861179206", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 455290, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QYR4ag_emax1wLiUH4U0QYSXHVhI4gOwFi3GyaO20Ph4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QJbZGTxjN295vNsuahD5oTv6Yt8p-vmq1P3ZwyhgeShw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QYR4ag_emax1wLiUH4U0QYSXHVhI4gOwFi3GyaO20Ph4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q-7j5gkzQzaYPi6GMpiKMdcVscJw5xg7QyheVzsG-qHQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QYR4ag_emax1wLiUH4U0QYSXHVhI4gOwFi3GyaO20Ph4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q-7j5gkzQzaYPi6GMpiKMdcVscJw5xg7QyheVzsG-qHQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QaUFxsbNFPC1aIwAaRlc-USJ_o--bX1iSemyA1zKEics", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15861179207", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 471406, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QxpJ5QJ8olkAhXJDSH71nV-rQS7AMoy3Ofe6Yv4W7Qfw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QnEuJsJduUaK5KKX6ujtzlNacs3aiRR9WjlkKEhLS4v4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QPNb_A5ivrEXzxyi7Snqxh117ULLEWWIPSDS9dx2IA1A", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QnEuJsJduUaK5KKX6ujtzlNacs3aiRR9WjlkKEhLS4v4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QxpJ5QJ8olkAhXJDSH71nV-rQS7AMoy3Ofe6Yv4W7Qfw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QxpJ5QJ8olkAhXJDSH71nV-rQS7AMoy3Ofe6Yv4W7Qfw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q66U3T3W87ZOyK0UMR2mceK8aj7HPAWjwrWGiBShUEjo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15861179208", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 370674, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q_67WqKPxBqIyoN6R_-2uPdxXnlYqc2V4bfNSKmskYEk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QjcYIVdpGxfS7HuNehwQ33VZ7EkpIrbFLBnmj05Rjytg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Qw_fIwe_0zxRmOzDrKCqTX3MyEcavMkuwV57gLQPib4E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QjcYIVdpGxfS7HuNehwQ33VZ7EkpIrbFLBnmj05Rjytg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_bbUPEybu9AV4pZssljusj5FMUF9K4Op9jEXNBfTg4Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_67WqKPxBqIyoN6R_-2uPdxXnlYqc2V4bfNSKmskYEk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q_67WqKPxBqIyoN6R_-2uPdxXnlYqc2V4bfNSKmskYEk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15861179209", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 428068, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q-RxTCNthEjWWb5c5EDNhbR-dysEXAMZDEIE0ka609uc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QCSyZSwkCg3Q7N1FM4mNtPRcOMq2TxkHWlWwsQxFIvCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QwAORK6nV9r10Q3q2bh7NxolL7F_CI4ruTJUrMT9G5Aw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-RxTCNthEjWWb5c5EDNhbR-dysEXAMZDEIE0ka609uc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q-RxTCNthEjWWb5c5EDNhbR-dysEXAMZDEIE0ka609uc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QCSyZSwkCg3Q7N1FM4mNtPRcOMq2TxkHWlWwsQxFIvCQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QkGIQsH4bR4SH7xjatklUWKILkHfFVYG7017Ca-ZRpys", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-musllinux-1-2-aarch64-whl", + "id": "15861179210", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 393124, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q_piIk3iT9_g7HWtUHtncQj5vNiSe2OvocHKEExk7BE8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q_piIk3iT9_g7HWtUHtncQj5vNiSe2OvocHKEExk7BE8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJbZGTxjN295vNsuahD5oTv6Yt8p-vmq1P3ZwyhgeShw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q4dzhzXKFbXdUWHUB1EY6QUwhvzH7R2eTbJGCWOhuvfQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q_HkqENJkQ7Yt4WMhegDeX4kRutcg2WjRXDWKZ9yFs0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q4dzhzXKFbXdUWHUB1EY6QUwhvzH7R2eTbJGCWOhuvfQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q_piIk3iT9_g7HWtUHtncQj5vNiSe2OvocHKEExk7BE8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-musllinux-1-2-i686-whl", + "id": "15861179211", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 369970, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QdiWd4Qz7mJn3z7Iw1wY2B9KUtSHjgZeqlmifjALvgVA", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QjORCHnznhzX81HQrAq9HWUk5NsAIGGofOhdJO9-DRf4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qw_fIwe_0zxRmOzDrKCqTX3MyEcavMkuwV57gLQPib4E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QjORCHnznhzX81HQrAq9HWUk5NsAIGGofOhdJO9-DRf4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "Q2wsYBkXQmaJ6zg8E9yYeZvUFszRv43Wk4B19At9Fbw4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "Q2wsYBkXQmaJ6zg8E9yYeZvUFszRv43Wk4B19At9Fbw4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "Q2wsYBkXQmaJ6zg8E9yYeZvUFszRv43Wk4B19At9Fbw4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-musllinux-1-2-ppc64le-whl", + "id": "15861179212", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 406784, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "QqbKFVQomBkVkGjluAe1KAyAitJKFZiXhrJNT0CPZkeY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "Qmv0cnRahnEZeaeQReOZ3r1ZXen8rCTEUNkQbgYreFqA", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q66U3T3W87ZOyK0UMR2mceK8aj7HPAWjwrWGiBShUEjo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QDDqM3yBVbHfaCzaQH30r8w1ymId_PQS90JiSFVaU2Zw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QqbKFVQomBkVkGjluAe1KAyAitJKFZiXhrJNT0CPZkeY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QDDqM3yBVbHfaCzaQH30r8w1ymId_PQS90JiSFVaU2Zw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QqbKFVQomBkVkGjluAe1KAyAitJKFZiXhrJNT0CPZkeY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-musllinux-1-2-x86-64-whl", + "id": "15861179213", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-1.1 AND AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 377810, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QJ_UtZLQCoYWSBNNObfiJ4DBlSVFRpuPd2bXMOvwVtxk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QbrhvRTah_KRAPnHVuIZD_rh-kBxP3jW2wZcWhFTlPpk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qr7130Oj2fHKrTJ9u-d8EfDIPEiXG5buru4k5iheHJiU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qr7130Oj2fHKrTJ9u-d8EfDIPEiXG5buru4k5iheHJiU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QJ_UtZLQCoYWSBNNObfiJ4DBlSVFRpuPd2bXMOvwVtxk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QJ_UtZLQCoYWSBNNObfiJ4DBlSVFRpuPd2bXMOvwVtxk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QwAORK6nV9r10Q3q2bh7NxolL7F_CI4ruTJUrMT9G5Aw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cpython-39-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-win-amd64-whl", + "id": "15861179214", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 227131, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Qpmwvg0oLmMRNDKTFQ_9kIMSBxXT1iiLpwvuOJvUmsvM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QV56H8efyY4xvDF2ES-o9ncsyXH8WTE3jqFVvnX88REk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "Qpmwvg0oLmMRNDKTFQ_9kIMSBxXT1iiLpwvuOJvUmsvM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QPH5Q9kZLRNJ1iYL4yZ_JJce4Vp9xtkwvoKD_jWysOUU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QPH5Q9kZLRNJ1iYL4yZ_JJce4Vp9xtkwvoKD_jWysOUU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QDuJnFrGk9u6s-3wkP0yOnurWo9yDxF0WABfCrJD3fX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp39-win_amd64.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "QPH5Q9kZLRNJ1iYL4yZ_JJce4Vp9xtkwvoKD_jWysOUU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + } + ] + }, + { + "type": "pypi", + "name": "simplejson", + "version": "3.19.3", + "release": "cp39-cp39-win32-whl", + "id": "15861179215", + "topLevelAncestors": [ + "15921473454" + ], + "license": "AFL-2.1 AND MIT", + "licenseDetails": [], + "author": [ + "bob", + "florentaide", + "quodt" + ], + "size": 220979, + "score": { + "supplyChain": 0.81, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.81 + }, + "alerts": [ + { + "key": "Q2XVNLH8jPluj_Rru9ER1S5zeZsF4Evmfg9eV3Q9_n74", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "simplejson/_speedups.cp39-win32.pyd" + } + }, + { + "key": "Qe5WEcgUjjxn3Y9HRFvhs7zGfWvFiUa67OUwe7d0S_0M", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Academic Free License (AFL)", + "filepathOrProvenance": "simplejson-3.19.3.dist-info/METADATA" + } + }, + { + "key": "Q7TJ7GqQndH5jHka7BpEKgh7uzR7fWhWX0z_jJ7uWqmk", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "simplejson-3.19.3.dist-info/LICENSE.txt" + } + }, + { + "key": "QHxPCbwNBMLTFnUCEU4SjpB3a6SQF6eibjI8GL89UuOc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_decode.py" + }, + { + "key": "QHxPCbwNBMLTFnUCEU4SjpB3a6SQF6eibjI8GL89UuOc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_fail.py" + }, + { + "key": "QHxPCbwNBMLTFnUCEU4SjpB3a6SQF6eibjI8GL89UuOc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_unicode.py" + }, + { + "key": "QjZwyNIVU6Qij1u9M55FggnBcoGKzNem0hU8kbInmDFw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tool.py" + }, + { + "key": "QjZwyNIVU6Qij1u9M55FggnBcoGKzNem0hU8kbInmDFw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + }, + { + "key": "QI33t9srjZY9D53sBUvjUiJWChMFwncCLbz61hy0kvWI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "simplejson/tests/test_tool.py" + } + ] + }, + { + "type": "pypi", + "name": "markdown", + "version": "3.7", + "release": "tar-gz", + "id": "15864918404", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "facelessuser", + "qaramazov", + "waylan" + ], + "size": 1786020, + "score": { + "supplyChain": 0.87, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.87 + }, + "alerts": [ + { + "key": "QLMkXm4XeJSSC6oTzORkztPJHM3U4C_KgDcpEZEzB-FM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "markdown-3.7/tests/test_syntax/extensions/test_code_hilite.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZD9IQq9mMW4CaVCJfPRhko-AHimt4awRiSr8orY61E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "markdown-3.7/scripts/griffe_extensions.py" + }, + { + "key": "QHPY0c7FoMumo0m3uZKKm5e6H3dSUlb6m2g7gemVxyms", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "markdown-3.7/tests/test_apis.py" + }, + { + "key": "QHPY0c7FoMumo0m3uZKKm5e6H3dSUlb6m2g7gemVxyms", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "markdown-3.7/tests/test_syntax/blocks/test_headers.py" + }, + { + "key": "QOn1dpvusEpSb1t0oshawImGl5yw_qzU9SvlpigVd8EU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "markdown-3.7/docs/favicon.ico" + } + }, + { + "key": "QHPY0c7FoMumo0m3uZKKm5e6H3dSUlb6m2g7gemVxyms", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "markdown-3.7/markdown/test_tools.py" + }, + { + "key": "QLMkXm4XeJSSC6oTzORkztPJHM3U4C_KgDcpEZEzB-FM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "markdown-3.7/tests/test_syntax/extensions/test_fenced_code.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "markdown", + "version": "3.7", + "release": "py3-none-any-whl", + "id": "15864918405", + "topLevelAncestors": [ + "15921473454" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "facelessuser", + "qaramazov", + "waylan" + ], + "size": 323679, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "QWGyz2AHaOwRFuRHrC1xYrAr1LaHIJkQ9wIEiNmBr1qY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "markdown/test_tools.py" + } + ] + }, + { + "type": "pypi", + "name": "pytz", + "version": "2024.2", + "release": "tar-gz", + "id": "15887362628", + "topLevelAncestors": [ + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "stub" + ], + "size": 1057405, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "Q5n7CX2BWk4l-0uSxsR8zyaucZngZTmCG8P6NnjAD-ok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/WET" + } + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz-2024.2/setup.py" + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz-2024.2/pytz/tzfile.py" + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz-2024.2/pytz/tests/test_docs.py" + }, + { + "key": "QRhUn4ZwSR-PqpZLcLs5Hy289lEbVBGwG1adZSnFSDCc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz-2024.2/pytz/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QR8M5qLmq9aZ6nDJrpPnNDlLSA0DeyGVwPW0rKrzx8uU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz-2024.2/pytz/__init__.py" + }, + { + "key": "Qxude3eyvSApoIz6tWaq8AM8AonT9Uh3WMG1lqEVC9Us", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Atlantic/Madeira" + } + }, + { + "key": "QXRlrNsTSu4Kej--ht4c6CqQuSO1miHzDHEUDEprr9UQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Europe/Lisbon" + } + }, + { + "key": "QxQNKWyiHZ0vcRswhvwG4Qn1zthjprue89VRS3odTL4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Maputo" + } + }, + { + "key": "Qwuwg3WGcigoraQeJCAr1zmP-UKrlugfmgYwdK38j_2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Atlantic/Azores" + } + }, + { + "key": "QwshVaEp5KPlCTHYYthZGuf3E7F-cM0-Cc81z70XuH7Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Lubumbashi" + } + }, + { + "key": "QVEQVH2wigTViYgrIAkgMslkDsAJPpOFev3eSuybm_hM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Hermosillo" + } + }, + { + "key": "QUSzHcmezkfDDl89SoPyF4XS8zc61YbRqvARQBs0wO0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Lusaka" + } + }, + { + "key": "QtOPxebS7mZDD-6jAIlMRrfxP_2nK2AdaeQh3Kw8xuNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Monterrey" + } + }, + { + "key": "QTa3OXowibYcJCOB3ziASlF8_vdPYSs0ZQ5R2bvrqntI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Bahia_Banderas" + } + }, + { + "key": "Qt58mCnWe4pLm4qlvYWvlcI6BED9hRL4RBt7us13UBZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Blantyre" + } + }, + { + "key": "QS7GdU4um1InC7E5YmT4b17GMGEp2vDx8Il0ljCCLC1c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Portugal" + } + }, + { + "key": "QqkgM3R5w5LF0zj-LdfX8_gqyIbSxzVyEQpZsFI_3Tdg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Merida" + } + }, + { + "key": "QPRNqWpP-9U7dkNrgYmyz5FVrYDNX35IEEsts_Pa4dDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Ensenada" + } + }, + { + "key": "QP3vBTluvut00BI4NOoJvgoxySICg_JchdFuNWN2czcY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Chihuahua" + } + }, + { + "key": "QoMLOVUqGFOnWXyBX7BRJcDcM21RHbuqEFwhDVe4UXJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Tijuana" + } + }, + { + "key": "QoBe3OA8PMj0CmQRb0BUPZNEmDeupGoeXux74CUBwEG0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Gaborone" + } + }, + { + "key": "QMXTKIyMoiveLaKkCl6ktAQmBXyVVTXLqtoy1n7Omvjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Cancun" + } + }, + { + "key": "QLPQA7fHEHZVQuDRyyzQR02SuAwOJxWA9M944L1OGLaY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Mexico/BajaNorte" + } + }, + { + "key": "QJamvfYrT5qsXrCfvI_sD65EW_e7M4Ux9rxRRF0dFIt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Harare" + } + }, + { + "key": "QifpgRzNtLmD7vEXcInEEcwYD_Mr96fvdJx1_BRwHGCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Asia/Dili" + } + }, + { + "key": "QHmBfNBY066ivzTD-EJk0k94zDtk49yuEhPR-J-BuFro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Bujumbura" + } + }, + { + "key": "Qe7kf3G56aI0Z2lwJ9KGMSmASLns942rn9WYutojfo8k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Santa_Isabel" + } + }, + { + "key": "QDdtdIx12tdMh_iI7AJaTpiR8HqRRnug43IUAiW6QXu8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Ciudad_Juarez" + } + }, + { + "key": "Qcqy6SqD2T1U2Yh-_z4dcr9Vnb66VufxnInckNpEXnTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Mazatlan" + } + }, + { + "key": "QAE_iqP6IJRlenvxKiVSbuoHa8cvGt9lBUooWumrqn5s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Mexico/General" + } + }, + { + "key": "Q9LiJ5eMyZU1_9ogG6CZDj0m_GxEuPujjcDs1ZgHqc74", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Mexico_City" + } + }, + { + "key": "Q8aI_Nki-TIrC3vUchRC6z9nFPes8aHBn-Iw345ZPL5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Africa/Kigali" + } + }, + { + "key": "Q5QVJ_lTFKvtp0cb9r9BNk-D4dpVJO-uKInWn8T3Jl7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/America/Ojinaga" + } + }, + { + "key": "Q-uhGHE5PUbSWbaD-rCQ83YY7kVyeMeq9QCb10hMnlvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz-2024.2/pytz/zoneinfo/Mexico/BajaSur" + } + } + ] + }, + { + "type": "pypi", + "name": "pytz", + "version": "2024.2", + "release": "py2-py3-none-any-whl", + "id": "15887362629", + "topLevelAncestors": [ + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "stub" + ], + "size": 1007094, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QCHabsO8IlR86gEx9Ibf8cltlFPKApk5sNvCX2dgSAvU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOqMpKmvs6Qj2kaXl-f-IhsHSR9UiZBVOsPJHzoNd-ec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Merida" + } + }, + { + "key": "QsBmxqkaOCf6lDHgGEJ6bB1RN9ozoCHh1K_x_Oez0olk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Maputo" + } + }, + { + "key": "QtUEKTkq3Zw2v75vvNOu55zaIKeJF64bw7JqpdH6hkx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Cancun" + } + }, + { + "key": "QW1wf0wgytLFeR5M4MK66qwYpMGwI2BLxmGpGPOCHjSk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Bujumbura" + } + }, + { + "key": "QXjKXkZ4O2gTBIDBo-Y381ndvKvCexA93DvDyfuQ_qSg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Atlantic/Azores" + } + }, + { + "key": "QXmcfZKSFXItk1yiQAg15QEAuZ6AxD9vUwWNLoNjVFlM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Lusaka" + } + }, + { + "key": "QYZ69zmu8MhQTVX4CSGDCwgYU91BPaTDCXpDh74PMf5I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Mexico/General" + } + }, + { + "key": "QL9zueFdZvuIRhuZf3xG9fbA5XfvRM-m9rO7FvqiiJPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz/tzfile.py" + }, + { + "key": "QL9zueFdZvuIRhuZf3xG9fbA5XfvRM-m9rO7FvqiiJPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytz/__init__.py" + }, + { + "key": "Q-74e-V54skJJ9jMBcgYspjxc8caRKbCY8Xu-wjXRyFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Bahia_Banderas" + } + }, + { + "key": "Q0nWQkwDjI-qMqtO_n1Fn86RHCQ4U9lHxhir8kNNW7o4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Mexico_City" + } + }, + { + "key": "Q0wMJsQgwcxep1u-ygGt7oaf3VNCFUmbgp59g2GeQPGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Mexico/BajaSur" + } + }, + { + "key": "Q0ZQeYEyT69gjp1sKbcdNEb6B5EyAQYY2tcYGZH47rc0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Ensenada" + } + }, + { + "key": "Q3Sr4MlQRIb_RV4aAYqrApKCwM_LOOi-s4-N8U-8znKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Ciudad_Juarez" + } + }, + { + "key": "Q5LjrpI50qSGlH6zKx7LebpJ1CPnJUZL6MgAEkw55E48", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Europe/Lisbon" + } + }, + { + "key": "Q7itDm415anvyciW07KLL50tXMb9ncC6eEC-xo475JuY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Monterrey" + } + }, + { + "key": "Q9_Q-dvX8eOH0VnMgY2ENsGYY-1WU04zWAumDO3prdWY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Chihuahua" + } + }, + { + "key": "Qcjbcwyx7-WwG5PKd8JhaR2VsRxVBV5Xg4caoCgs2ues", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Asia/Dili" + } + }, + { + "key": "QcmhVITUkRPrhuee_yYPYnqw72BjTUEEYHUfpoQbZOE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Ojinaga" + } + }, + { + "key": "QDcnb3-0lgOyWVwxqTPUHM6JfmPkzFhrQQCjXzywiyrg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Harare" + } + }, + { + "key": "QDCqEoN6c33-VPtje4ppugPII9ewyGtL9KkGr-lgl3ok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Kigali" + } + }, + { + "key": "QdxvfqabC2OM6alOjugT8B7BEIdKKhQfj4corCYwI08w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Santa_Isabel" + } + }, + { + "key": "QeboHwEyjlHcMKkp5yPraufJFFj-aUwTY-hYn-hreXkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Gaborone" + } + }, + { + "key": "QEOGm67lx3wN6VUKMcq_TMba_vViMd6jZVoyNI1VVVy8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Portugal" + } + }, + { + "key": "Qeqf9MNYKlZLXJMPYRAMcT-Y0vPGB1HrMFjLnHt-9TNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Tijuana" + } + }, + { + "key": "QeyuAFApDjg78SXLgRwr-RnLz2S6FTK2vHZo2vxK4sns", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Blantyre" + } + }, + { + "key": "QGoGF-2IYJo4pS_p0aR4ckLLaez6o64of60u1qewY9S0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Atlantic/Madeira" + } + }, + { + "key": "QieQjRGAiuC14pW5TfjtVopiycpwvL1TEsqmzOQHGFNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Mexico/BajaNorte" + } + }, + { + "key": "QmFMaAahiXR1TAJya8YGi7w_bTgAd0iuLQtKpAm6g-68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Mazatlan" + } + }, + { + "key": "QmpV_6aqJ87y-SIlYA9zH5h6L6FKwL6w3_-P3RTxoLjo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/WET" + } + }, + { + "key": "QnvVZIQkFFA36HuVBJ3SUdRvbVXM_r6SX8_uPUkOnYNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/America/Hermosillo" + } + }, + { + "key": "QOe64R69J3nuNoFNPUT96_xD6JUE6uDO56w12aRcMsfI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "pytz/zoneinfo/Africa/Lubumbashi" + } + } + ] + }, + { + "type": "pypi", + "name": "sphinx-lint", + "version": "1.0.0", + "release": "tar-gz", + "id": "15887609471", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "PSF-2.0", + "licenseDetails": [], + "author": [ + "ezio.melotti", + "hugovk", + "JulienPalard" + ], + "size": 107555, + "score": { + "supplyChain": 0.94, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.94 + }, + "alerts": [ + { + "key": "QeHuG_SPAdX3PNXFMHjoCxbYqCwKCcJ1FbkDazfKnJD8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx_lint-1.0.0/sphinxlint/checkers.py" + }, + { + "key": "QItp8vAiLS-AHGpFNDms2cz7uOHSJ_gvMBfizG1B5nPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx_lint-1.0.0/sphinxlint/sphinxlint.py" + }, + { + "key": "QItp8vAiLS-AHGpFNDms2cz7uOHSJ_gvMBfizG1B5nPA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx_lint-1.0.0/tests/test_sphinxlint.py" + } + ] + }, + { + "type": "pypi", + "name": "sphinx-lint", + "version": "1.0.0", + "release": "py3-none-any-whl", + "id": "15887609472", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "PSF-2.0", + "licenseDetails": [], + "author": [ + "ezio.melotti", + "hugovk", + "JulienPalard" + ], + "size": 56732, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "QFGsN8T31iPxcMBCFU03w0yuf1cE4lnZ4QTXckjbLomI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinxlint/sphinxlint.py" + }, + { + "key": "QtcQIQ6QignwWkxY34dfUuqZUxwdTF1QADvaWKsrw5TU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinxlint/checkers.py" + } + ] + }, + { + "type": "pypi", + "name": "types-docutils", + "version": "0.21.0.20241005", + "release": "tar-gz", + "id": "15897470441", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "typeshed_bot" + ], + "size": 84455, + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.99 + }, + "alerts": [ + { + "key": "QYRN9fgKexgkDL6FxdQhac--U4LfyH2SSdOgCOVUWv-w", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "types-docutils-0.21.0.20241005/types_docutils.egg-info/PKG-INFO" + } + } + ] + }, + { + "type": "pypi", + "name": "types-docutils", + "version": "0.21.0.20241005", + "release": "py3-none-any-whl", + "id": "15897470442", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "typeshed_bot" + ], + "size": 75044, + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "sphinx", + "version": "8.1.3", + "release": "tar-gz", + "id": "15901037714", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "BSD-2-Clause", + "licenseDetails": [], + "author": [ + "AA-Turner", + "tk0miya" + ], + "size": 20662331, + "score": { + "supplyChain": 0.16, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.16 + }, + "alerts": [ + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/_cli/util/colour.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autodoc/directive.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autodoc/importer.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autosummary/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autosummary/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autosummary/generate.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autosummary/generate.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/coverage.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/doctest.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/githubpages.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/githubpages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/graphviz.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/graphviz.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/imgconverter.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/imgmath.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/imgmath.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/inheritance_diagram.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/__init__.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_cli.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_resolve.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_shared.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/intersphinx/_shared.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/mathjax.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/todo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/viewcode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/io.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/jinja2glue.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/locale/et/LC_MESSAGES/sphinx.js" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/locale/lt/LC_MESSAGES/sphinx.js" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/parsers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/pycode/parser.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/roles.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/search/non-minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/testing/fixtures.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/testing/fixtures.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/testing/path.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/testing/path.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/themes/basic/static/doctools.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/themes/basic/static/searchtools.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/themes/bizstyle/static/css3-mediaqueries.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/themes/bizstyle/static/css3-mediaqueries_src.js" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/theming.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/theming.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/transforms/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/transforms/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/transforms/post_transforms/images.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/transforms/post_transforms/images.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/console.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/console.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/docfields.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/docutils.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/docutils.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/docutils.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/exceptions.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/fileutil.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/i18n.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/images.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/inventory.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/inventory.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/nodes.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/osutil.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/png.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/requests.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/tags.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/util/template.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/versioning.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/writers/html5.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/conftest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/js/fixtures/titles/searchindex.js" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/js/jasmine-browser.mjs" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/js/searchtools.spec.js" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/js/searchtools.spec.js" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/roots/test-apidoc-toc/mypackage/main.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/roots/test-ext-imgmockconverter/mocksvgconverter.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_application.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_application.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_epub.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_epub.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_gettext.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_latex.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_linkcheck.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_linkcheck.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_linkcheck.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_builders/test_build_texinfo.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_directives/test_directives_no_typesetting.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_domains/test_domain_py.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_domains/test_domain_py_pyfunction.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_domains/test_domain_std.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_environment/test_environment.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_environment/test_environment.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_environment/test_environment_indexentries.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_environment/test_environment_record_dependencies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_environment/test_environment_toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/autodoc_util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_apidoc.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_autodoc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_imgconverter.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_intersphinx.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_math.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_math.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_extensions/test_ext_viewcode.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_intl/test_catalogs.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_intl/test_intl.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_intl/test_locale.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_markup/test_markup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_pycode/test_pycode_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_quickstart.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_theming/test_theming.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_theming/test_theming.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_transforms/test_transforms_move_module_targets.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_transforms/test_transforms_post_transforms.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_util/test_util.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_util/test_util_i18n.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/test_versioning.py" + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/tests/utils.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/babel_runner.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/babel_runner.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/babel_runner.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/bump_docker.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/bump_version.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/generate_js_fixtures.py" + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/utils/generate_js_fixtures.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/build.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autodoc/directive.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/autodoc/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/ext/apidoc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/events.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/collectors/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/collectors/title.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/collectors/metadata.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/collectors/dependencies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/collectors/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/collectors/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/adapters/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/adapters/indexentries.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/adapters/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/environment/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/std/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/python/_object.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/python/_annotations.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/python/_annotations.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/python/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/math.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/javascript.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/index.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/cpp/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/cpp/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/cpp/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/citation.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/changeset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/c/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/c/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/c/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/_domains_container.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/xml.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/text.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/texinfo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/singlehtml.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOpY8x4p6tTMCJKn853N5BBfCc6Xm97sTXmom9chvoOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/linkcheck.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/latex/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/latex/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/html/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/html/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/gettext.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/gettext.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/epub3.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/changes.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/_epub_base.py", + "props": { + "envVars": "" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/builders/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/application.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/application.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/_cli/util/errors.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/__init__.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/doc/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFdBFEk6HK1nRwGc3uTLcwP7Up5aKP3wRhBfNxhyzTtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sphinx-8.1.3/tests/roots/test-locale/locale1/en/LC_MESSAGES/myext.mo" + } + }, + { + "key": "Q2s8fBgZYpB4kk_A9Dv1I9xFptbI7ODBk7BItUVcVoOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sphinx-8.1.3/tests/roots/test-locale/locale1/et/LC_MESSAGES/myext.mo" + } + }, + { + "key": "Q0DzbsTcAevF3-tdyaJIkEk9xEVJ7lH0aWJqlEpxHpPw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sphinx-8.1.3/tests/roots/test-apidoc-duplicates/fish_licence/halibut.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/domains/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/directives/other.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/directives/code.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/config.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/config.py" + }, + { + "key": "QTdJFQVSHY_K3ozEQdZbbFyNVniTt2RNVoV4Ysmdjeu8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/quickstart.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/quickstart.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/make_mode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXl6z0X-UNYPpcPeEnkPq_pQWvRPP-QuiafV2pW3Vjno", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/make_mode.py" + }, + { + "key": "Q6Nvkj8B06Xx0sjzCEdjdAVaUsRRPWcBxC-Cj_j4RZvQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/make_mode.py" + }, + { + "key": "QvtoXltzPJJikYdjrrpRfLZSAyQpFNkX_oDxOEddbbJc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx-8.1.3/sphinx/cmd/build.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "sphinx", + "version": "8.1.3", + "release": "py3-none-any-whl", + "id": "15901037715", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "BSD-2-Clause", + "licenseDetails": [], + "author": [ + "AA-Turner", + "tk0miya" + ], + "size": 12958131, + "score": { + "supplyChain": 0.21, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.21 + }, + "alerts": [ + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/gettext.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/epub3.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/changes.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/_epub_base.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/application.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/application.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/_cli/util/errors.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/_cli/util/colour.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/__init__.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/themes/bizstyle/static/css3-mediaqueries.js" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/themes/bizstyle/static/css3-mediaqueries_src.js" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/theming.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/theming.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/transforms/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/transforms/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/transforms/post_transforms/images.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/transforms/post_transforms/images.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/console.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/console.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/docfields.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/docutils.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/util/docutils.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/docutils.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/exceptions.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/fileutil.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/i18n.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/themes/basic/static/searchtools.js" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/themes/basic/static/doctools.js" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/testing/path.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/testing/path.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/testing/fixtures.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/testing/fixtures.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/i18n.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/images.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/inventory.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/inventory.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/adapters/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/collectors/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/collectors/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/collectors/dependencies.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/collectors/metadata.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/collectors/title.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/collectors/toctree.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/events.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/apidoc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/autodoc/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/autodoc/directive.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/autodoc/directive.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/autodoc/importer.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/autosummary/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/autosummary/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/autosummary/generate.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/autosummary/generate.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/coverage.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/doctest.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/githubpages.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/githubpages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/graphviz.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/graphviz.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/imgconverter.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/imgmath.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/imgmath.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/inheritance_diagram.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/__init__.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/_cli.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/_load.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/_resolve.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/_shared.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/intersphinx/_shared.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/mathjax.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/todo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/ext/viewcode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/io.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/jinja2glue.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/locale/et/LC_MESSAGES/sphinx.js" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/locale/lt/LC_MESSAGES/sphinx.js" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/parsers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/pycode/parser.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/roles.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/non-minified-js/italian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/non-minified-js/portuguese-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/non-minified-js/romanian-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/search/non-minified-js/spanish-stemmer.js", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/texinfo.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/text.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/xml.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/cmd/build.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/cmd/build.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/cmd/make_mode.py" + }, + { + "key": "QEFbmaReYLOInJak733ee-zSeXREMRA3YJ7b85Nb7fK8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/cmd/make_mode.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/cmd/make_mode.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/cmd/quickstart.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/cmd/quickstart.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/config.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/config.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/directives/code.py" + }, + { + "key": "QRrn8QWO2uchpvtuNjO0g0DpWw5JGLl6kiMtn-wXuLho", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/directives/other.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/_domains_container.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/c/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/c/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/c/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/changeset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/builders/linkcheck.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/citation.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/cpp/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/cpp/_ast.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/cpp/_symbol.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/index.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/javascript.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/math.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/python/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/singlehtml.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/domains/python/_annotations.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/python/_annotations.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/python/_object.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/domains/std/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/adapters/asset.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/environment/adapters/indexentries.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/writers/html5.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/versioning.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/template.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/tags.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/rst.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV-CaaM8SurEwjjv9J-YBrXl2cYqUvNtLpDyDOmRf4fE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sphinx/util/requests.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/png.py" + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/osutil.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/util/nodes.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/latex/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/latex/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/html/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPZ_lpZ2wUJSuMLhSdIPT3gi_irguS9SXZAOjv6c6Jck", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/html/__init__.py" + }, + { + "key": "QWd3h-_umlSkjTrDn2cJogYPfK2zhNezfhVI31bsx75I", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sphinx/builders/gettext.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "tar-gz", + "id": "15904524860", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 15721062, + "score": { + "supplyChain": 0.23, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.23 + }, + "alerts": [ + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/dmypy/client.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_external.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_external.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_commandline.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_commandline.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_cheader.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbBn5ggTmqZpw4wKK3P7DnDDXJ3kSKxUNm_bjy3N5AkU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/lib-rt/setup.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/codegen/emitmodule.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/build.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/__main__.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/util.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testtypes.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/teststubtest.py" + }, + { + "key": "QNwuAZAqKHN5YOhW3JkPgyww2mBliakT6IGyBgca_bRM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/teststubgen.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/teststubgen.py" + }, + { + "key": "QbBn5ggTmqZpw4wKK3P7DnDDXJ3kSKxUNm_bjy3N5AkU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testsolve.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testpythoneval.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testpythoneval.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testpep561.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testpep561.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testoutput.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testmerge.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testfscache.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testdaemon.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testdaemon.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testcmdline.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/testcheck.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/test_ref_info.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/test_find_sources.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/meta/_pytest.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/helpers.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/data.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/stubtest.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/stubgenc.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/stubgen.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/report.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbBn5ggTmqZpw4wKK3P7DnDDXJ3kSKxUNm_bjy3N5AkU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/modulefinder.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/modulefinder.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/modulefinder.py" + }, + { + "key": "QNwuAZAqKHN5YOhW3JkPgyww2mBliakT6IGyBgca_bRM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/metastore.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbBn5ggTmqZpw4wKK3P7DnDDXJ3kSKxUNm_bjy3N5AkU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/main.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/main.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/main.py" + }, + { + "key": "QNwuAZAqKHN5YOhW3JkPgyww2mBliakT6IGyBgca_bRM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/ipc.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/ipc.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/git.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/fscache.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbBn5ggTmqZpw4wKK3P7DnDDXJ3kSKxUNm_bjy3N5AkU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/evalexpr.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/dmypy_server.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/dmypy_server.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/dmypy_os.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/config_parser.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypy/build.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/docs/source/html_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/test-data/unit/plugins/config_data.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/setup.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/setup.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/runtests.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/testutil.py" + }, + { + "key": "Qkg7xGvjeI3y1Aat8TPSdFjTNoNC9nfVrRdVxtpUqYF0", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbBn5ggTmqZpw4wKK3P7DnDDXJ3kSKxUNm_bjy3N5AkU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_run.py" + }, + { + "key": "Qki5DYh4mtTg7y4gR5LV8hC9-5V9NJCliLv4cbJHWGD4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_run.py" + }, + { + "key": "QmWHe4L9iLJxjU5enuIm7tK46x8PZW3EbfG8AinTS6cE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy-1.13.0/mypyc/test/test_run.py" + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "py3-none-any-whl", + "id": "15904524861", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 10542189, + "score": { + "supplyChain": 0.24, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.24 + }, + "alerts": [ + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qhe816EjR2swhf_3-cmuroTMIyxNQSquDcGofvpbDezo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QC-Ozhul78wtTZZUuPd3b7dRyha-LioEkM3Ftt4LQt7k", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qhe816EjR2swhf_3-cmuroTMIyxNQSquDcGofvpbDezo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QC-Ozhul78wtTZZUuPd3b7dRyha-LioEkM3Ftt4LQt7k", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QC-Ozhul78wtTZZUuPd3b7dRyha-LioEkM3Ftt4LQt7k", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qhe816EjR2swhf_3-cmuroTMIyxNQSquDcGofvpbDezo", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QC-Ozhul78wtTZZUuPd3b7dRyha-LioEkM3Ftt4LQt7k", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QC-Ozhul78wtTZZUuPd3b7dRyha-LioEkM3Ftt4LQt7k", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QC-Ozhul78wtTZZUuPd3b7dRyha-LioEkM3Ftt4LQt7k", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QLWJTLjI6nirinoHhvj_vb_W73tVT9oghECwB272gPuM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmHv5KGd5QGOcnf052vym13AMop0070KJrnfX3H7_vgQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QryYW5PqIEejGBxLDZQcPCaEZcEDgBVcrVtAQEggU1FE", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp310-cp310-macosx-10-9-x86-64-whl", + "id": "15904524862", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 35783268, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QorV6JEqOU5FkM7Q-3BkpwKMdqvK-f5IicDPMGY5sRzQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-310-darwin.so" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCS7Be-f2ZUa0Up9KNZqJWaApWPng4kKWL4LBTdlNzE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-310-darwin.so" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q__LKd8JRh0e5wj1vYzs2kx00iAa9g4T_-wQckqzR67Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q__LKd8JRh0e5wj1vYzs2kx00iAa9g4T_-wQckqzR67Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCWLZR4anNbSTdvbPcaenVsixZY-iJw7gP0CRDu9xFQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-310-darwin.so" + } + }, + { + "key": "Qd9uWWIsnCi4ty5GMF4zbrVx2zjIkvceJPIzJ51xje_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-310-darwin.so" + } + }, + { + "key": "Qdclaf5N3BmAcAiYq2iG7A4X1PVl8mcoWqSdsMelMJ68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-310-darwin.so" + } + }, + { + "key": "QdFjNpmWubkMFF-dGkrnBIyesp672_bJ5YkjHHu6Ibzs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-310-darwin.so" + } + }, + { + "key": "QDhgUzRBGbVBXCnc0aZf-Csa4HUm0sehMImo6LwAnwlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-310-darwin.so" + } + }, + { + "key": "QdX5oAXpa-55TNktUP8xkYJfpokwjOpCQdmdxDkE9lbQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-310-darwin.so" + } + }, + { + "key": "QEJDz-elTmf6lKV6aw-d38bqZqrRrAlmGEuKmoJSR-KE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-310-darwin.so" + } + }, + { + "key": "QeOsVgU9AEUs4CopES0VhitRK_WZ00FxoZv8T4qK8jdg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QerJE-6I-TEVV7ckTvugir0lIfDaVT1AlKhq2EV9mbk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-310-darwin.so" + } + }, + { + "key": "QeSf6DP-syysYgoSgyYDlL8c8r5A-ajgFn0Yhlrh2dto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-310-darwin.so" + } + }, + { + "key": "QExiwAfeXJTuN6MQ4J7noYKiV5TSuiw9hJf7yvva70FQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-310-darwin.so" + } + }, + { + "key": "QEXz9oqm9xk_Hnrt2XnnPcouOD1i2GsDAUfT5rAZKM3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-310-darwin.so" + } + }, + { + "key": "Qf3uKWoXi7oS2jfBqyEMGrJYZz_zE4VHJItgRGze1Bxg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-310-darwin.so" + } + }, + { + "key": "QF6ZlabuLBn0koc_Rgv8KwRcnWbw6xs4c3tsVJjIYdd8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-310-darwin.so" + } + }, + { + "key": "QF9u4KvfQmBx1deUh0aahUAeZGdIoM6vO8ykvw7zpTxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-310-darwin.so" + } + }, + { + "key": "QFdS7OS8hW_Q8pbO-N47gtXL-XZ8ykATTlLSj73i0G78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-310-darwin.so" + } + }, + { + "key": "QfE8Tyb3ydjzd-0NiXpQCifF2XtAvHrywXQLfeqWuKSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-310-darwin.so" + } + }, + { + "key": "QFFWmH1ACpT_i4aI438NmAE36ZkvW53xy9Y5GyJOPJlE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-310-darwin.so" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qms31U84KqM6DoEA7arHpgJLfdD-NHrGvZ05kG0lce2I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Q__LKd8JRh0e5wj1vYzs2kx00iAa9g4T_-wQckqzR67Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q__LKd8JRh0e5wj1vYzs2kx00iAa9g4T_-wQckqzR67Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qms31U84KqM6DoEA7arHpgJLfdD-NHrGvZ05kG0lce2I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q__LKd8JRh0e5wj1vYzs2kx00iAa9g4T_-wQckqzR67Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qms31U84KqM6DoEA7arHpgJLfdD-NHrGvZ05kG0lce2I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q__LKd8JRh0e5wj1vYzs2kx00iAa9g4T_-wQckqzR67Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QCHX9rIi45YWIsBTrHmW7JntW3cS17di9YtWTWR1huVQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q94fZy2Iii9VDy95DJr1SMMaq6OQWZBM_r4w_whhY7tI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcwzaaN5_9QmWVEpDk5ysuT8p6iTSWJjf2iC_hZ3wiMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZUnEcLW5uXUbZQtk_nmeywc_VxJMKVkZ1QQtOVp0Dcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-310-darwin.so" + } + }, + { + "key": "Qzr2gKdla7pOBENlz9LOANnxqjPYtGs8zxTqtDGlLx0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-310-darwin.so" + } + }, + { + "key": "Qzm9S-d1nWaSRPEHtKzZ39wM7N7GY35clPnlHXLWsvh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-310-darwin.so" + } + }, + { + "key": "QzfY6QPwimhCg4T-fQRuj8PB1ONY0gNd9_JxLgj5lxxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-310-darwin.so" + } + }, + { + "key": "QZCJA7JUn-SNcpwtb_qxwBTeTZNwKeVlmt1h1-y9Uki4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-310-darwin.so" + } + }, + { + "key": "Qz37UJorFsmGlxvKVpKoBe9gnYR2LfuV9UpAtcvbEKeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-310-darwin.so" + } + }, + { + "key": "QYiywAThL-HL5MQi9aoiK-e7rG9aKiSqhQeSS6qvhPds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-310-darwin.so" + } + }, + { + "key": "QYG7D1bPMEbCttX76u2L8VJtNdC4I6xSLlJevnVaM9p4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-310-darwin.so" + } + }, + { + "key": "QYG5xxu8113q2mhar3Bn8B1nhhi2xSVYbRTPx5ZYG3i4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-310-darwin.so" + } + }, + { + "key": "QYD2lAPfqQm0qel6eG8h5fnWPloPXByFWwZxIj3Up1r0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-310-darwin.so" + } + }, + { + "key": "Qy4cN1OMbzby_w7QfOnUH3pF1QEjBp_ySgBhZ-fOOn2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-310-darwin.so" + } + }, + { + "key": "QxtMSlt1X1mCpvRGDBA7TjJyfWEjXiqKHxLAXewaLpaY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-310-darwin.so" + } + }, + { + "key": "QXKwI7H1PBwn0-wnA430pHQZEipkz-iO4JEoFHavIcbQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-310-darwin.so" + } + }, + { + "key": "QxGywrLTGxIKQvkyCLOrDGFuxbK5l_GPyTwxCXhlzafU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-310-darwin.so" + } + }, + { + "key": "QX4uscgyJlXohg0e0dXP5tWCa8eZALjx6DCz1lDBbtkk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-310-darwin.so" + } + }, + { + "key": "Qwv1sohMYWHPi28UjVQqMlfiF1zmFFNZOkUlYAvqbk6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-310-darwin.so" + } + }, + { + "key": "QWMLTe7TIMMD5om4TPuJ8aKIib4gPmyUhWHLU2FKHfSU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-310-darwin.so" + } + }, + { + "key": "QwIbEuYFA3UKC4Y26rrRSMty-9TJzRJSIbPHKA5WBj8Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-310-darwin.so" + } + }, + { + "key": "QWCl7ZrRvM_4p74VNtBJQcWJktfi7hdOXB3npl97sSDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-310-darwin.so" + } + }, + { + "key": "QWCJPq5pKqgG6jZOIMRFK2qmqN4atjRObdBXksoRL_Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-310-darwin.so" + } + }, + { + "key": "QwAmn_TKH_YvMFl5xWdMaebV60NjAmme04v8S6Yyi9Z0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-310-darwin.so" + } + }, + { + "key": "QwaM0SPZn9joQRDijdhzyxUNQstXgPY8YN58l6Gbzfl0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-310-darwin.so" + } + }, + { + "key": "QvwHoWDGJP0r2mLTflG88SX2fcyQCf5uVcZg4ZAUnikI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-310-darwin.so" + } + }, + { + "key": "Qvpx18eQm8dHsLBBC1gfYSnQvRW5FxO4tLaDG4ISrnfA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-310-darwin.so" + } + }, + { + "key": "QVOjWBd_f78p-fY7mC-q1uCVc87VsLBGPGM-P8hjfSVw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-310-darwin.so" + } + }, + { + "key": "QvLXok1XEXttel6FDicbJPx0TXYhe6-rJXXg0ZVniZ4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-310-darwin.so" + } + }, + { + "key": "QuM71bPh044hnoQyN-luQYkE3o_BlIYdgVy5RphBXCC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-310-darwin.so" + } + }, + { + "key": "QUJlqea8brBdpYqn12DOvdOTXmmlwX_VFP35liJ5ewKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-310-darwin.so" + } + }, + { + "key": "QUiIWd3EgFGNhpsitTcMvWQ8lZ3DLfbQ68wMEOxz6_A4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QU6b2kjg78QUEhzFV_ZAri24GKwnChCeEZ6rWzC4FI_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-310-darwin.so" + } + }, + { + "key": "QTZ74xpd6DPl3FqdsbFQ1I_Ag06D0YpWi2hes8wcCsT8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-310-darwin.so" + } + }, + { + "key": "QTXyBEoRTTbT1EoH3_AIEZmSM2ZyN60BXHj-gDNSGD3U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-310-darwin.so" + } + }, + { + "key": "QtJvbsN3lByF3YCI0frbxjecfvUUFexxiMXKne2YWRfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-310-darwin.so" + } + }, + { + "key": "QszWRE57IvuiHVM3oJi1QRinm1RSChtGOUH0swHEDHcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-310-darwin.so" + } + }, + { + "key": "QSwu80m3XFs3qsCatb2LbhvvHx6hcbSqRuHr2OXmT4Gg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-310-darwin.so" + } + }, + { + "key": "QSoJ2lMsffFjmp3CaiaUzOUapF22Rhxyzr28Z6eS_kqs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-310-darwin.so" + } + }, + { + "key": "QslXlpocDUPV7dbdx7yvKOsFy57h6SO5FG_wkHUp_1pk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-310-darwin.so" + } + }, + { + "key": "QsLGAgyjPSJkv2Op3ATAU74x8mmDDusrr8BpZ2uWFq2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-310-darwin.so" + } + }, + { + "key": "Qsh7QHJRMku6BhRTyJxn33AcKqBMk-iGdgQiBmaHtdnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-310-darwin.so" + } + }, + { + "key": "QSEKgmt5jZ7mYNOKnH7w3DAJ1BiPHG7UUTr8Pmp_2WNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-310-darwin.so" + } + }, + { + "key": "QrxDhvk7IU-D1VdLCIBDruyxahHJzq8GdGLHVaRYvzAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-310-darwin.so" + } + }, + { + "key": "QRvdAQAj4gXZaD3LqsVfmuJCw9LG6phNuqR8wIvGdRRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-310-darwin.so" + } + }, + { + "key": "QRgA9DowBSfu__f6l1xXeJHShOAyOpm0t1XA3E_09HPc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-310-darwin.so" + } + }, + { + "key": "QRbXMaeHNixy2QlL7cfg40cqcaYR1hr2o-IcPg-r4Bgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-310-darwin.so" + } + }, + { + "key": "Qr1SIjxwu0-v3z18B_xRd0czNK93a2EGZwqkvCScs_As", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-310-darwin.so" + } + }, + { + "key": "QQZkTKnHIkalq4szq0x9zd3DF9PXlFhHiJlWMY2tPcZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-310-darwin.so" + } + }, + { + "key": "QqZbYeQL4qu43vQsv-_QcjPYCV_i1tbhBSp7hsurR1k4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-310-darwin.so" + } + }, + { + "key": "QqmejVy2NYvU3sw_UaOOXO2k91SAlynHOWof9nrRd9Aw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-310-darwin.so" + } + }, + { + "key": "QQI9in2mDxpr0OR8NUHUO_JmijDVttPBxdQEhT9jVKPg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-310-darwin.so" + } + }, + { + "key": "QQHIUhDlnvbtWd6sAwsx4fUVzaxQvGawoJoOykfLe7pw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-310-darwin.so" + } + }, + { + "key": "QqH4VN7dUXqpv7BTmvdV7mhjQ8ks2LjW-2WvZ-MCfc4A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-310-darwin.so" + } + }, + { + "key": "QqeFYFZ5m-w-bCyzkr3kkFasUsZIUcmYkY71VbIpsl4E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-310-darwin.so" + } + }, + { + "key": "QPvVEZUuV-U8nic3m6fQPFs2AbL4pgdKE-DHhAHuRZAc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-310-darwin.so" + } + }, + { + "key": "QpOKmxegGd-5cGrJw-LDW7J4ZHrmQGb8Sf8Xun3ZOWNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-310-darwin.so" + } + }, + { + "key": "QPnGkzGHOBhKqPFYuEAW0dsPUjAGEluceZyhE8s1i-NU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-310-darwin.so" + } + }, + { + "key": "QpmndMVhHnR5CbUlePSr_frpB_iHp89My1echfcFFFvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-310-darwin.so" + } + }, + { + "key": "QpG1CB3VwNoUfX5Stv9QYD-NoFBvwVfNv_MUh36JOndM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-310-darwin.so" + } + }, + { + "key": "QPDBRQ-FNbb9FWA4wRESvhSKA7OvqscW766_ADlHb2po", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-310-darwin.so" + } + }, + { + "key": "QpcxMomWpdjpkKuDOHOWP8JzIwEoS0fD9BomX5s4-toU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QPcRuFHuMKBpYw2PEDvB8tynyGYdnW2HxFCgYU7WhDEI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-310-darwin.so" + } + }, + { + "key": "QpcRBXLvVDEHykP63BzFQ4yQ89uoWTudTz0X7sZweZ_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-310-darwin.so" + } + }, + { + "key": "QOvwiiFykMlOthwgHmRPTzCYTipmMz_KShhNEe0ja9TI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-310-darwin.so" + } + }, + { + "key": "QoTVOkY1QeTfr0RCoS91C3pdhl-29A3OlS8Rzsfw5xds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-310-darwin.so" + } + }, + { + "key": "QOdYiHeCiW-t2EsoB2qenR3ZQFP6kOXhb0mopyu_al68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-310-darwin.so" + } + }, + { + "key": "QOaKBUhQEviUGxxSAX6mKccv923B4tkoR_b3dS-oB91c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-310-darwin.so" + } + }, + { + "key": "QNVYkzDNYYzz9thGuHLHQGnnFygolh3sL9jfntGlGTuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-310-darwin.so" + } + }, + { + "key": "QNvvwlsm0PECwyjJItVhoVXQfPYHJAjoVBm_HsD5NQqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-310-darwin.so" + } + }, + { + "key": "QnnYr09W751bmVVi9ZVbWLXB6u192ycXOT3LLrkTbzJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QnEVcEK9d0TrNSYdybh6eI64gpc86o8U33auv75rzMHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-310-darwin.so" + } + }, + { + "key": "QnA9w2-9vTRkhtY0C_xiQDcGE6I00dfYFl4t8XZUdtpI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-310-darwin.so" + } + }, + { + "key": "QN79cWPrOhtdgxn7T_aeMGLy6z-lA4p0gbC6braUkwSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-310-darwin.so" + } + }, + { + "key": "QN42SCYcTJvNwUlU3bxnxYdzpp6d2IQk5-7Tm8PLlw8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-310-darwin.so" + } + }, + { + "key": "QMr4vA0YyNajxsilEBYgovyql90hOB_WKkbFU_A_e4do", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-310-darwin.so" + } + }, + { + "key": "QMPEcmbNDnjbRU9vBiHL0pXj70jSq9AMhAb5gFN6Vca8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-310-darwin.so" + } + }, + { + "key": "QmgQJ_dASiworsCte794g2T-avdnWG03jC5PgfR1napY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-310-darwin.so" + } + }, + { + "key": "QMghGuPfIzVUcCh3NXb9HKdrJEO4qcSyRHhRHlUsKbJA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-310-darwin.so" + } + }, + { + "key": "Qmc_fnmPL_RHeTxUNFEbxiDA2x7aP5A9hqPEJVpxcSNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-310-darwin.so" + } + }, + { + "key": "QmBm65RJwVilFJQ90_unve4NZk2SnW0xNqRpZ1sWRGHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-310-darwin.so" + } + }, + { + "key": "QLzV5G4PYuJXpcbvW_DfYdfoXNVKztLhtPS31GvqCoC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-310-darwin.so" + } + }, + { + "key": "QLW8lmWBWKBtJds1A4Ifmw3GxJLz7C1zwPt_Ll0y0Xc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QlS2zsq_EAO_KtZjWOBpXKtpjK7nvnQfHijJN4Xsvi-I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-310-darwin.so" + } + }, + { + "key": "QLiy_TcXYsDlvyiZW1GRQFNmRhhmaB2AA4wffxTS-InM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-310-darwin.so" + } + }, + { + "key": "QLHxPUOdqW69BT2McGevoYja-FLtB2UXImWfgrFA1ZD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-310-darwin.so" + } + }, + { + "key": "QlDzNavqkgQtVR65ZZTZoqWH2yKpThZ7Sz3wSHzNng7o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QlCCbISxEJage7wyR_IqLbBJ0T6pzMnpdI-hCcoLH0r0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-310-darwin.so" + } + }, + { + "key": "QKZEQHg0BNvJWFNH-2JJJNHXW9_Xk2O0qUFksXGvvsuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-310-darwin.so" + } + }, + { + "key": "QkYQU9fJOeQaSFJeNrm2zL1LZka6eYW-NPR9fTNRjzTQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-310-darwin.so" + } + }, + { + "key": "QkuPmttUZuwkqNOIVkUk0RGWWCnl8kGT9R8Dmq_5ctQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-310-darwin.so" + } + }, + { + "key": "QKUACNxUHK4koT-Lo1oyOvGM-RCSg3Mgwd7mVBlhsWhw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-310-darwin.so" + } + }, + { + "key": "QkU5XhrH-59pBCpRNBklnACidRsS5pRCrwkwM0Nuq51o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-310-darwin.so" + } + }, + { + "key": "QKnKKwjXsf-e5N-spwgALUonuLeUDpKZa18DkRgL8aYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-310-darwin.so" + } + }, + { + "key": "QkE8P_PXOce3YxuRPpeK-vyrZbvOwCAmWeXAoG19Zh3o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-310-darwin.so" + } + }, + { + "key": "Qk6hQbaxQKkDqTSfzvbEyrBdZNrKdVouso7OYGD89648", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-310-darwin.so" + } + }, + { + "key": "QJWdh4M4kwNNACGUSRJYWhB0jN9_B-SFu4WlHi9_O-Lk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-310-darwin.so" + } + }, + { + "key": "QjPzkizDl0EO3XRwGztO5nTFY-ZTSmPq1r0rEd5wmbRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-310-darwin.so" + } + }, + { + "key": "QjMvjFnZEf5B6OHZWDnapsiYgoqetd4qnRy-oWFD-jv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-310-darwin.so" + } + }, + { + "key": "QJmfYIMvyzCk2cohdj-9cmqm3NC-7aPK-ZIVQ6QBYEZY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QJEbTenW7HNhInvY4vtAPLcy8Hx65bkgIz5HvZBT6xkQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-310-darwin.so" + } + }, + { + "key": "QJayEFlPC-5-K7NxZp-137RUhUF93OgVyoK9RCBiObL8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-310-darwin.so" + } + }, + { + "key": "Qj5vB1_uWLnR9tDWC3ekZcg7Dzx9rUEvLgBJw2FNjGQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-310-darwin.so" + } + }, + { + "key": "Qj0QUMWJjkjOZ3s-UEy94kBz0s8OqqBWZ3lSEhahW8f4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-310-darwin.so" + } + }, + { + "key": "QIzJL6jLDvLHDLZeeb6xatH3PMeXer0jRe-DtUj4xbIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-310-darwin.so" + } + }, + { + "key": "QiRjrBbEQ_O15ZpB3kBuUbwe7kIPyDUXuMiID0_mZ2As", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-310-darwin.so" + } + }, + { + "key": "QIPLz8X8aaUq8aDYr0xL0aWHCEdcLPJnldENpjJ2cC-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-310-darwin.so" + } + }, + { + "key": "QiOI49yJDWT1m8o-2og8bx5wj2UVRkBXul2tZSfejd_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-310-darwin.so" + } + }, + { + "key": "QILVUzTE6xYf1nKhMVJfXScQC005LX_LDkH9RbnBOTJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-310-darwin.so" + } + }, + { + "key": "QIlLA1RMXumXwbWY496Lc5rJ-xr10AG4MdIlVQDtZIdI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-310-darwin.so" + } + }, + { + "key": "QIjE7xkUcaiv3AXRE1ikT54tR3p-ggbqRGmxGIONvyVo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-310-darwin.so" + } + }, + { + "key": "QIi06sjFXIIYAf3HmzXRqkMFydveZ73diNTJ8ayD9tug", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-310-darwin.so" + } + }, + { + "key": "QIDNzbaEJ9HUHZe5kS4oSOAKomfOsPoqnDUowENfPQLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-310-darwin.so" + } + }, + { + "key": "QI5Gz1Bp9GEbbeyWH-IM75h-kNsCW8RRcjCBSwimgd9o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-310-darwin.so" + } + }, + { + "key": "QI-DoH39QYhsJJ33KNbAAdKEoLitR9vmRFTlaZrhazfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-310-darwin.so" + } + }, + { + "key": "QhYm0r6NmSncenvre9i4u_qbR_j4AM5FrcAgDvUG8bsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-310-darwin.so" + } + }, + { + "key": "QhXXyzQ8_Q1P7hRcfWJNqGK37s1Bd9rESE8HhY1DszWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-310-darwin.so" + } + }, + { + "key": "QHw2UTY8npUk8H8V-TAhIReDI7dpfa8vZH17Bldi6GuQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-310-darwin.so" + } + }, + { + "key": "QHuFlrkjcyIsSIZIgfhq2boD_JV0NmkaZ_MWpPVpZCxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-310-darwin.so" + } + }, + { + "key": "QhoGlWJc8SlgNe7DEVvTJ_KXy-gnlFEbkhpZUqAeJo2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-310-darwin.so" + } + }, + { + "key": "QHmT8dhBXh-cRgtGu2EgSWmUTbakATh22StAYLC7yloQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-310-darwin.so" + } + }, + { + "key": "Qhm_t3E3HEuY5YlEIyb3rm9p6j2qly6Kgxp7gpo9F7_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-310-darwin.so" + } + }, + { + "key": "QHfjhQlc1R_CWMyWUXeO8tJFIsX39t3PikF9YWhsS0n8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-310-darwin.so" + } + }, + { + "key": "QhCAmBP-KJUdY1-oMV7jrdfWelpDjWHOPvf_pp-Z8oMQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-310-darwin.so" + } + }, + { + "key": "Qh_JOruQeOO7N3KrOGsQs8C87y79MyiNpR-r508pK1hQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-310-darwin.so" + } + }, + { + "key": "QgzDPHuNAObY9F6nnm1qQhsff_LT0RquRxwbENzH4Ppk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-310-darwin.so" + } + }, + { + "key": "QgQ9HUDJDMNoCOHeWzBDDKBQSuhUWRyGwaVZQTEpNGvo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-310-darwin.so" + } + }, + { + "key": "QGlkIByKpydpEp4_o7D66iUGjTs6PP1XSgxCb1tYAooc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-310-darwin.so" + } + }, + { + "key": "QGg7CjjvnK8PKM82dF6aOHuzY5_-F800f4Xfv7IRf0qA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-310-darwin.so" + } + }, + { + "key": "QGesgzxNPpq_amVEgP0nz9Pe_K5LjzYsdBLHEBBItClQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-310-darwin.so" + } + }, + { + "key": "QGBq1mmI3-2SGjxereB71Irjywj5HmYSGGt0m0haGEe4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-310-darwin.so" + } + }, + { + "key": "QgaPOl8x3gQXxjcSzIKbWOmeBRKE8zbyZWPqphPblGwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-310-darwin.so" + } + }, + { + "key": "QG4hERga4kCjzEYLJns9pvetN6KizThogxtDwhyo8bns", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-310-darwin.so" + } + }, + { + "key": "QFX1gniFNmbAZ18Cwte7qgbg99wnKcZq0bL2-dgt6afU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-310-darwin.so" + } + }, + { + "key": "QFui4U1gPKkDIg_WJQirKCIDuH9-UjuwJjCcEku_kJxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-310-darwin.so" + } + }, + { + "key": "QfrioeY3Dw48OVo4sOJkY7E3pdRchNipUmQiXmcRF-Ls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QFGNWI0d9W99UejehTfUgG45JVylHfEVm39FdVIAmH3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-310-darwin.so" + } + }, + { + "key": "QclLbvUpYJy1hdyWj8z0eo-5SB_RDHzXBaYyel-c7HWM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-310-darwin.so" + } + }, + { + "key": "QCL9HEX1eeV4CiyyUZWn7bpyBmPWOFSrNgiXtDlMBOoA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-310-darwin.so" + } + }, + { + "key": "QcKkrLYbuHR_jR7YnMmZ8eGrBdUBjk4c40ltVzzTSCtY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-310-darwin.so" + } + }, + { + "key": "QccxQgs8ErkO45enwDgi7PFMM6qVIgeTEJZARYZ1-YK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-310-darwin.so" + } + }, + { + "key": "QByJ5NOGVYgAAQvsUWUZ1UCUwBNyK9Fdqc5ooPTy25Fo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-310-darwin.so" + } + }, + { + "key": "QbTv7_1hDEz3vxUsE2Xud8cDYYujv7W_fxBZy4bTyYWA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-310-darwin.so" + } + }, + { + "key": "QboGYKFzRTE-6Ho_lS3eTfbeBFf0NU8YQYzGpzXfEzGk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-310-darwin.so" + } + }, + { + "key": "QbLuEjy79hWwD403AuPnNzpep10tJljV6ffsDAgKTpDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-310-darwin.so" + } + }, + { + "key": "QbJ5lXKzlZJjdFHXn5JgmdjVQJggCKzK6dT9MwvSBumM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-310-darwin.so" + } + }, + { + "key": "QbhNmjz3JIVPvYdsJEBpnIUCbWuw05nHL0NV6pYDp9bY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-310-darwin.so" + } + }, + { + "key": "QbgxlrRB8GlXAkPMTSVvqLqR_YuLTd6mZtUrBv5lrDEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-310-darwin.so" + } + }, + { + "key": "QBC1yaekKdLBVoq0HsRBnXsVGYc3S0WAp08BPPgk0890", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-310-darwin.so" + } + }, + { + "key": "QB4Eg7JZP7ClOZkWvn2DqRsBpAndgIi6GXAIz6SDg31g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-310-darwin.so" + } + }, + { + "key": "QaXGhR8jjXriKM83YOatI38la6rBnl25SxSv1BfrW3JM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QASUeSgFPswxqLaT623wo7kprH1Oy31n8Y4-9CG5OGuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-310-darwin.so" + } + }, + { + "key": "QasJjW4BeMgE_LG7ogC7vOw6cAclHcecTNDkczSNsJc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-310-darwin.so" + } + }, + { + "key": "QAs0adWpHAmzA2E5hI4uQXypkD0TopJ5VC1H5F6BYYA0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-310-darwin.so" + } + }, + { + "key": "QaRR-5ajNfbBW2p6-n7zUm8z735KzHwiTBvzUDGFoh-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-310-darwin.so" + } + }, + { + "key": "QaIl8czhF7gOxU7y4ftIxk6H1OIfmBImejFy1FbQka6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-310-darwin.so" + } + }, + { + "key": "QAd1JDBa7dSVWsXOGnBgCt7csDz1ll9t0v6BxqI3lce4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-310-darwin.so" + } + }, + { + "key": "QACOMLGsQL_3RFhJlSH7cVDxshVGSuRlKEAgb8iIcAFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-310-darwin.so" + } + }, + { + "key": "Q9xCAWy9KiLUorzWkiQuYHvxP6L0lv7-mu98pg7sL_ZA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-310-darwin.so" + } + }, + { + "key": "Q9ncbIZSwtQf431QOsjkn9maxfS4k529GX7D-Vexzs4Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-310-darwin.so" + } + }, + { + "key": "Q9gMQZkbclyD4At0U7KYoNMvW1WYUAnzRysswvYExgh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-310-darwin.so" + } + }, + { + "key": "Q9FlUIDQQoMC-N_bZX4v_oN-H4cSjfCXxlV0MoC_ewb4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-310-darwin.so" + } + }, + { + "key": "Q952uHRBivhgLZruUYawaWnFxrrhFmaz_Q8TnraRkyLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-310-darwin.so" + } + }, + { + "key": "Q7nbdrelu20hyR5G_S6rNiX6ItwKkbES7OhhGgesa8TY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-310-darwin.so" + } + }, + { + "key": "Q7bpiZQFhlB4o_aaxIPa95g5CIscOT0qi6yDEaoHFuzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-310-darwin.so" + } + }, + { + "key": "Q6ZNahX5j8OcTE8OfHch7LtDS1XoIFQyIyv95N08Z018", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-310-darwin.so" + } + }, + { + "key": "Q6ud2IOPYHz15m9aPyXMQA3uAqji-24u5w3NxPviKF5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-310-darwin.so" + } + }, + { + "key": "Q6twrDcX56Q8nenClL1aYFcusD9PkjIdcvFC1SvIkHf8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-310-darwin.so" + } + }, + { + "key": "Q6-VsX3vavFpHW_7uKRxgZGg3acMb_GDvLqBnJlHfbTc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-310-darwin.so" + } + }, + { + "key": "Q5uYpulismNELcg2RpObCayqLvctay8TVPxI9Bfq2Vto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-310-darwin.so" + } + }, + { + "key": "Q5r6POOsObKgyg40xt4ydAIChugOwnwTTA2zdR_qO-s4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-310-darwin.so" + } + }, + { + "key": "Q58IoXPfFoFbDiHCU4ZI7YoA7sjwG923skzDDwShVT0k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-310-darwin.so" + } + }, + { + "key": "Q4pjaMPqnh1Chpm4c7b2p3p53xCFzXUW4bxh1iLcjHdQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-310-darwin.so" + } + }, + { + "key": "Q4hQZnYFuO4TAlOaB2gA7JsRVDPnoeLJkGXq37w7GMuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-310-darwin.so" + } + }, + { + "key": "Q42NcwDTQ4p8P7iAPiaoaiaIdLPa2Q9iTcCmvlwyih0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-310-darwin.so" + } + }, + { + "key": "Q3CfCl7Cz-E9PhaK-Uj_GPwlCDmqwbmAVEho82fQH-oo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-310-darwin.so" + } + }, + { + "key": "Q3CCz7N92Bc8EQHUZ82pCuysD1EDLW-zcjUyxxzz3qpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-310-darwin.so" + } + }, + { + "key": "Q2p3GzV8ijXJ-tzi4agAm0VitVxv0jyrsgKn6AhSVVIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-310-darwin.so" + } + }, + { + "key": "Q1GDa7-acTyfUKoYexdkew6lzjjGYkrDxz-Ptf7WHI-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-310-darwin.so" + } + }, + { + "key": "Q0TFpJvQ_4iNra8Qrt2USf9ahAY7I64josyWL1251_KQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-310-darwin.so" + } + }, + { + "key": "Q0QEZEYFkxdGuQTNpZ_D1oMmANQA0p-o4LlDWh0AFYRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-310-darwin.so" + } + }, + { + "key": "Q0lw8vUr0fgBhHTOBaEPp1wUgk1ZwAUYroxTGiNvzCKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-310-darwin.so" + } + }, + { + "key": "Q0G-sHwu7MO6NbaL7-6bnqYtd6TDL0YPIM30wQedg6zQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-310-darwin.so" + } + }, + { + "key": "Q-TqCY0Pd6AjAOI_UoAlAVWO85ryX1l0WEMzVSs06zn4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-310-darwin.so" + } + }, + { + "key": "Q-HzbdmkFz5shRg70mJr9ghQTEvXmOy3fSfnK24OkIcE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-310-darwin.so" + } + }, + { + "key": "Q-CgvXsAAU6HpNJcf9KyySuPpiHtvbl_0QTpzj18NPXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-310-darwin.so" + } + }, + { + "key": "Q_vgB9iXntQE7GknRIbMi831o2F6JcbSqV14m3kvmEh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-310-darwin.so" + } + }, + { + "key": "Q_QrmQ6xMEdf9DN2YXbBljxvWPM0q2fvqGj0RhzKyuQo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-310-darwin.so" + } + }, + { + "key": "Q_N0_SoG9m-ZqZysXA96ytQAZmrG3PAKw-rxERbnPnsQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-310-darwin.so" + } + }, + { + "key": "Q_d8hbVCajWTpQC8IHdjraaXUSxMcS9p4qs9hJkZGsdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-310-darwin.so" + } + }, + { + "key": "Q_9MOmjfTqBx5r02_3Z3bUW0Yiy0qgsm5vTdhDsrZ1BM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-310-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp310-cp310-macosx-11-0-arm64-whl", + "id": "15904524863", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45922802, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QdX5oAXpa-55TNktUP8xkYJfpokwjOpCQdmdxDkE9lbQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-310-darwin.so" + } + }, + { + "key": "QDhgUzRBGbVBXCnc0aZf-Csa4HUm0sehMImo6LwAnwlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-310-darwin.so" + } + }, + { + "key": "QdFjNpmWubkMFF-dGkrnBIyesp672_bJ5YkjHHu6Ibzs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-310-darwin.so" + } + }, + { + "key": "Qdclaf5N3BmAcAiYq2iG7A4X1PVl8mcoWqSdsMelMJ68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-310-darwin.so" + } + }, + { + "key": "Qd9uWWIsnCi4ty5GMF4zbrVx2zjIkvceJPIzJ51xje_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-310-darwin.so" + } + }, + { + "key": "QCWLZR4anNbSTdvbPcaenVsixZY-iJw7gP0CRDu9xFQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-310-darwin.so" + } + }, + { + "key": "QCS7Be-f2ZUa0Up9KNZqJWaApWPng4kKWL4LBTdlNzE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-310-darwin.so" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QL3IiyPYb2z32mZaXxsV4Abh54x2HhEGVBdkE59f-CC0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Quwo_h_RdWKS4YeAIYv27K_IK0_fv_o3RDmEIb6hA_fU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QL3IiyPYb2z32mZaXxsV4Abh54x2HhEGVBdkE59f-CC0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QL3IiyPYb2z32mZaXxsV4Abh54x2HhEGVBdkE59f-CC0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QL3IiyPYb2z32mZaXxsV4Abh54x2HhEGVBdkE59f-CC0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Quwo_h_RdWKS4YeAIYv27K_IK0_fv_o3RDmEIb6hA_fU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QL3IiyPYb2z32mZaXxsV4Abh54x2HhEGVBdkE59f-CC0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Quwo_h_RdWKS4YeAIYv27K_IK0_fv_o3RDmEIb6hA_fU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QL3IiyPYb2z32mZaXxsV4Abh54x2HhEGVBdkE59f-CC0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QqQnovARZfgrJ51v7TrToB72QVH1pIOll72uamP6YqkY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QNnA5dsv5aHGBsAJoEvRDSFb5QzjgCfCLyk9GPyqy7SA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZUnEcLW5uXUbZQtk_nmeywc_VxJMKVkZ1QQtOVp0Dcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-310-darwin.so" + } + }, + { + "key": "Qzr2gKdla7pOBENlz9LOANnxqjPYtGs8zxTqtDGlLx0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-310-darwin.so" + } + }, + { + "key": "Qzm9S-d1nWaSRPEHtKzZ39wM7N7GY35clPnlHXLWsvh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-310-darwin.so" + } + }, + { + "key": "QzfY6QPwimhCg4T-fQRuj8PB1ONY0gNd9_JxLgj5lxxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-310-darwin.so" + } + }, + { + "key": "QZCJA7JUn-SNcpwtb_qxwBTeTZNwKeVlmt1h1-y9Uki4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-310-darwin.so" + } + }, + { + "key": "Qz37UJorFsmGlxvKVpKoBe9gnYR2LfuV9UpAtcvbEKeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-310-darwin.so" + } + }, + { + "key": "QYiywAThL-HL5MQi9aoiK-e7rG9aKiSqhQeSS6qvhPds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-310-darwin.so" + } + }, + { + "key": "QYG7D1bPMEbCttX76u2L8VJtNdC4I6xSLlJevnVaM9p4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-310-darwin.so" + } + }, + { + "key": "QYG5xxu8113q2mhar3Bn8B1nhhi2xSVYbRTPx5ZYG3i4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-310-darwin.so" + } + }, + { + "key": "QYD2lAPfqQm0qel6eG8h5fnWPloPXByFWwZxIj3Up1r0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-310-darwin.so" + } + }, + { + "key": "Qy4cN1OMbzby_w7QfOnUH3pF1QEjBp_ySgBhZ-fOOn2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-310-darwin.so" + } + }, + { + "key": "QxtMSlt1X1mCpvRGDBA7TjJyfWEjXiqKHxLAXewaLpaY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-310-darwin.so" + } + }, + { + "key": "QXKwI7H1PBwn0-wnA430pHQZEipkz-iO4JEoFHavIcbQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-310-darwin.so" + } + }, + { + "key": "QxGywrLTGxIKQvkyCLOrDGFuxbK5l_GPyTwxCXhlzafU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-310-darwin.so" + } + }, + { + "key": "QX4uscgyJlXohg0e0dXP5tWCa8eZALjx6DCz1lDBbtkk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-310-darwin.so" + } + }, + { + "key": "Qwv1sohMYWHPi28UjVQqMlfiF1zmFFNZOkUlYAvqbk6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-310-darwin.so" + } + }, + { + "key": "QWMLTe7TIMMD5om4TPuJ8aKIib4gPmyUhWHLU2FKHfSU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-310-darwin.so" + } + }, + { + "key": "QwIbEuYFA3UKC4Y26rrRSMty-9TJzRJSIbPHKA5WBj8Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-310-darwin.so" + } + }, + { + "key": "QWCl7ZrRvM_4p74VNtBJQcWJktfi7hdOXB3npl97sSDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-310-darwin.so" + } + }, + { + "key": "QWCJPq5pKqgG6jZOIMRFK2qmqN4atjRObdBXksoRL_Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-310-darwin.so" + } + }, + { + "key": "QwAmn_TKH_YvMFl5xWdMaebV60NjAmme04v8S6Yyi9Z0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-310-darwin.so" + } + }, + { + "key": "QwaM0SPZn9joQRDijdhzyxUNQstXgPY8YN58l6Gbzfl0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-310-darwin.so" + } + }, + { + "key": "QvwHoWDGJP0r2mLTflG88SX2fcyQCf5uVcZg4ZAUnikI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-310-darwin.so" + } + }, + { + "key": "Qvpx18eQm8dHsLBBC1gfYSnQvRW5FxO4tLaDG4ISrnfA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-310-darwin.so" + } + }, + { + "key": "QVOjWBd_f78p-fY7mC-q1uCVc87VsLBGPGM-P8hjfSVw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-310-darwin.so" + } + }, + { + "key": "QvLXok1XEXttel6FDicbJPx0TXYhe6-rJXXg0ZVniZ4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-310-darwin.so" + } + }, + { + "key": "QuM71bPh044hnoQyN-luQYkE3o_BlIYdgVy5RphBXCC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-310-darwin.so" + } + }, + { + "key": "QUJlqea8brBdpYqn12DOvdOTXmmlwX_VFP35liJ5ewKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-310-darwin.so" + } + }, + { + "key": "QUiIWd3EgFGNhpsitTcMvWQ8lZ3DLfbQ68wMEOxz6_A4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QU6b2kjg78QUEhzFV_ZAri24GKwnChCeEZ6rWzC4FI_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-310-darwin.so" + } + }, + { + "key": "QTZ74xpd6DPl3FqdsbFQ1I_Ag06D0YpWi2hes8wcCsT8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-310-darwin.so" + } + }, + { + "key": "QTXyBEoRTTbT1EoH3_AIEZmSM2ZyN60BXHj-gDNSGD3U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-310-darwin.so" + } + }, + { + "key": "QtJvbsN3lByF3YCI0frbxjecfvUUFexxiMXKne2YWRfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-310-darwin.so" + } + }, + { + "key": "QszWRE57IvuiHVM3oJi1QRinm1RSChtGOUH0swHEDHcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-310-darwin.so" + } + }, + { + "key": "QSwu80m3XFs3qsCatb2LbhvvHx6hcbSqRuHr2OXmT4Gg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-310-darwin.so" + } + }, + { + "key": "QSoJ2lMsffFjmp3CaiaUzOUapF22Rhxyzr28Z6eS_kqs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-310-darwin.so" + } + }, + { + "key": "QslXlpocDUPV7dbdx7yvKOsFy57h6SO5FG_wkHUp_1pk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-310-darwin.so" + } + }, + { + "key": "QsLGAgyjPSJkv2Op3ATAU74x8mmDDusrr8BpZ2uWFq2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-310-darwin.so" + } + }, + { + "key": "Qsh7QHJRMku6BhRTyJxn33AcKqBMk-iGdgQiBmaHtdnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-310-darwin.so" + } + }, + { + "key": "QSEKgmt5jZ7mYNOKnH7w3DAJ1BiPHG7UUTr8Pmp_2WNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-310-darwin.so" + } + }, + { + "key": "QrxDhvk7IU-D1VdLCIBDruyxahHJzq8GdGLHVaRYvzAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-310-darwin.so" + } + }, + { + "key": "QRvdAQAj4gXZaD3LqsVfmuJCw9LG6phNuqR8wIvGdRRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-310-darwin.so" + } + }, + { + "key": "QRgA9DowBSfu__f6l1xXeJHShOAyOpm0t1XA3E_09HPc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-310-darwin.so" + } + }, + { + "key": "QRbXMaeHNixy2QlL7cfg40cqcaYR1hr2o-IcPg-r4Bgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-310-darwin.so" + } + }, + { + "key": "Qr1SIjxwu0-v3z18B_xRd0czNK93a2EGZwqkvCScs_As", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-310-darwin.so" + } + }, + { + "key": "QQZkTKnHIkalq4szq0x9zd3DF9PXlFhHiJlWMY2tPcZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-310-darwin.so" + } + }, + { + "key": "QqZbYeQL4qu43vQsv-_QcjPYCV_i1tbhBSp7hsurR1k4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-310-darwin.so" + } + }, + { + "key": "QqmejVy2NYvU3sw_UaOOXO2k91SAlynHOWof9nrRd9Aw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-310-darwin.so" + } + }, + { + "key": "QQI9in2mDxpr0OR8NUHUO_JmijDVttPBxdQEhT9jVKPg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-310-darwin.so" + } + }, + { + "key": "QQHIUhDlnvbtWd6sAwsx4fUVzaxQvGawoJoOykfLe7pw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-310-darwin.so" + } + }, + { + "key": "QclLbvUpYJy1hdyWj8z0eo-5SB_RDHzXBaYyel-c7HWM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-310-darwin.so" + } + }, + { + "key": "QCL9HEX1eeV4CiyyUZWn7bpyBmPWOFSrNgiXtDlMBOoA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-310-darwin.so" + } + }, + { + "key": "QcKkrLYbuHR_jR7YnMmZ8eGrBdUBjk4c40ltVzzTSCtY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-310-darwin.so" + } + }, + { + "key": "QccxQgs8ErkO45enwDgi7PFMM6qVIgeTEJZARYZ1-YK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-310-darwin.so" + } + }, + { + "key": "QByJ5NOGVYgAAQvsUWUZ1UCUwBNyK9Fdqc5ooPTy25Fo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-310-darwin.so" + } + }, + { + "key": "QbTv7_1hDEz3vxUsE2Xud8cDYYujv7W_fxBZy4bTyYWA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-310-darwin.so" + } + }, + { + "key": "QboGYKFzRTE-6Ho_lS3eTfbeBFf0NU8YQYzGpzXfEzGk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-310-darwin.so" + } + }, + { + "key": "QbLuEjy79hWwD403AuPnNzpep10tJljV6ffsDAgKTpDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-310-darwin.so" + } + }, + { + "key": "QbJ5lXKzlZJjdFHXn5JgmdjVQJggCKzK6dT9MwvSBumM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-310-darwin.so" + } + }, + { + "key": "QbhNmjz3JIVPvYdsJEBpnIUCbWuw05nHL0NV6pYDp9bY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-310-darwin.so" + } + }, + { + "key": "QbgxlrRB8GlXAkPMTSVvqLqR_YuLTd6mZtUrBv5lrDEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-310-darwin.so" + } + }, + { + "key": "QBC1yaekKdLBVoq0HsRBnXsVGYc3S0WAp08BPPgk0890", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-310-darwin.so" + } + }, + { + "key": "QB4Eg7JZP7ClOZkWvn2DqRsBpAndgIi6GXAIz6SDg31g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-310-darwin.so" + } + }, + { + "key": "QaXGhR8jjXriKM83YOatI38la6rBnl25SxSv1BfrW3JM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QASUeSgFPswxqLaT623wo7kprH1Oy31n8Y4-9CG5OGuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-310-darwin.so" + } + }, + { + "key": "QasJjW4BeMgE_LG7ogC7vOw6cAclHcecTNDkczSNsJc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-310-darwin.so" + } + }, + { + "key": "QAs0adWpHAmzA2E5hI4uQXypkD0TopJ5VC1H5F6BYYA0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-310-darwin.so" + } + }, + { + "key": "QaRR-5ajNfbBW2p6-n7zUm8z735KzHwiTBvzUDGFoh-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-310-darwin.so" + } + }, + { + "key": "QaIl8czhF7gOxU7y4ftIxk6H1OIfmBImejFy1FbQka6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-310-darwin.so" + } + }, + { + "key": "QAd1JDBa7dSVWsXOGnBgCt7csDz1ll9t0v6BxqI3lce4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-310-darwin.so" + } + }, + { + "key": "QACOMLGsQL_3RFhJlSH7cVDxshVGSuRlKEAgb8iIcAFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-310-darwin.so" + } + }, + { + "key": "Q9xCAWy9KiLUorzWkiQuYHvxP6L0lv7-mu98pg7sL_ZA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-310-darwin.so" + } + }, + { + "key": "Q9ncbIZSwtQf431QOsjkn9maxfS4k529GX7D-Vexzs4Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-310-darwin.so" + } + }, + { + "key": "Q9gMQZkbclyD4At0U7KYoNMvW1WYUAnzRysswvYExgh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-310-darwin.so" + } + }, + { + "key": "Q9FlUIDQQoMC-N_bZX4v_oN-H4cSjfCXxlV0MoC_ewb4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-310-darwin.so" + } + }, + { + "key": "Q952uHRBivhgLZruUYawaWnFxrrhFmaz_Q8TnraRkyLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-310-darwin.so" + } + }, + { + "key": "Q7nbdrelu20hyR5G_S6rNiX6ItwKkbES7OhhGgesa8TY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-310-darwin.so" + } + }, + { + "key": "Q7bpiZQFhlB4o_aaxIPa95g5CIscOT0qi6yDEaoHFuzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-310-darwin.so" + } + }, + { + "key": "Q6ZNahX5j8OcTE8OfHch7LtDS1XoIFQyIyv95N08Z018", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-310-darwin.so" + } + }, + { + "key": "Q6ud2IOPYHz15m9aPyXMQA3uAqji-24u5w3NxPviKF5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-310-darwin.so" + } + }, + { + "key": "Q6twrDcX56Q8nenClL1aYFcusD9PkjIdcvFC1SvIkHf8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-310-darwin.so" + } + }, + { + "key": "Q6-VsX3vavFpHW_7uKRxgZGg3acMb_GDvLqBnJlHfbTc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-310-darwin.so" + } + }, + { + "key": "Q5uYpulismNELcg2RpObCayqLvctay8TVPxI9Bfq2Vto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-310-darwin.so" + } + }, + { + "key": "Q5r6POOsObKgyg40xt4ydAIChugOwnwTTA2zdR_qO-s4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-310-darwin.so" + } + }, + { + "key": "Q58IoXPfFoFbDiHCU4ZI7YoA7sjwG923skzDDwShVT0k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-310-darwin.so" + } + }, + { + "key": "Q4pjaMPqnh1Chpm4c7b2p3p53xCFzXUW4bxh1iLcjHdQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-310-darwin.so" + } + }, + { + "key": "Q4hQZnYFuO4TAlOaB2gA7JsRVDPnoeLJkGXq37w7GMuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-310-darwin.so" + } + }, + { + "key": "Q42NcwDTQ4p8P7iAPiaoaiaIdLPa2Q9iTcCmvlwyih0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-310-darwin.so" + } + }, + { + "key": "Q3CfCl7Cz-E9PhaK-Uj_GPwlCDmqwbmAVEho82fQH-oo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-310-darwin.so" + } + }, + { + "key": "Q3CCz7N92Bc8EQHUZ82pCuysD1EDLW-zcjUyxxzz3qpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-310-darwin.so" + } + }, + { + "key": "Q2p3GzV8ijXJ-tzi4agAm0VitVxv0jyrsgKn6AhSVVIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-310-darwin.so" + } + }, + { + "key": "Q1GDa7-acTyfUKoYexdkew6lzjjGYkrDxz-Ptf7WHI-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-310-darwin.so" + } + }, + { + "key": "Q0TFpJvQ_4iNra8Qrt2USf9ahAY7I64josyWL1251_KQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-310-darwin.so" + } + }, + { + "key": "Q0QEZEYFkxdGuQTNpZ_D1oMmANQA0p-o4LlDWh0AFYRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-310-darwin.so" + } + }, + { + "key": "Q0lw8vUr0fgBhHTOBaEPp1wUgk1ZwAUYroxTGiNvzCKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-310-darwin.so" + } + }, + { + "key": "Q0G-sHwu7MO6NbaL7-6bnqYtd6TDL0YPIM30wQedg6zQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-310-darwin.so" + } + }, + { + "key": "Q-TqCY0Pd6AjAOI_UoAlAVWO85ryX1l0WEMzVSs06zn4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-310-darwin.so" + } + }, + { + "key": "Q-HzbdmkFz5shRg70mJr9ghQTEvXmOy3fSfnK24OkIcE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-310-darwin.so" + } + }, + { + "key": "Q-CgvXsAAU6HpNJcf9KyySuPpiHtvbl_0QTpzj18NPXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-310-darwin.so" + } + }, + { + "key": "Q_vgB9iXntQE7GknRIbMi831o2F6JcbSqV14m3kvmEh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-310-darwin.so" + } + }, + { + "key": "Q_QrmQ6xMEdf9DN2YXbBljxvWPM0q2fvqGj0RhzKyuQo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-310-darwin.so" + } + }, + { + "key": "Q_N0_SoG9m-ZqZysXA96ytQAZmrG3PAKw-rxERbnPnsQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-310-darwin.so" + } + }, + { + "key": "Q_d8hbVCajWTpQC8IHdjraaXUSxMcS9p4qs9hJkZGsdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-310-darwin.so" + } + }, + { + "key": "QqH4VN7dUXqpv7BTmvdV7mhjQ8ks2LjW-2WvZ-MCfc4A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-310-darwin.so" + } + }, + { + "key": "QqeFYFZ5m-w-bCyzkr3kkFasUsZIUcmYkY71VbIpsl4E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-310-darwin.so" + } + }, + { + "key": "QPvVEZUuV-U8nic3m6fQPFs2AbL4pgdKE-DHhAHuRZAc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-310-darwin.so" + } + }, + { + "key": "QpOKmxegGd-5cGrJw-LDW7J4ZHrmQGb8Sf8Xun3ZOWNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-310-darwin.so" + } + }, + { + "key": "QPnGkzGHOBhKqPFYuEAW0dsPUjAGEluceZyhE8s1i-NU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-310-darwin.so" + } + }, + { + "key": "QpmndMVhHnR5CbUlePSr_frpB_iHp89My1echfcFFFvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-310-darwin.so" + } + }, + { + "key": "QpG1CB3VwNoUfX5Stv9QYD-NoFBvwVfNv_MUh36JOndM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-310-darwin.so" + } + }, + { + "key": "QPDBRQ-FNbb9FWA4wRESvhSKA7OvqscW766_ADlHb2po", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-310-darwin.so" + } + }, + { + "key": "QpcxMomWpdjpkKuDOHOWP8JzIwEoS0fD9BomX5s4-toU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QPcRuFHuMKBpYw2PEDvB8tynyGYdnW2HxFCgYU7WhDEI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-310-darwin.so" + } + }, + { + "key": "QpcRBXLvVDEHykP63BzFQ4yQ89uoWTudTz0X7sZweZ_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-310-darwin.so" + } + }, + { + "key": "QOvwiiFykMlOthwgHmRPTzCYTipmMz_KShhNEe0ja9TI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-310-darwin.so" + } + }, + { + "key": "QoTVOkY1QeTfr0RCoS91C3pdhl-29A3OlS8Rzsfw5xds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-310-darwin.so" + } + }, + { + "key": "QorV6JEqOU5FkM7Q-3BkpwKMdqvK-f5IicDPMGY5sRzQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-310-darwin.so" + } + }, + { + "key": "QOdYiHeCiW-t2EsoB2qenR3ZQFP6kOXhb0mopyu_al68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-310-darwin.so" + } + }, + { + "key": "QOaKBUhQEviUGxxSAX6mKccv923B4tkoR_b3dS-oB91c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-310-darwin.so" + } + }, + { + "key": "QNVYkzDNYYzz9thGuHLHQGnnFygolh3sL9jfntGlGTuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-310-darwin.so" + } + }, + { + "key": "QNvvwlsm0PECwyjJItVhoVXQfPYHJAjoVBm_HsD5NQqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-310-darwin.so" + } + }, + { + "key": "QnnYr09W751bmVVi9ZVbWLXB6u192ycXOT3LLrkTbzJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QnEVcEK9d0TrNSYdybh6eI64gpc86o8U33auv75rzMHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-310-darwin.so" + } + }, + { + "key": "QnA9w2-9vTRkhtY0C_xiQDcGE6I00dfYFl4t8XZUdtpI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-310-darwin.so" + } + }, + { + "key": "QN79cWPrOhtdgxn7T_aeMGLy6z-lA4p0gbC6braUkwSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-310-darwin.so" + } + }, + { + "key": "QN42SCYcTJvNwUlU3bxnxYdzpp6d2IQk5-7Tm8PLlw8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-310-darwin.so" + } + }, + { + "key": "QMr4vA0YyNajxsilEBYgovyql90hOB_WKkbFU_A_e4do", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-310-darwin.so" + } + }, + { + "key": "QMPEcmbNDnjbRU9vBiHL0pXj70jSq9AMhAb5gFN6Vca8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-310-darwin.so" + } + }, + { + "key": "QmgQJ_dASiworsCte794g2T-avdnWG03jC5PgfR1napY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-310-darwin.so" + } + }, + { + "key": "QMghGuPfIzVUcCh3NXb9HKdrJEO4qcSyRHhRHlUsKbJA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-310-darwin.so" + } + }, + { + "key": "Qmc_fnmPL_RHeTxUNFEbxiDA2x7aP5A9hqPEJVpxcSNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-310-darwin.so" + } + }, + { + "key": "QmBm65RJwVilFJQ90_unve4NZk2SnW0xNqRpZ1sWRGHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-310-darwin.so" + } + }, + { + "key": "QLzV5G4PYuJXpcbvW_DfYdfoXNVKztLhtPS31GvqCoC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-310-darwin.so" + } + }, + { + "key": "QLW8lmWBWKBtJds1A4Ifmw3GxJLz7C1zwPt_Ll0y0Xc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QlS2zsq_EAO_KtZjWOBpXKtpjK7nvnQfHijJN4Xsvi-I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-310-darwin.so" + } + }, + { + "key": "QLiy_TcXYsDlvyiZW1GRQFNmRhhmaB2AA4wffxTS-InM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-310-darwin.so" + } + }, + { + "key": "QLHxPUOdqW69BT2McGevoYja-FLtB2UXImWfgrFA1ZD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-310-darwin.so" + } + }, + { + "key": "QCfIwlESwLa7clgX6nnGhPuBHp4nAD3yxSXP2siffTj8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QlDzNavqkgQtVR65ZZTZoqWH2yKpThZ7Sz3wSHzNng7o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QlCCbISxEJage7wyR_IqLbBJ0T6pzMnpdI-hCcoLH0r0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-310-darwin.so" + } + }, + { + "key": "QKZEQHg0BNvJWFNH-2JJJNHXW9_Xk2O0qUFksXGvvsuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-310-darwin.so" + } + }, + { + "key": "QkYQU9fJOeQaSFJeNrm2zL1LZka6eYW-NPR9fTNRjzTQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-310-darwin.so" + } + }, + { + "key": "QkuPmttUZuwkqNOIVkUk0RGWWCnl8kGT9R8Dmq_5ctQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-310-darwin.so" + } + }, + { + "key": "QKUACNxUHK4koT-Lo1oyOvGM-RCSg3Mgwd7mVBlhsWhw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-310-darwin.so" + } + }, + { + "key": "QkU5XhrH-59pBCpRNBklnACidRsS5pRCrwkwM0Nuq51o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-310-darwin.so" + } + }, + { + "key": "QKnKKwjXsf-e5N-spwgALUonuLeUDpKZa18DkRgL8aYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-310-darwin.so" + } + }, + { + "key": "QkE8P_PXOce3YxuRPpeK-vyrZbvOwCAmWeXAoG19Zh3o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-310-darwin.so" + } + }, + { + "key": "Qk6hQbaxQKkDqTSfzvbEyrBdZNrKdVouso7OYGD89648", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-310-darwin.so" + } + }, + { + "key": "Q_9MOmjfTqBx5r02_3Z3bUW0Yiy0qgsm5vTdhDsrZ1BM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-310-darwin.so" + } + }, + { + "key": "QJWdh4M4kwNNACGUSRJYWhB0jN9_B-SFu4WlHi9_O-Lk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-310-darwin.so" + } + }, + { + "key": "QjPzkizDl0EO3XRwGztO5nTFY-ZTSmPq1r0rEd5wmbRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-310-darwin.so" + } + }, + { + "key": "QjMvjFnZEf5B6OHZWDnapsiYgoqetd4qnRy-oWFD-jv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-310-darwin.so" + } + }, + { + "key": "QJmfYIMvyzCk2cohdj-9cmqm3NC-7aPK-ZIVQ6QBYEZY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QJEbTenW7HNhInvY4vtAPLcy8Hx65bkgIz5HvZBT6xkQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-310-darwin.so" + } + }, + { + "key": "QJayEFlPC-5-K7NxZp-137RUhUF93OgVyoK9RCBiObL8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-310-darwin.so" + } + }, + { + "key": "Qj5vB1_uWLnR9tDWC3ekZcg7Dzx9rUEvLgBJw2FNjGQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-310-darwin.so" + } + }, + { + "key": "Qj0QUMWJjkjOZ3s-UEy94kBz0s8OqqBWZ3lSEhahW8f4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-310-darwin.so" + } + }, + { + "key": "QIzJL6jLDvLHDLZeeb6xatH3PMeXer0jRe-DtUj4xbIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-310-darwin.so" + } + }, + { + "key": "QiRjrBbEQ_O15ZpB3kBuUbwe7kIPyDUXuMiID0_mZ2As", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-310-darwin.so" + } + }, + { + "key": "QIPLz8X8aaUq8aDYr0xL0aWHCEdcLPJnldENpjJ2cC-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-310-darwin.so" + } + }, + { + "key": "QiOI49yJDWT1m8o-2og8bx5wj2UVRkBXul2tZSfejd_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-310-darwin.so" + } + }, + { + "key": "QILVUzTE6xYf1nKhMVJfXScQC005LX_LDkH9RbnBOTJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-310-darwin.so" + } + }, + { + "key": "QIlLA1RMXumXwbWY496Lc5rJ-xr10AG4MdIlVQDtZIdI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-310-darwin.so" + } + }, + { + "key": "QIjE7xkUcaiv3AXRE1ikT54tR3p-ggbqRGmxGIONvyVo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-310-darwin.so" + } + }, + { + "key": "QIi06sjFXIIYAf3HmzXRqkMFydveZ73diNTJ8ayD9tug", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-310-darwin.so" + } + }, + { + "key": "QIDNzbaEJ9HUHZe5kS4oSOAKomfOsPoqnDUowENfPQLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-310-darwin.so" + } + }, + { + "key": "QI5Gz1Bp9GEbbeyWH-IM75h-kNsCW8RRcjCBSwimgd9o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-310-darwin.so" + } + }, + { + "key": "QI-DoH39QYhsJJ33KNbAAdKEoLitR9vmRFTlaZrhazfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-310-darwin.so" + } + }, + { + "key": "QhYm0r6NmSncenvre9i4u_qbR_j4AM5FrcAgDvUG8bsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-310-darwin.so" + } + }, + { + "key": "QhXXyzQ8_Q1P7hRcfWJNqGK37s1Bd9rESE8HhY1DszWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-310-darwin.so" + } + }, + { + "key": "QHw2UTY8npUk8H8V-TAhIReDI7dpfa8vZH17Bldi6GuQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-310-darwin.so" + } + }, + { + "key": "QHuFlrkjcyIsSIZIgfhq2boD_JV0NmkaZ_MWpPVpZCxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-310-darwin.so" + } + }, + { + "key": "QhoGlWJc8SlgNe7DEVvTJ_KXy-gnlFEbkhpZUqAeJo2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-310-darwin.so" + } + }, + { + "key": "QHmT8dhBXh-cRgtGu2EgSWmUTbakATh22StAYLC7yloQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-310-darwin.so" + } + }, + { + "key": "Qhm_t3E3HEuY5YlEIyb3rm9p6j2qly6Kgxp7gpo9F7_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-310-darwin.so" + } + }, + { + "key": "QHfjhQlc1R_CWMyWUXeO8tJFIsX39t3PikF9YWhsS0n8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-310-darwin.so" + } + }, + { + "key": "QhCAmBP-KJUdY1-oMV7jrdfWelpDjWHOPvf_pp-Z8oMQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-310-darwin.so" + } + }, + { + "key": "Qh_JOruQeOO7N3KrOGsQs8C87y79MyiNpR-r508pK1hQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-310-darwin.so" + } + }, + { + "key": "QgzDPHuNAObY9F6nnm1qQhsff_LT0RquRxwbENzH4Ppk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-310-darwin.so" + } + }, + { + "key": "QgQ9HUDJDMNoCOHeWzBDDKBQSuhUWRyGwaVZQTEpNGvo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-310-darwin.so" + } + }, + { + "key": "QGlkIByKpydpEp4_o7D66iUGjTs6PP1XSgxCb1tYAooc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-310-darwin.so" + } + }, + { + "key": "QGg7CjjvnK8PKM82dF6aOHuzY5_-F800f4Xfv7IRf0qA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-310-darwin.so" + } + }, + { + "key": "QGesgzxNPpq_amVEgP0nz9Pe_K5LjzYsdBLHEBBItClQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-310-darwin.so" + } + }, + { + "key": "QGBq1mmI3-2SGjxereB71Irjywj5HmYSGGt0m0haGEe4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-310-darwin.so" + } + }, + { + "key": "QgaPOl8x3gQXxjcSzIKbWOmeBRKE8zbyZWPqphPblGwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-310-darwin.so" + } + }, + { + "key": "QG4hERga4kCjzEYLJns9pvetN6KizThogxtDwhyo8bns", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-310-darwin.so" + } + }, + { + "key": "QFX1gniFNmbAZ18Cwte7qgbg99wnKcZq0bL2-dgt6afU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-310-darwin.so" + } + }, + { + "key": "QFui4U1gPKkDIg_WJQirKCIDuH9-UjuwJjCcEku_kJxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-310-darwin.so" + } + }, + { + "key": "QfrioeY3Dw48OVo4sOJkY7E3pdRchNipUmQiXmcRF-Ls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QFGNWI0d9W99UejehTfUgG45JVylHfEVm39FdVIAmH3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-310-darwin.so" + } + }, + { + "key": "QFFWmH1ACpT_i4aI438NmAE36ZkvW53xy9Y5GyJOPJlE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-310-darwin.so" + } + }, + { + "key": "QfE8Tyb3ydjzd-0NiXpQCifF2XtAvHrywXQLfeqWuKSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-310-darwin.so" + } + }, + { + "key": "QFdS7OS8hW_Q8pbO-N47gtXL-XZ8ykATTlLSj73i0G78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-310-darwin.so" + } + }, + { + "key": "QF9u4KvfQmBx1deUh0aahUAeZGdIoM6vO8ykvw7zpTxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-310-darwin.so" + } + }, + { + "key": "QF6ZlabuLBn0koc_Rgv8KwRcnWbw6xs4c3tsVJjIYdd8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-310-darwin.so" + } + }, + { + "key": "Qf3uKWoXi7oS2jfBqyEMGrJYZz_zE4VHJItgRGze1Bxg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-310-darwin.so" + } + }, + { + "key": "QEXz9oqm9xk_Hnrt2XnnPcouOD1i2GsDAUfT5rAZKM3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-310-darwin.so" + } + }, + { + "key": "QExiwAfeXJTuN6MQ4J7noYKiV5TSuiw9hJf7yvva70FQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-310-darwin.so" + } + }, + { + "key": "QeSf6DP-syysYgoSgyYDlL8c8r5A-ajgFn0Yhlrh2dto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-310-darwin.so" + } + }, + { + "key": "QerJE-6I-TEVV7ckTvugir0lIfDaVT1AlKhq2EV9mbk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-310-darwin.so" + } + }, + { + "key": "QeOsVgU9AEUs4CopES0VhitRK_WZ00FxoZv8T4qK8jdg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-310-darwin.so" + } + }, + { + "key": "QEJDz-elTmf6lKV6aw-d38bqZqrRrAlmGEuKmoJSR-KE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-310-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "id": "15904524864", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 42225308, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q_MVmIP1n292E6f3uji9xPSG-WsIXUCvrSlUObMQP8x4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_enefJTPri6bgbva55C4wfTc8jpzJMhtlp4GYYV8L9A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_hUSOyaOtBASWbVH0klk2jgTW5_6jmO7jUuuWZNRP64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_O1nAlHpPJKz7OTopFRhZxJVtrR_ZXxyDPyRghY9QsU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_YUZorC1Dx6-U9Qkm-_JyFCsx_gk-TzsToauAEpzBjY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-g6rZzrbXf4-XNmwCqPCONIep5FeWneMsJ9LjPcvbHs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-JM-fxcgf-AO2DpcJrD3d__rjhphhUMgbiA9EPlEQ-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q02sAGOIMwxXvOrRynJWmlsRJqL0VRM38yWptcb4pVbk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0Ma7B-QF4iPpcQV0zDctysbL1jz6gsN6kF338nKwHrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0uxa0WGP91eX99YJ4atc_7IzMFdX2Al2QlzT7e2D4uo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q14atX1Avcch-KjFfp6LCKkiVp_5jjcLJc_eCwmRCR_4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q17JomWAXM57jvMeQF2EvpOrqL4KnHyzHvGfXNmcs3zg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1k_d6DHvtpyqhM7JqhZIL95Cf_WTaBk35Zsl42GE-R8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1yRgQN1xz87mESeLv6BP3PtwQ2xG1b10-jWX5Kkck4Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1YRjj1lrODbTWd1zSyA3oSm-4DZ_ylLE4uleNUY_bdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2_3VwEF0UcDRlj91aERGF4giD9sEzEso4-IqT18piBw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2A9wUiACourxmdI3buzz4n7VnfUypGRYv4ekhTIBIEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2B9OIxh1uJlOMjHeUJ4FGbGt2ohjsDl8lLnLYYbx0YY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3FIZo5nrqCiKuOkDmBL53HxgMy7IIeHyOksR084dHBE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3vM2i3NScr2_bqdw6lgbHVKCESRhFEZeW9Vuo4Mpvi4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4-5iiGFtefQqyOXPVUeQAOyYmY66-r4QVe6-eBPgiH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4qAw8VGx-9jkJG0qN9AOJEO2ouY5ZilQ7uTdFmIUUVY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4rLdohvpR99zzDj8WfTBnUxqqeZCoMsVyupBdd3BOdg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4XzG6tFIGKy3bdgT-n3-jn2M9U1MkVuQggtOAASpKhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q59RWbvQgUJIQSTAD63rhSnvEMxQHvQaw9AJVyFxcy5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5pq129x0YlSMcu5x2U3RmBuZ-oNKhLddh982MPyLruk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q65ICPOxzQ5SgTV-vWKV4HP-wl7OQIKZbUlnl7-2S518", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6846Rk-l6lS-rf1uayHfJ-XTmC99CYWgOijGM5v4Awo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6SJDJavhRXseNh463s2-B3nNYvg_kMWm0lGEiH3WsoA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6xIFaa0TqnQb0VyHs3SI3x472mJOuDL-MuMk9_uYa00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7AFLFRW2PROEMOc8OSeXcCyJkF9uUddhirOkKWVb3_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7hanohcKJzLs0Y7ATOopVPJJ-QsuI9UG6oZU3casTyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7N1lYicRlpJne2JZ2gEjabMZwxjkqfhqG53AWctXYWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7SZMsrbhIQzpW6wdcW7QuGqe61DOP7TY8anRV15URSs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8VtwH7OqVlfGhN7YAW90D6PfQ_I_VDJ-5zf5DGpqC7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q95hYPIlZl4ihoed2Vof9QqAcTt5SQwhyUKB3elUCyQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9qu2OJnBywESnH3PMzTxOtnKPjrWbJ7akvPhYs04q9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9XLfWYx8cy0oFJxeb4Djhr5sXZTspk7fvI6riMFlHdQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QA6tGTUaPM8A2Ax-whK5kSFohQ-MQ2nzxOz17Hw2Egcw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QAauxv-T_EXO8tNdM6KQnh70RXNzvFnkK9flvljhYp-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QacAfirJNUJFwS5StsWImiH4rk4hSVwnhWcnkSUUYSpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QaITtBTefKL2UblCQRSlqbZfXztfyC6Luq2C2d64mqG8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QatpRmvGC7cJ0_mKAxuEozb1wKurixNvvtPUjrATgCtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QaU9FMgvT2Y56iV42kHRbYTXca09uSJ8xTuAMRnHWs1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBFUHkBhF_bR4D0Aay_PR4juX96LkxCctxg9Th2mC_No", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBjfgrYF7j6NMp4oqAi5m3UDk_2lr5uHG4_C-Q0zPAfY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbkGhVK-IGtPhMWw7SQiblEAilJw5p8lTXoPhh-6nO6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbm0KlPzZUwfF-d8XBA4WOpNK8mHCWtkubUYoqDMbGIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBMI05QwpdAdnMNMpgt3HDF6pCum47eiGDpbsg0eRNjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbOfDrrz4ce7WPg88-OwNsQL9ieJSDsjsmW0RDa7SV5k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbQJBkhrhcGzgUMP8DZ39fbmBxCaTvT4zM29ELCo2m1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbRO7rvCUOnkpZHdbjtPIyrxXkzInTQcBvJ9p1SLPvjc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBtC3FfuY7UH6QublmKcKS5pVek5-3FDxcLxz9D-OJIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBtIa135Qm7Ec7njko4mhPZx53wHeeXL6Flgo1IZI_zA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qc3CSqmWkMV7w_57CI7g1KYwexelSbdJsqYDkuk7ApCk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QcCRyZ_Pap4SvReLEF6n1HFw4SUMTlkmvOj2Q1u-U_nI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCFwauVUWj9NY-f7bZB_R4hsenhx54DwOjNEmU07MyZY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcg-rfoMECp7x8AMCrRdAXbKwnMfogpK818npCSXXMDA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QcgDezTGoxc8L3D10dirg5qTqi8KlO-IJuWAU9hZHF7c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QcZYq1A0qzkCTcGZ46Yn8MuAbB2vZIoqQPqsWBFaEuGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QD7lWRYPJMFo_Lw6FFkuhpBM54GAahdOJwhXSYwSY8nY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdBw_bxyOz_dacY3zeB7NxtghyUzrEuxcN_PsDlJqIrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdbwJg7AX2GE85UF0QEsECse2Wy4RrRCFpHoSRC22Kgc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDE6vYt73dtjCZCSERDjnpHnggZvi7xneI9-dR9u4thI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDHLxSlUyZsXdcP__rFwDr9fBp43os28EPEfQVP1Mfcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdNracI8EpwZ-Qx3yhLo5nni4O6_YZUyyLS79BS1BcBw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDPZ0GX5vIZ2VhctZA_zentuud4fw9XEFIUDQR2iTMr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QEHK5TdUgUrEGxCOhW-Kk6aaE_RX4i1XdJvfMw7PBJmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QEkcUz0D3FicAECp0XgodoLaQHo4aCHB7D0Hjm9Y7wms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QeNhG6KaufvBzi3TDbxTRTI5EwTYVfrJgmAvNr-7fvv4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qet6stoEK6rNn3uY8t_9dslWAfQ2erLMa-LKc2LcYFio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QeVTXED_ZqyIdrEBgyD3uX1v4-x5N6kppzl_N_30oA2k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qf28KPNxQrF5uLtj72ZBaBnBA8JxpcdOj-IR0HnxzYOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qf2sveXTZftrsEy6fb41BTBntheBUB_-SRTRPeBFx6kk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QfhiYvGmRgUKuS2r_TJ9Pv7l5HaU1maj3z39MXSTGyNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QFm5S5kF3borHwp6ZgxeJX9DwNF8ZmwhR4DgCJDPScMA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QfRgVjAA2J-BdSzHt7thqNVC38p5qUNzHcBVwBF2sZB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QFsDzLbMWqoCuKTnroDMKds1nUOkQDAoEdnTlGVmuG78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QFTzy6r5G-VHgWEzWzxZKPrSD4MYLa8d7FtnHTA-QxrA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QfXg6f39EANzWnAZR7LkSlc_A4Tl6vzJiDlGOmXGqrfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qg7KijW7f7RIEihe-DxqRUNtprBlC8JyEZE7ntuhPOUs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgaU6lNLCnhl7JUlKHbJ3MArm2dYE3cwSHKwIVnIcKW8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGb-Vcs_vp6LfxCHKminkjt9xwFhp363hIssx0rCa8a0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGkgP0mgg6lhr_tbjcEqKGp-6D1FnGLN0gn_joBlwdkY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGpyUzrbM5VpXQzpcWO_FSQZPi50gAQF-DNfOPoOpPWM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgrlsERPDOa3oMbItVQ5NO_y6hmAofVThdIp_wpp7I5g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGzUocz1m0i8e2OA1ulWLpWK1kLFl0Y0ye794DyWDk54", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QHFV5eT0iM2FeLs7wCzSuhirAwTWB64P7A1iyPdTnHbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QhIHIUPqsJThaZ7oXmduV_1_MlKKfxQguHBjFRRi4Xlk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QhNBtz1AfprV7FZa9HNVY9wILbaXA40oS9pQGenW0fg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QHO9zDjcB8b7xsw91v-7HL2_W0LJwtD2vdNZSOQR6SJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QI1DwT1k4p-tyFbTGCa8eNptX2IvvBAvr3TL61e4wm9k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QIGFSxlB73uSM3Rfl-590neJ5LO1Y9VkgjKaHWodhUrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QIKkiKAtdUJkKo7NyDcAybwD9Rx5iFjyYb4CvRTovlX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QimubJCvTdLciRieXgcntyt6Qc-DVSITGmLhkb2rvn9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QINO7m0MWbk7tMCatXmrEXr6cbxSZbls2MnkwWO9CZL8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiO3sgPMsLKKS1IdxMkH-poCtQN8eX_gIgpeu1zvaogA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiRs9GQCUsnXkePGck2sU7e2_fJ4lO64lK1S0jC48Ge4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiU2OWZ6HibqDbStH_am2gyJ0mM_XuxOabpeQjTnSCsw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiwD9GHQzjrbv4U0G_9KDmfhX8f4bE0Z_D_trNXG18PU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiZHIHx1qBfJGikaQDjqhn1fFOKgoFeANX8Dqw95mX64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj5i2XjaUZFKh1g-7tRtHOIEumt6m_T1UDbFf19QgyAg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjcMvdBFYMwgGWHBK_FXd-bKf-3_yOqpXlcjuyeGBcWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QJfL5xgQtfpO2Wm-dqD25kLGuRQE0Q7xwsbmlsWJM4cE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjNySsY8p08nbkooGd-eUlf9Vy4b4ivWw4noBfccmDtw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjqMdC_7Gji6Cj5SQ06YG2X-F0yWiFiQvWfceXcgn72M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk1Uo4p5GFM6fCIdb1SUIo_kbw5qAamHtkZm8TgbbL30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QK9nbqq9HkNa1tFN-OARLpRbsu7xLQ5FGt5iThujURMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QkalOha_PCafYIrPy3frRREgDhP9aY9FJ5JUzT3FdY9A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QkkdvnwE-JIWtldt8iaMJnQO9Fz9Tkts8c4EiXDDe0qQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QKwt2r51RfI7G6dhcCmPoqLGFXUsH55bz-CvurF9XwC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QLosAc148wvejFNqxWhgvlll7ddk2H4qGdcowpydvpfU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlSxMuMeHcBPS4ZVNXCf2g4NqWe8HNJZ-2h75aJZh7Ks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QLZWSjod3GiUZQjY2BP30bmgfxaNP4Q-llzCKmygHqEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QM-jprhVR4xkrXuWSFHuGQaMmFmK2qe7tM8NmPo3ii3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QM0TDejA4_VcCGLHf2mqTIqzuUCPFHLGA4UXAMDo7wQs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QMexJ8Mr4FpcDFD3psXKT8AIP-bIKITYOJmWOh_3Mccg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QmH0Y6s-e2mRyPR7tgDrOp3UQlQVMyjK5_DTScSoJdBo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QmHtB5sYjjaBc6mzo_ylZfPP9P_l5YnarOAy2l-00RCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn66m9rwA1U32K1ugx5RKIjCEEBJbWJHbEvuobC84q78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QNrQBwJI_SeKhxI4-PGk-Cj5GXTctBsOFZUzEcHzb67o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QnXm3Csm5ml4pgamCgYNZvajXdRNqYirMIciBH3rEIlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QO-3pKYZKHa79OgkY4nsZg0anKarbfEDlOevXl8nhOso", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QOdfTsI-H8uvAfGAwsC8cI9e2p5bGhl9GFrlfQlW4qHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QOmac0lDPO5kB8YI-eGMsY5EL_VH0MjiJ-HfvS-41VsA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QoMKLIjNOP3Wj53J3SIRtxuHT2M4hFkX_mfyGydwSdsc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QP2468z4_3y4JGjcn9DeZIZ7rmhDAtUl-Du8wPmVxXg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qp2Ml_gdSuV8Jl0uXWYQ-p20uPjZrtBXG0Y2Gqup8rjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qp909FNtyPqsOJdx7JwUWDY6Hl6fffGLVGUWF-N1en7M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPJ0MdIQy82wmB-idar2MiD8NHChdUdoJ7YpOqKs9ylE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QpmW8PiLMFOHiC6NGYe7NGA5GTUVzEFZNPWFeeHSx__U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPO0LLvLjkP3KRFwzhLqNkPCZbQyqlnPVvHSZ2EPNUTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPOuTCPuwvUVp0_QLHusuXCqvOmr1VzvUnOIretpu5Gk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QpWpqbzmC2eiJ7zIreNzjlHpC3PauMR-pmg0St4IUXIQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPXnaMgFjpwoUKr1rJ0xarg4BRRLNSN7tDQnG06W4Fm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQaHQANQ0eW-Mje5fpdy2jlJkphvxpyAiJZjz7QiE9Ac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QqCNx3sr3Wi076cjsN0FBLhpFpuihxgX4HsQEQiONanI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QqE0Zm2U5Y36tVtyjDtVHiHex5waP45df_q9JbOpbZ1c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qqg04pJm3LAuyq5xaAMwq0rdb75e7jZ6WLwgeCa2F2K0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKdc3ZroiWCaEWGj7QoEsXJV5vx2wjLOwBXqA4LN63k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKQXO_Qcq3-gnfGHSA_uKBQizyiup7ooGxQaoB6DEEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKYssmAVYYcxYyVg18c0WFaBedj7LYwoH7TMCC2C7go", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QqlQa0aDkYsxnX0BSk0bg_I4jKfzKcQa7Cn2HdR0KOBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQrVKEC8fAryhuSnr9oXEz82bNKUcpRYaYmO_lnMvZ78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QrNhWm6qPUFT7Eo4DFanVpW96wBgLundjcwndGA3KKB8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrp54iFJNEuXz6NUdhixw5-PAZLwgcZikd2oBprnehTA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QrVilmFYM8XIIQvcd90e5ps651l1F1-SF9o2emZw0sOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QSdii8rzTafubf6ZzGWudrRaSSU8zsyfVlkXp6rLCGIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QsLVLVVWXr8bVePA0XclGKoO5qV1BmLKXfQm14m3eYEE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QSsBSHAfAIxRbx_c7qALX_N1q3oupaeEyaND4SZ_dpvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qt4ITa43BhLa6pM0MFRB2Ivijp-yL781zy7cbHyCcn9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QT4xpV7Ja4U2n8HwrDaK5XNsZuOVxUyHg__bXMqDUI40", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QT9pt7XAxmQFgSCN7uIma92nSFQgGvyQltYGqNOAODS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QtCEZMdojqo8z-WLWNXB3bwtGbFHe8pQ1UDjAFr6tgj0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTD5Ws-0GQFKSCIYI1jrgut0cMBNb9BriTmPJT5jXBcI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTepZm1t615gMGl7O0eMylIeGvV1pyCR596VChcXfvQg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTK_5ugpqfFZcgp0MPVuVxI3nXKPaPwmQ6ZcjvWIwK5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTnPM3jWGY8pLnsoYzvkrwN1gQNuWzIyp9eh0Sl6mImA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QtRa0gs7dcrJh4RsABSCZ7LZdo6pNhIZihmrw90trANE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu21C3Xmj9yLe5xyJww7icAHMFRSTUsw4A99c1D7p6Qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu8aRvK4SCMXAg36zttulchDhUm7GY9kP5E9Q7QxFMRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUEr4oK_99UXHtXuacyZAiwpVqsxCQzVe85Cn80riZIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QULQd_rEiIfWCaZGf113shEPIqHc8cfFMJxelb3qc9iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QuNcLwMbHmPDFf4S-meNz_XNvM4HtbzKmQKkKQuwgKpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QuopI3tjB1kGZ2zaFNq_AesPRMGXNPYKoZVF1CYEaFQo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUpf6ahFB15y5794uK1ole1ZCGCPYCPduVBAhIusd1ZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUxep1eoWlxXa35bUhIR4U7DWsT32ehuDRad2uE0-kks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUyQruY1WE16pBDY6b5YRVGiHFK3IingH10KgTMsPEE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QV5zs8YYqb5pbUGjOqYrVo3s3B2rpiqRWzMMg24juzmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QV8gNH1-WsbehQ9afgNTfX96CwUOLCpSTnRS0CFaNzco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvC3AWfCz7d1usji_82gQC5MhdzvZjWU3e5vY9x6YjIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvEEaA7MK21s_M7KtoGU-oTcZcU34m7tO-C2-KWtBIzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvU62SOWJS0A3Al0C3pqNi5Ok794mp5nPEkttkCMZ-sA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QVzmpNCA-HrlxrGvNRcTepk-EGrvmm5PRd2W7CnISGT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QW_OFwW22fXV5NX8LIIiYn-T-KkhVZlaTq3Hpsy6Ctv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qw2xroRtB68_6QOBO0U9aJrthwAq2cyOBSBcSNh8cbc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qw3hXGDzCnreLaIum3hdUNFWFJawqVJRi0KN5qd1dDcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QwbDqkj_E8rP65k1emNE5ZGDarF_Nyl3NxdQzu1WQG_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWey3IhfusdBbyqCHoJF1ZHqG1oUU_g3jQAw-1XUHKY8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QwHH6JvlTlzkX8Jd1qqUN0w3kf175VqXNi83skfLy7FA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWMBRWcWrELmRGUoOE1fFJ1ps5_5KC6Zao8kbVLdy_To", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QwPBUJgpa2DKAC7DjsrT-_KXvlnOTbHMBhShqN3iOjKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWv92HC_dyLuLpv55wCVw91T1olsPnoWwwYIJ9yoX6E0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWw7_xsBCGtr4RJyAxHGHhqx6-JfEDoaPIKeL_ZVwawk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QX62Qc4QVk794Oi6ozvVGKk5lBZWPnaCe2py4yFFEX8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QX8wXQmrx9csm7mhyrr3NXc9KkYC3kgEr90ziKAcfvKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxBjV9NgqFK1_blxz2r4DH4w8lxxK6vfeFveUJKhQOO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qxe8Xc8DXwekv2uGVaSY0imn1UK-FZ19fILbYhyaxqpk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxnBWmWg0G5bA_FBx49YkGJ-YI63KOE15Iw4-HognQ8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxO6yZUpr88g8eRlUFvlJar4LYo0Fx87P52BhaOXohs0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxteSGFe7yUxIyr7jeIihSMNiDCKHbe_RVHhTcMwkB04", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxvGOfbeB_kabDIKjE7_aJ-J82zX8-t2IbGSNy-buKio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QXwcjjbPBYXoUi-xtaqR7v9xBk0t-pek19SRG11wq9ow", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qy4iAS9DKSmhRf8KeOBdDesPMIrGBsJ2Y8b504U08r-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QymUX6N0SJ7TLRfM7F5jgf8hyZBORlGT8Tx_Qrkpd6oA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QysZNQcIS3KacznOqZGG9_PYKS0JH4SKfv13oKuauiHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QYxqigfGi9AcojUO22udm-hPyQkMOa48wPaDbQo-t0ww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QyyYUOT_jy2wl8ivJxOSkdSgxFQGBhuUxDhkH8JrzilI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QyzgNKsSvWwi2XuUYMunRtC54sbJVoOK8D6M4-UxLeYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz5PLYx3puM1kQSZrVoJx8BUX4f7tZIVF66DNJw7dwtA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz6Jf-hGU1GAVliWa7ppItV8HC_ptE4jOcAKnV6FFaGU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz73-NIaeDXIESFETPSWUfZ-rcp9Ao-zY__U6rH7F64c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZAMXBID2ioUui_N5-CyBPao0mntAHACchvN7E73jvjA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZbrw1y8Kl-PGk3tR3IxzdtVsiYGDP6fL4bGgQlWkmE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzcs-vQsBodu6TinlE_6W8FxFqAvM3Lj3NJa7_NGfuJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZHASC3iWN2DYvnuWLshCK5AgVMbwDMhRKDSOGhCXqMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZK6nz-LmE6HhADV60Bao3cD2MGhJI_FrK9oYcMnhkC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZpgW9cinZ6WdPCQUIE09CHrIMqRYhZHBPG6wSkCtmt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcjzpfVaeMyjvFSjCwcLJ-qX-p11ZDwZdXX9lLFsJkYc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Q2wKXkqgtbY5mQdaHVOww2P_i5dN5QXRoxW5RAqJWae8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QcjzpfVaeMyjvFSjCwcLJ-qX-p11ZDwZdXX9lLFsJkYc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2wKXkqgtbY5mQdaHVOww2P_i5dN5QXRoxW5RAqJWae8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QcjzpfVaeMyjvFSjCwcLJ-qX-p11ZDwZdXX9lLFsJkYc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QcjzpfVaeMyjvFSjCwcLJ-qX-p11ZDwZdXX9lLFsJkYc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Q2wKXkqgtbY5mQdaHVOww2P_i5dN5QXRoxW5RAqJWae8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcjzpfVaeMyjvFSjCwcLJ-qX-p11ZDwZdXX9lLFsJkYc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q5Di7_FDQcPvseTkNDuh-QsENi_Tg7FIe6LEt9pmcUGU", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QcjzpfVaeMyjvFSjCwcLJ-qX-p11ZDwZdXX9lLFsJkYc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjNGv-t3WHoP2tzR1I1t0i84EWw70fU-49ejpwvlXF04", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqFK1T6PIEHWaLLCJPvNu3dIf6fxGz1JBve17hafr6Lg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp310-cp310-musllinux-1-1-x86-64-whl", + "id": "15904524865", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45502645, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q02sAGOIMwxXvOrRynJWmlsRJqL0VRM38yWptcb4pVbk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0Ma7B-QF4iPpcQV0zDctysbL1jz6gsN6kF338nKwHrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0uxa0WGP91eX99YJ4atc_7IzMFdX2Al2QlzT7e2D4uo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q14atX1Avcch-KjFfp6LCKkiVp_5jjcLJc_eCwmRCR_4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q17JomWAXM57jvMeQF2EvpOrqL4KnHyzHvGfXNmcs3zg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1k_d6DHvtpyqhM7JqhZIL95Cf_WTaBk35Zsl42GE-R8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1yRgQN1xz87mESeLv6BP3PtwQ2xG1b10-jWX5Kkck4Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1YRjj1lrODbTWd1zSyA3oSm-4DZ_ylLE4uleNUY_bdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2_3VwEF0UcDRlj91aERGF4giD9sEzEso4-IqT18piBw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2A9wUiACourxmdI3buzz4n7VnfUypGRYv4ekhTIBIEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2B9OIxh1uJlOMjHeUJ4FGbGt2ohjsDl8lLnLYYbx0YY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3FIZo5nrqCiKuOkDmBL53HxgMy7IIeHyOksR084dHBE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3vM2i3NScr2_bqdw6lgbHVKCESRhFEZeW9Vuo4Mpvi4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4-5iiGFtefQqyOXPVUeQAOyYmY66-r4QVe6-eBPgiH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4qAw8VGx-9jkJG0qN9AOJEO2ouY5ZilQ7uTdFmIUUVY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4rLdohvpR99zzDj8WfTBnUxqqeZCoMsVyupBdd3BOdg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4XzG6tFIGKy3bdgT-n3-jn2M9U1MkVuQggtOAASpKhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q59RWbvQgUJIQSTAD63rhSnvEMxQHvQaw9AJVyFxcy5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5pq129x0YlSMcu5x2U3RmBuZ-oNKhLddh982MPyLruk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q65ICPOxzQ5SgTV-vWKV4HP-wl7OQIKZbUlnl7-2S518", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6846Rk-l6lS-rf1uayHfJ-XTmC99CYWgOijGM5v4Awo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6SJDJavhRXseNh463s2-B3nNYvg_kMWm0lGEiH3WsoA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6xIFaa0TqnQb0VyHs3SI3x472mJOuDL-MuMk9_uYa00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7AFLFRW2PROEMOc8OSeXcCyJkF9uUddhirOkKWVb3_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7hanohcKJzLs0Y7ATOopVPJJ-QsuI9UG6oZU3casTyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7N1lYicRlpJne2JZ2gEjabMZwxjkqfhqG53AWctXYWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7SZMsrbhIQzpW6wdcW7QuGqe61DOP7TY8anRV15URSs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8VtwH7OqVlfGhN7YAW90D6PfQ_I_VDJ-5zf5DGpqC7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q95hYPIlZl4ihoed2Vof9QqAcTt5SQwhyUKB3elUCyQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9qu2OJnBywESnH3PMzTxOtnKPjrWbJ7akvPhYs04q9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9XLfWYx8cy0oFJxeb4Djhr5sXZTspk7fvI6riMFlHdQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QA6tGTUaPM8A2Ax-whK5kSFohQ-MQ2nzxOz17Hw2Egcw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QAauxv-T_EXO8tNdM6KQnh70RXNzvFnkK9flvljhYp-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QacAfirJNUJFwS5StsWImiH4rk4hSVwnhWcnkSUUYSpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QaITtBTefKL2UblCQRSlqbZfXztfyC6Luq2C2d64mqG8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QatpRmvGC7cJ0_mKAxuEozb1wKurixNvvtPUjrATgCtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QaU9FMgvT2Y56iV42kHRbYTXca09uSJ8xTuAMRnHWs1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBFUHkBhF_bR4D0Aay_PR4juX96LkxCctxg9Th2mC_No", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBjfgrYF7j6NMp4oqAi5m3UDk_2lr5uHG4_C-Q0zPAfY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbkGhVK-IGtPhMWw7SQiblEAilJw5p8lTXoPhh-6nO6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbm0KlPzZUwfF-d8XBA4WOpNK8mHCWtkubUYoqDMbGIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBMI05QwpdAdnMNMpgt3HDF6pCum47eiGDpbsg0eRNjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbOfDrrz4ce7WPg88-OwNsQL9ieJSDsjsmW0RDa7SV5k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbQJBkhrhcGzgUMP8DZ39fbmBxCaTvT4zM29ELCo2m1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QbRO7rvCUOnkpZHdbjtPIyrxXkzInTQcBvJ9p1SLPvjc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBtC3FfuY7UH6QublmKcKS5pVek5-3FDxcLxz9D-OJIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QBtIa135Qm7Ec7njko4mhPZx53wHeeXL6Flgo1IZI_zA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qc3CSqmWkMV7w_57CI7g1KYwexelSbdJsqYDkuk7ApCk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QcCRyZ_Pap4SvReLEF6n1HFw4SUMTlkmvOj2Q1u-U_nI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QCFwauVUWj9NY-f7bZB_R4hsenhx54DwOjNEmU07MyZY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcg-rfoMECp7x8AMCrRdAXbKwnMfogpK818npCSXXMDA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QcgDezTGoxc8L3D10dirg5qTqi8KlO-IJuWAU9hZHF7c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QcZYq1A0qzkCTcGZ46Yn8MuAbB2vZIoqQPqsWBFaEuGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QD7lWRYPJMFo_Lw6FFkuhpBM54GAahdOJwhXSYwSY8nY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdBw_bxyOz_dacY3zeB7NxtghyUzrEuxcN_PsDlJqIrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdbwJg7AX2GE85UF0QEsECse2Wy4RrRCFpHoSRC22Kgc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDE6vYt73dtjCZCSERDjnpHnggZvi7xneI9-dR9u4thI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDHLxSlUyZsXdcP__rFwDr9fBp43os28EPEfQVP1Mfcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QdNracI8EpwZ-Qx3yhLo5nni4O6_YZUyyLS79BS1BcBw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QDPZ0GX5vIZ2VhctZA_zentuud4fw9XEFIUDQR2iTMr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QEHK5TdUgUrEGxCOhW-Kk6aaE_RX4i1XdJvfMw7PBJmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QEkcUz0D3FicAECp0XgodoLaQHo4aCHB7D0Hjm9Y7wms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QeNhG6KaufvBzi3TDbxTRTI5EwTYVfrJgmAvNr-7fvv4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qet6stoEK6rNn3uY8t_9dslWAfQ2erLMa-LKc2LcYFio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QeVTXED_ZqyIdrEBgyD3uX1v4-x5N6kppzl_N_30oA2k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qf28KPNxQrF5uLtj72ZBaBnBA8JxpcdOj-IR0HnxzYOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qf2sveXTZftrsEy6fb41BTBntheBUB_-SRTRPeBFx6kk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QfhiYvGmRgUKuS2r_TJ9Pv7l5HaU1maj3z39MXSTGyNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QFm5S5kF3borHwp6ZgxeJX9DwNF8ZmwhR4DgCJDPScMA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QfRgVjAA2J-BdSzHt7thqNVC38p5qUNzHcBVwBF2sZB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QFsDzLbMWqoCuKTnroDMKds1nUOkQDAoEdnTlGVmuG78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QFTzy6r5G-VHgWEzWzxZKPrSD4MYLa8d7FtnHTA-QxrA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QfXg6f39EANzWnAZR7LkSlc_A4Tl6vzJiDlGOmXGqrfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qg7KijW7f7RIEihe-DxqRUNtprBlC8JyEZE7ntuhPOUs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgaU6lNLCnhl7JUlKHbJ3MArm2dYE3cwSHKwIVnIcKW8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGb-Vcs_vp6LfxCHKminkjt9xwFhp363hIssx0rCa8a0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGkgP0mgg6lhr_tbjcEqKGp-6D1FnGLN0gn_joBlwdkY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGpyUzrbM5VpXQzpcWO_FSQZPi50gAQF-DNfOPoOpPWM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QgrlsERPDOa3oMbItVQ5NO_y6hmAofVThdIp_wpp7I5g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QGzUocz1m0i8e2OA1ulWLpWK1kLFl0Y0ye794DyWDk54", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QHFV5eT0iM2FeLs7wCzSuhirAwTWB64P7A1iyPdTnHbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QhIHIUPqsJThaZ7oXmduV_1_MlKKfxQguHBjFRRi4Xlk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QhNBtz1AfprV7FZa9HNVY9wILbaXA40oS9pQGenW0fg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QHO9zDjcB8b7xsw91v-7HL2_W0LJwtD2vdNZSOQR6SJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QI1DwT1k4p-tyFbTGCa8eNptX2IvvBAvr3TL61e4wm9k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QIGFSxlB73uSM3Rfl-590neJ5LO1Y9VkgjKaHWodhUrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QIKkiKAtdUJkKo7NyDcAybwD9Rx5iFjyYb4CvRTovlX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QimubJCvTdLciRieXgcntyt6Qc-DVSITGmLhkb2rvn9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QINO7m0MWbk7tMCatXmrEXr6cbxSZbls2MnkwWO9CZL8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiO3sgPMsLKKS1IdxMkH-poCtQN8eX_gIgpeu1zvaogA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiRs9GQCUsnXkePGck2sU7e2_fJ4lO64lK1S0jC48Ge4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiU2OWZ6HibqDbStH_am2gyJ0mM_XuxOabpeQjTnSCsw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiwD9GHQzjrbv4U0G_9KDmfhX8f4bE0Z_D_trNXG18PU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QiZHIHx1qBfJGikaQDjqhn1fFOKgoFeANX8Dqw95mX64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj5i2XjaUZFKh1g-7tRtHOIEumt6m_T1UDbFf19QgyAg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjcMvdBFYMwgGWHBK_FXd-bKf-3_yOqpXlcjuyeGBcWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QJfL5xgQtfpO2Wm-dqD25kLGuRQE0Q7xwsbmlsWJM4cE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjNySsY8p08nbkooGd-eUlf9Vy4b4ivWw4noBfccmDtw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QjqMdC_7Gji6Cj5SQ06YG2X-F0yWiFiQvWfceXcgn72M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk1Uo4p5GFM6fCIdb1SUIo_kbw5qAamHtkZm8TgbbL30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QK9nbqq9HkNa1tFN-OARLpRbsu7xLQ5FGt5iThujURMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QkalOha_PCafYIrPy3frRREgDhP9aY9FJ5JUzT3FdY9A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QkkdvnwE-JIWtldt8iaMJnQO9Fz9Tkts8c4EiXDDe0qQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QKwt2r51RfI7G6dhcCmPoqLGFXUsH55bz-CvurF9XwC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QLosAc148wvejFNqxWhgvlll7ddk2H4qGdcowpydvpfU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QlSxMuMeHcBPS4ZVNXCf2g4NqWe8HNJZ-2h75aJZh7Ks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QLZWSjod3GiUZQjY2BP30bmgfxaNP4Q-llzCKmygHqEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QM-jprhVR4xkrXuWSFHuGQaMmFmK2qe7tM8NmPo3ii3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QM0TDejA4_VcCGLHf2mqTIqzuUCPFHLGA4UXAMDo7wQs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QMexJ8Mr4FpcDFD3psXKT8AIP-bIKITYOJmWOh_3Mccg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QmH0Y6s-e2mRyPR7tgDrOp3UQlQVMyjK5_DTScSoJdBo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QmHtB5sYjjaBc6mzo_ylZfPP9P_l5YnarOAy2l-00RCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn66m9rwA1U32K1ugx5RKIjCEEBJbWJHbEvuobC84q78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QNrQBwJI_SeKhxI4-PGk-Cj5GXTctBsOFZUzEcHzb67o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QnXm3Csm5ml4pgamCgYNZvajXdRNqYirMIciBH3rEIlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QO-3pKYZKHa79OgkY4nsZg0anKarbfEDlOevXl8nhOso", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QOdfTsI-H8uvAfGAwsC8cI9e2p5bGhl9GFrlfQlW4qHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QOmac0lDPO5kB8YI-eGMsY5EL_VH0MjiJ-HfvS-41VsA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QoMKLIjNOP3Wj53J3SIRtxuHT2M4hFkX_mfyGydwSdsc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QP2468z4_3y4JGjcn9DeZIZ7rmhDAtUl-Du8wPmVxXg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qp2Ml_gdSuV8Jl0uXWYQ-p20uPjZrtBXG0Y2Gqup8rjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qp909FNtyPqsOJdx7JwUWDY6Hl6fffGLVGUWF-N1en7M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPJ0MdIQy82wmB-idar2MiD8NHChdUdoJ7YpOqKs9ylE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QpmW8PiLMFOHiC6NGYe7NGA5GTUVzEFZNPWFeeHSx__U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPO0LLvLjkP3KRFwzhLqNkPCZbQyqlnPVvHSZ2EPNUTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPOuTCPuwvUVp0_QLHusuXCqvOmr1VzvUnOIretpu5Gk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QpWpqbzmC2eiJ7zIreNzjlHpC3PauMR-pmg0St4IUXIQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QPXnaMgFjpwoUKr1rJ0xarg4BRRLNSN7tDQnG06W4Fm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQaHQANQ0eW-Mje5fpdy2jlJkphvxpyAiJZjz7QiE9Ac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QqCNx3sr3Wi076cjsN0FBLhpFpuihxgX4HsQEQiONanI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QqE0Zm2U5Y36tVtyjDtVHiHex5waP45df_q9JbOpbZ1c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qqg04pJm3LAuyq5xaAMwq0rdb75e7jZ6WLwgeCa2F2K0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKdc3ZroiWCaEWGj7QoEsXJV5vx2wjLOwBXqA4LN63k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKQXO_Qcq3-gnfGHSA_uKBQizyiup7ooGxQaoB6DEEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKYssmAVYYcxYyVg18c0WFaBedj7LYwoH7TMCC2C7go", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QqlQa0aDkYsxnX0BSk0bg_I4jKfzKcQa7Cn2HdR0KOBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QQrVKEC8fAryhuSnr9oXEz82bNKUcpRYaYmO_lnMvZ78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QrNhWm6qPUFT7Eo4DFanVpW96wBgLundjcwndGA3KKB8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrp54iFJNEuXz6NUdhixw5-PAZLwgcZikd2oBprnehTA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QrVilmFYM8XIIQvcd90e5ps651l1F1-SF9o2emZw0sOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QSdii8rzTafubf6ZzGWudrRaSSU8zsyfVlkXp6rLCGIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QsLVLVVWXr8bVePA0XclGKoO5qV1BmLKXfQm14m3eYEE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QSsBSHAfAIxRbx_c7qALX_N1q3oupaeEyaND4SZ_dpvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qt4ITa43BhLa6pM0MFRB2Ivijp-yL781zy7cbHyCcn9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QT4xpV7Ja4U2n8HwrDaK5XNsZuOVxUyHg__bXMqDUI40", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QT9pt7XAxmQFgSCN7uIma92nSFQgGvyQltYGqNOAODS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QtCEZMdojqo8z-WLWNXB3bwtGbFHe8pQ1UDjAFr6tgj0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTD5Ws-0GQFKSCIYI1jrgut0cMBNb9BriTmPJT5jXBcI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTepZm1t615gMGl7O0eMylIeGvV1pyCR596VChcXfvQg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTK_5ugpqfFZcgp0MPVuVxI3nXKPaPwmQ6ZcjvWIwK5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QTnPM3jWGY8pLnsoYzvkrwN1gQNuWzIyp9eh0Sl6mImA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QtRa0gs7dcrJh4RsABSCZ7LZdo6pNhIZihmrw90trANE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu21C3Xmj9yLe5xyJww7icAHMFRSTUsw4A99c1D7p6Qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu8aRvK4SCMXAg36zttulchDhUm7GY9kP5E9Q7QxFMRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUEr4oK_99UXHtXuacyZAiwpVqsxCQzVe85Cn80riZIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QULQd_rEiIfWCaZGf113shEPIqHc8cfFMJxelb3qc9iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QuNcLwMbHmPDFf4S-meNz_XNvM4HtbzKmQKkKQuwgKpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QuopI3tjB1kGZ2zaFNq_AesPRMGXNPYKoZVF1CYEaFQo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUpf6ahFB15y5794uK1ole1ZCGCPYCPduVBAhIusd1ZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUxep1eoWlxXa35bUhIR4U7DWsT32ehuDRad2uE0-kks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QUyQruY1WE16pBDY6b5YRVGiHFK3IingH10KgTMsPEE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QV5zs8YYqb5pbUGjOqYrVo3s3B2rpiqRWzMMg24juzmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QV8gNH1-WsbehQ9afgNTfX96CwUOLCpSTnRS0CFaNzco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvC3AWfCz7d1usji_82gQC5MhdzvZjWU3e5vY9x6YjIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvEEaA7MK21s_M7KtoGU-oTcZcU34m7tO-C2-KWtBIzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QvU62SOWJS0A3Al0C3pqNi5Ok794mp5nPEkttkCMZ-sA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QVzmpNCA-HrlxrGvNRcTepk-EGrvmm5PRd2W7CnISGT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QW_OFwW22fXV5NX8LIIiYn-T-KkhVZlaTq3Hpsy6Ctv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qw2xroRtB68_6QOBO0U9aJrthwAq2cyOBSBcSNh8cbc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qw3hXGDzCnreLaIum3hdUNFWFJawqVJRi0KN5qd1dDcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QwbDqkj_E8rP65k1emNE5ZGDarF_Nyl3NxdQzu1WQG_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWey3IhfusdBbyqCHoJF1ZHqG1oUU_g3jQAw-1XUHKY8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QwHH6JvlTlzkX8Jd1qqUN0w3kf175VqXNi83skfLy7FA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWMBRWcWrELmRGUoOE1fFJ1ps5_5KC6Zao8kbVLdy_To", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QwPBUJgpa2DKAC7DjsrT-_KXvlnOTbHMBhShqN3iOjKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWv92HC_dyLuLpv55wCVw91T1olsPnoWwwYIJ9yoX6E0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QWw7_xsBCGtr4RJyAxHGHhqx6-JfEDoaPIKeL_ZVwawk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QX62Qc4QVk794Oi6ozvVGKk5lBZWPnaCe2py4yFFEX8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QX8wXQmrx9csm7mhyrr3NXc9KkYC3kgEr90ziKAcfvKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxBjV9NgqFK1_blxz2r4DH4w8lxxK6vfeFveUJKhQOO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qxe8Xc8DXwekv2uGVaSY0imn1UK-FZ19fILbYhyaxqpk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxnBWmWg0G5bA_FBx49YkGJ-YI63KOE15Iw4-HognQ8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxO6yZUpr88g8eRlUFvlJar4LYo0Fx87P52BhaOXohs0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxteSGFe7yUxIyr7jeIihSMNiDCKHbe_RVHhTcMwkB04", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QxvGOfbeB_kabDIKjE7_aJ-J82zX8-t2IbGSNy-buKio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QXwcjjbPBYXoUi-xtaqR7v9xBk0t-pek19SRG11wq9ow", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qy4iAS9DKSmhRf8KeOBdDesPMIrGBsJ2Y8b504U08r-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QymUX6N0SJ7TLRfM7F5jgf8hyZBORlGT8Tx_Qrkpd6oA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QysZNQcIS3KacznOqZGG9_PYKS0JH4SKfv13oKuauiHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QYxqigfGi9AcojUO22udm-hPyQkMOa48wPaDbQo-t0ww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QyyYUOT_jy2wl8ivJxOSkdSgxFQGBhuUxDhkH8JrzilI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QyzgNKsSvWwi2XuUYMunRtC54sbJVoOK8D6M4-UxLeYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz5PLYx3puM1kQSZrVoJx8BUX4f7tZIVF66DNJw7dwtA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz6Jf-hGU1GAVliWa7ppItV8HC_ptE4jOcAKnV6FFaGU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz73-NIaeDXIESFETPSWUfZ-rcp9Ao-zY__U6rH7F64c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZAMXBID2ioUui_N5-CyBPao0mntAHACchvN7E73jvjA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZbrw1y8Kl-PGk3tR3IxzdtVsiYGDP6fL4bGgQlWkmE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzcs-vQsBodu6TinlE_6W8FxFqAvM3Lj3NJa7_NGfuJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZHASC3iWN2DYvnuWLshCK5AgVMbwDMhRKDSOGhCXqMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZK6nz-LmE6HhADV60Bao3cD2MGhJI_FrK9oYcMnhkC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZpgW9cinZ6WdPCQUIE09CHrIMqRYhZHBPG6wSkCtmt8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVnkrOOaCUGMye85zMQy3QCMJSmcVB5HNG7bQVwa9mcM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QFLOYJsQfwrjnBAogHmNNtbeLh9BqI5vZ9EmrSRYngCQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QVnkrOOaCUGMye85zMQy3QCMJSmcVB5HNG7bQVwa9mcM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFLOYJsQfwrjnBAogHmNNtbeLh9BqI5vZ9EmrSRYngCQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QVnkrOOaCUGMye85zMQy3QCMJSmcVB5HNG7bQVwa9mcM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Q_enefJTPri6bgbva55C4wfTc8jpzJMhtlp4GYYV8L9A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_hUSOyaOtBASWbVH0klk2jgTW5_6jmO7jUuuWZNRP64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_MVmIP1n292E6f3uji9xPSG-WsIXUCvrSlUObMQP8x4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_O1nAlHpPJKz7OTopFRhZxJVtrR_ZXxyDPyRghY9QsU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_YUZorC1Dx6-U9Qkm-_JyFCsx_gk-TzsToauAEpzBjY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-g6rZzrbXf4-XNmwCqPCONIep5FeWneMsJ9LjPcvbHs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-JM-fxcgf-AO2DpcJrD3d__rjhphhUMgbiA9EPlEQ-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QFLOYJsQfwrjnBAogHmNNtbeLh9BqI5vZ9EmrSRYngCQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QVnkrOOaCUGMye85zMQy3QCMJSmcVB5HNG7bQVwa9mcM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVnkrOOaCUGMye85zMQy3QCMJSmcVB5HNG7bQVwa9mcM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzHKI4fefWjwQS3OSJO0CSdEJbjKRAyzAIt9cEGDX6Mw", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZPe2IsMu9ZLaoMPPFqhfyXIhEbrauXCDF5qt2L2b85o", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVnkrOOaCUGMye85zMQy3QCMJSmcVB5HNG7bQVwa9mcM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpAjYFosyATVgwyvKQ4UCdW_jPC5jIa0YAOHdm7Pu5NU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp310-cp310-win-amd64-whl", + "id": "15904524866", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 28670510, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q60QyZQhQOP_1wTD2Vhli69xLeZWFEMU74jv2fjPb87I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cp310-win_amd64.pyd" + } + }, + { + "key": "Q6AofH5Z-y92kzBYf8uYqyPebmJEgvIkPT_Xl5UczEE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "Q6lYnQgv460Fhh_odrIA4rlWfMHlDLqaexbzOEYLkNj0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cp310-win_amd64.pyd" + } + }, + { + "key": "QMQtyvUAgGr_rGJ11dfdxLTujeKQHJcnlimV3iHg3NiU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cp310-win_amd64.pyd" + } + }, + { + "key": "Q_5VR3qRw_bJX3SJUVa69Gly8MapPyxIjJnZ53C6FZNM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cp310-win_amd64.pyd" + } + }, + { + "key": "Q_Abp9cne6PfgW1n9XkdL1V1Ph4HdZQmSDavIaMftXrg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cp310-win_amd64.pyd" + } + }, + { + "key": "Q_DmmGk8hf7hbh5AYyemWgBFQLOoTnjcHacEp3-2Oy3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cp310-win_amd64.pyd" + } + }, + { + "key": "Q_HidTp9cis5szb-lD7RVtCx-3Q4-3O107CrAGlHB570", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cp310-win_amd64.pyd" + } + }, + { + "key": "Q-7NW4wlHdzjL4Ca4oFswTByRSvZCLdd2VrNfa1b568M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cp310-win_amd64.pyd" + } + }, + { + "key": "Q-8QEyDdE1S96tHmOf7gv1f9JNZUp8-XB5IGlnLPkfGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "Q-qj8zIdeh18dlgyO6zNkZoaDyu56-7cQZLjZmD_hn44", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "Q-WD71mWo_EualsGFHD3iqhKXSK6Xg6VZv5kFkeFHE50", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cp310-win_amd64.pyd" + } + }, + { + "key": "Q1Dl1WdvfMKC6DebFempACMedAvoMGavwJ0rzQpWh6tU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cp310-win_amd64.pyd" + } + }, + { + "key": "Q1iG2VUgV7jO8Bzu8ndBWvlGofntiiu7GKnXIafYmRbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cp310-win_amd64.pyd" + } + }, + { + "key": "Q1JwWp2bgFL818W4GDBwrAkNq1vwXwtsFJ7RLJwITnfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cp310-win_amd64.pyd" + } + }, + { + "key": "Q2BJnT2pWSjBrI5kBIW1LmpOWhALc14JSsTfDAJVCw7M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "Q2eNkub0NycwzA_WEsZ4PW8Vi7-gx-HNfDz-r9XkCyZ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cp310-win_amd64.pyd" + } + }, + { + "key": "Q2l3RL3gAh6GvKRWOEP1uHvbBWy0k1PfYx1FXUNHDq2E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cp310-win_amd64.pyd" + } + }, + { + "key": "Q2PKlrDEOAV7Rsxi55CjOIEDNtpBccM-h7FyWanuN68E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cp310-win_amd64.pyd" + } + }, + { + "key": "Q3QhphzAuNal6lyABT6zjT00SnQqFU5Es2PzQ_BC9slI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cp310-win_amd64.pyd" + } + }, + { + "key": "Q3QoMf4pN-pI_dA3bivv58O2j-wPd9gRJBEiS5HYx16s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cp310-win_amd64.pyd" + } + }, + { + "key": "Q45mY4JfrE1-FhZHsrpP5FajZHenFxQfxvuZ29zIEVwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cp310-win_amd64.pyd" + } + }, + { + "key": "Q4sT30afk2a4gruskSnSosYOrg7Fp6s7M5p96tKmVRVY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cp310-win_amd64.pyd" + } + }, + { + "key": "Q52mqFjzEaUe3taynWdaVDyuwT92XrMDj1dthSZ9LXfY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cp310-win_amd64.pyd" + } + }, + { + "key": "Q59aFXhu41c0YLDH4Dwg4HFJi_Lx23I0le66mOZOBWac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QGpIhh64g9eMDch12_yYsgRgb0wgbJSPrY5OsO5p6W6c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cp310-win_amd64.pyd" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDIc87nQ87o8lfMBVoZIy_kqqBkGFmn7iE7WJkSKRo00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cp310-win_amd64.pyd" + } + }, + { + "key": "Qdi1CbR6_i6pTr4ZD8vXVvmpGQVpa8lW0feoJWY7Wc_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cp310-win_amd64.pyd" + } + }, + { + "key": "QdfVmOPcR5uqr2MuDwVml4kEi_3HXLYuxNbzGm-DJZRg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cp310-win_amd64.pyd" + } + }, + { + "key": "QDEiUcto2Nyf6aLm-NFoJxMKBwJeiy4dYIDycZLfjIiY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cp310-win_amd64.pyd" + } + }, + { + "key": "QD8DWq_oJ0k48QCEyRKjhv8BRu7hRrwRzjDRlL7_MTp4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cp310-win_amd64.pyd" + } + }, + { + "key": "Q6mq9FEblawpxkZ5H9QByxSbXq77y3d8SzrdwTiU5n7M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cp310-win_amd64.pyd" + } + }, + { + "key": "Qd7qTnb1zv7v774mY2GMNLApD8R9Gm4eGY8CnFd9Qpv8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cp310-win_amd64.pyd" + } + }, + { + "key": "QCvz3NVJNfSW4z6kyszpGhCvVkP5GcsEez1YAGJVXdEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cp310-win_amd64.pyd" + } + }, + { + "key": "QCvgruEeiUzws0SOH20gbsBNZS5dpBSmiptmTPq5pUuw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QCuSyAp1kanJoE9TR-dk06yKSpXL-E9ZgWOE8oHSqyl0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cp310-win_amd64.pyd" + } + }, + { + "key": "QcIb0DMvBF43N9xExPJJ2g0Ax011x_MYw9u-dV5Q4Sho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cp310-win_amd64.pyd" + } + }, + { + "key": "QCAUIordTbcFV7ru28EeJ48tduPbo-l0RFAzh2h1VkMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cp310-win_amd64.pyd" + } + }, + { + "key": "QC0Qqa4H0QHWmpL3FfzAX-BucBALs-B_D3quVaTNzRj4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cp310-win_amd64.pyd" + } + }, + { + "key": "QbuIT4nPKe26uo7vs2MRtviorMrDcTVI66zYUt2VlAAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cp310-win_amd64.pyd" + } + }, + { + "key": "Qbo1VhtecUeFVvipBrqfOXao5NeTzGz1L8R7voUJHEeI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cp310-win_amd64.pyd" + } + }, + { + "key": "Qbkvwsl2t-SkwaqNAUx8_TlV3UeAGAW0Ouibv3Rycm-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cp310-win_amd64.pyd" + } + }, + { + "key": "QbKKvlTiJ2tBpp1OC_Bp6l6XS-QLH0NwMqYJA-KUkDLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cp310-win_amd64.pyd" + } + }, + { + "key": "QB9W-SLRPKjBX-fU1njyKQLDCjbhWFevRTvFo4mDaxtQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cp310-win_amd64.pyd" + } + }, + { + "key": "QB6icJIBHO-UvapPrXqJOiHrimBIhNzmQyMoBv8rl32M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cp310-win_amd64.pyd" + } + }, + { + "key": "QAZeOcxUfC-R8khG_PHX2R1odJVHMETxHx0zDlD_ZKCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cp310-win_amd64.pyd" + } + }, + { + "key": "QAX5kiUiiwCYgNqQ1Aa0Hj1gtZhCKHoc5D3RNu4Epzw0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cp310-win_amd64.pyd" + } + }, + { + "key": "QaO6t6WcN7iqvekk9WRFnFkGcLX7pCFBCiZKwcK1or4Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cp310-win_amd64.pyd" + } + }, + { + "key": "QaKxEv6GjnSVQav1YrBtG4haSqJruWwp47UKD4t6Pqy0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cp310-win_amd64.pyd" + } + }, + { + "key": "QAgZpnaj5H8BehsdcaQ-tJ8hOb_lzD6x6l761iyuEBPc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cp310-win_amd64.pyd" + } + }, + { + "key": "QAGQNAOtFpyS1at_dxR-fZlouCHtn58FOxgHR8UuP1IA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cp310-win_amd64.pyd" + } + }, + { + "key": "QA0r88JFee3nfHDblRxS0WuEGik__uwZDrg9EybyzXpA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cp310-win_amd64.pyd" + } + }, + { + "key": "Q9AJU28-W-7l9Fn6kM8i6F3zdULdDxSomvj9ER24fTto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cp310-win_amd64.pyd" + } + }, + { + "key": "Q8znU5MKVzRqGGF_9UDuDZZSMOWIX78DZYBRhHTJ5Zqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cp310-win_amd64.pyd" + } + }, + { + "key": "Q8eBBhpPy7ROkJCtcms_mzjdJYZqBYUPCl7nJVwRSUM4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QGgE6994BvZ29OCDVaWNWeWMSq-8zgQ8hJ406rr5kNe8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cp310-win_amd64.pyd" + } + }, + { + "key": "Qg7rvPVtlRvsdYwUvlHYsVi3YT4inHvG5ZCJzSzfMwTs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cp310-win_amd64.pyd" + } + }, + { + "key": "QG4CmoVOCV-urZQvjOKRiWJqcqxpUC9IJly_qPmdatyA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cp310-win_amd64.pyd" + } + }, + { + "key": "QfW6GMrICaI8suStjppdU9x0H10aXfCU1Rv3UOSJiwEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cp310-win_amd64.pyd" + } + }, + { + "key": "QFFeNjlC06ApWMdneTFOwQ9Tic442Y2XKvBqyDQsqNpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cp310-win_amd64.pyd" + } + }, + { + "key": "QfDjWPA5hYLdaoK5gQm0bAFSRoBM3VmoreF7DCf6b8-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cp310-win_amd64.pyd" + } + }, + { + "key": "QeX35_wA6awJY40vvxkErBIE4kIsFRgp5PPwRPFCET_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cp310-win_amd64.pyd" + } + }, + { + "key": "QepC--wAi6c-SvWtK32Jgm0CZLzyc9BzDDnw-NQHCwOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cp310-win_amd64.pyd" + } + }, + { + "key": "QeHENOn3pBpjcWJ47s9f4VP3TTUeJ1zZLkQwVg80R3mM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cp310-win_amd64.pyd" + } + }, + { + "key": "QEc21_DHAX7D-gWkYgpLAMK9hwG7OGB7Ilb1yw2n7ooY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cp310-win_amd64.pyd" + } + }, + { + "key": "QEb4aXBTyG26xLUiLuN-iPruA-vOUI7gNIKacASIjXzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QE_Tv0sZEW0pq6xIuSTsJ26JP3gYHFDm4YbIXT9d76hc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cp310-win_amd64.pyd" + } + }, + { + "key": "QdT-Ik_zCBZ7xCocuqtnw_Tzdi0q21nEmRc8TcCI5y9o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cp310-win_amd64.pyd" + } + }, + { + "key": "Qdpo7KI8jDAPxMcMeK82sGzGZqVDBlIS8As0EetUlctE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cp310-win_amd64.pyd" + } + }, + { + "key": "QdphDOXT5-YPa9WkdlCoGlDQXLcbo1Elv6g8v-dJA6N4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cp310-win_amd64.pyd" + } + }, + { + "key": "QaQflAehI6uxcyujuel2LH-HszfJWXtbySRVwC6HpRKo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaQflAehI6uxcyujuel2LH-HszfJWXtbySRVwC6HpRKo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdOez2UXQAjQURYFLV84mn1q-scgroyG3TR04BRqoOgY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qah_QT9v2T75GKvw2ZFHzB3DMCOZ17CtuszL43QlA3zQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QaQflAehI6uxcyujuel2LH-HszfJWXtbySRVwC6HpRKo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfinegrained.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaQflAehI6uxcyujuel2LH-HszfJWXtbySRVwC6HpRKo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qah_QT9v2T75GKvw2ZFHzB3DMCOZ17CtuszL43QlA3zQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaQflAehI6uxcyujuel2LH-HszfJWXtbySRVwC6HpRKo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qah_QT9v2T75GKvw2ZFHzB3DMCOZ17CtuszL43QlA3zQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaQflAehI6uxcyujuel2LH-HszfJWXtbySRVwC6HpRKo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QN4Tf_6pkDS9edRFhvkK_CFc_3XoEy94MRrzO5L7gon8", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP_6PHhCHeNzMXv5iuHMMQAGCVPOgIIokvM3nUdh4SLk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2_0ww0nb1jiaudwcCQAf_Sd-Q-mmnx7es0xgbCgSXdY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZySnMMbURt-NeQIuyGrSCJJpPdnIlxtZGZrf6I1lnPU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cp310-win_amd64.pyd" + } + }, + { + "key": "QZUKUBT7vUFjgpKyJq0F1gJ8u9p51LGqwk55NlPnrGGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cp310-win_amd64.pyd" + } + }, + { + "key": "QzjDIWly0EmqC-jM3ev85fa_lvGP4VwThs4HHPzPvqFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "Qzj9nQPYnX6_OQkLp1vjEMQr1ZvM3kTL6eD6MOXkQf2Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cp310-win_amd64.pyd" + } + }, + { + "key": "QZG6TuSbTEa48BhhRUNg2Na7Wfa81n9LjoZB4zmcLdfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cp310-win_amd64.pyd" + } + }, + { + "key": "QZfpEQYcRNUHArA3RBAgtIZemJqkpHNYgSsCFXgICqkA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cp310-win_amd64.pyd" + } + }, + { + "key": "QZ6F6lZQtYWsHPUYhzA3-MxmnMj1m5zDWRBz0d0-ctRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cp310-win_amd64.pyd" + } + }, + { + "key": "QZ5TTZZM-1PtAM1iYvGxoTFNO_w4apfrGe10setZKAKY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cp310-win_amd64.pyd" + } + }, + { + "key": "QZ4VtrkRoxlywSOi3AGIG1YfZMxol_-8MsHtZZ8zfoTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cp310-win_amd64.pyd" + } + }, + { + "key": "Qz16EtncuRSu8tEjkRuoNIlThnDgQzsaM_YQscwA5U4w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QYv5Y_rTdL-1E-6tjes3couMvGQF2eTXzyh_vLSYoKvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cp310-win_amd64.pyd" + } + }, + { + "key": "QYqbnahp32NwoiGgSD5MmRXqzUrW_7cFDxPfxqFZmfYs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cp310-win_amd64.pyd" + } + }, + { + "key": "QyLdgp8nsHGovhM9v2Tg_ZqcAdpeC8OyCMcF1cl4S-9U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cp310-win_amd64.pyd" + } + }, + { + "key": "Qye83A1iQJPiEd92s5eDv852hkvwIC3cZZjjC9xdmhvk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cp310-win_amd64.pyd" + } + }, + { + "key": "Qy6smuy_jrmkqS2yR_2vF4J7vWGWj6LoLv4M1bUwceXk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cp310-win_amd64.pyd" + } + }, + { + "key": "QY3iAZF6Au4lVZHMH5Y1cBxHSl-QHJX81QeOFPqofhVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cp310-win_amd64.pyd" + } + }, + { + "key": "QxXxy-OwYar7gm4gSPeO1eX3n_aKL2T1ULZsELCA-FQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cp310-win_amd64.pyd" + } + }, + { + "key": "QXVlfNLbGHKTV3QzFL8Mq1XLi1-TzO7s0dra59tIkRlk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cp310-win_amd64.pyd" + } + }, + { + "key": "QXJ8MnjnyDP2j1REl0JKfRYYyAVObZXiEaYNpaIvL5Iw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cp310-win_amd64.pyd" + } + }, + { + "key": "QxII9rSTRmT91LBx75Y83x_mBCYMY5hKam0ArFLNmbCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cp310-win_amd64.pyd" + } + }, + { + "key": "QwoGc9mnyVZ9w2z8pYfPye3mVXcElaj_GsqX-KwOwupo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cp310-win_amd64.pyd" + } + }, + { + "key": "QWKQI8JD2oc9OfF1CN1PGZoxUDihv8BEVKkmVRM9AQgQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cp310-win_amd64.pyd" + } + }, + { + "key": "QW0I4mXK4MtkeWVYpo7y88u757p2Y28iUXI-9KJOC8w0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cp310-win_amd64.pyd" + } + }, + { + "key": "QVtYz4ISqkekza3lJ9Kt_RXuSQU9GnB6B9l4wMjVrkaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cp310-win_amd64.pyd" + } + }, + { + "key": "QvrfWdDNYZuCKeiH5UVh62v7Kcj78aCWDemifgb-MuVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cp310-win_amd64.pyd" + } + }, + { + "key": "Qvr9j5MufBqESTMPdD_sH07_pY1NkMGaBTwtznos3EQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cp310-win_amd64.pyd" + } + }, + { + "key": "QVoBmQpNqFi1S_Dcxfe7Sxg77ikWpRS9o44qFvPHUOsg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cp310-win_amd64.pyd" + } + }, + { + "key": "QvGKONyYntHT049V7ZJ1LyvFALSRlbRU1CFBNQmP06QQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cp310-win_amd64.pyd" + } + }, + { + "key": "QVaFFay94ScRxutRMWIrN3sErUpf2U_vgFLMXnVcNnjE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cp310-win_amd64.pyd" + } + }, + { + "key": "QUghavcASbIXRaOKF_gmuhcT4FWxhzPxc1-tz0Z0jyh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cp310-win_amd64.pyd" + } + }, + { + "key": "QUaY1WCMXcE9bGAH289ahLvz33rgpiJ5xm2r1zmlHdGo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cp310-win_amd64.pyd" + } + }, + { + "key": "Qu5uSzT8NObQnR7WuNlaNk617nKezoAALlgiiM6XwpJE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QtuE6CO4bthZ0YV2rSM2Q8B0GXmqoepFbQLlSLEhdeIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cp310-win_amd64.pyd" + } + }, + { + "key": "QTU66AtfPVLDI5FQ31oPMNXbt0oM9zJ-kufsx_Yib41U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cp310-win_amd64.pyd" + } + }, + { + "key": "QtT6lszD5TFsow3dKXwRGAjaGep4ASfna70peVxS6I_k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cp310-win_amd64.pyd" + } + }, + { + "key": "QTr9FegBlc6vK3CVWKqCEdFxiup-3yHK5eps30cBejr0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QtMnux7R7a0G8kOxdTTcPOrHfllpKdymg41wFPWAVplM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cp310-win_amd64.pyd" + } + }, + { + "key": "QTLAqrbNYt0JrkQ6E8Gh-VLEfT4Gs7W1BtBOG7CzWG8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cp310-win_amd64.pyd" + } + }, + { + "key": "QtE1oRFhGpmSgOwBTkILupaCgNwFZxxxGRmWuJhCIrVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cp310-win_amd64.pyd" + } + }, + { + "key": "QtCSgW5sB7H8SqBxBnj1TxqMtu4zfmlfveMp2nbvJ9J8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cp310-win_amd64.pyd" + } + }, + { + "key": "QT0cZjsLQTVkFA3QJoUHxkJE-RQ7M_KD0VFkUcyrluf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cp310-win_amd64.pyd" + } + }, + { + "key": "Qsy7NBjXEOkiXdDZMGA7GAkwwgJw97zxlX0pgVfIAqck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "Qso7mD3K-h1Jp-9yrQrWdU8s4HG_fdZoPmLrw4UhPfvo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cp310-win_amd64.pyd" + } + }, + { + "key": "QSLAKnbyjbtgVqXYEM4JxAE0cmIoE1rTt8kEvzfGaheM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cp310-win_amd64.pyd" + } + }, + { + "key": "QSk7Am3FtvBMRtOgB_kjepXLRRLNdxjukeeLNJt5PevE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cp310-win_amd64.pyd" + } + }, + { + "key": "QsjwOsrT8dBml7q0XPI79lEicpmVkmdJpaTwe-Un1jD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cp310-win_amd64.pyd" + } + }, + { + "key": "QSCem5LCEgkXyNXrfFbxyBAYl8Gp40joPgQSBweXf6Q0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cp310-win_amd64.pyd" + } + }, + { + "key": "Qs63RsQ-kfAj9w119B7jMTqlcNFI04EJS1hdQuckqLCg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cp310-win_amd64.pyd" + } + }, + { + "key": "QS5dVoADKrK8O49ApOL8EisW82qa0AZVuVYSTEMzNhA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cp310-win_amd64.pyd" + } + }, + { + "key": "QS3K2dOGubEGUS5ttCHz-E6z63tagCKaV9G5_pXS6hWw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cp310-win_amd64.pyd" + } + }, + { + "key": "Qs0-ELmk_SoCZglrnnlY8hB4cwRQlGxeVSELx2nP7Fy0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cp310-win_amd64.pyd" + } + }, + { + "key": "Qs_M6red5JQMOLjS8lYcn0NkFmJMcd6XdjiQ6jNB3Jt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cp310-win_amd64.pyd" + } + }, + { + "key": "QRU1A5CTOLXf7NDfgoPCz-HMHK1FZkMhi5guKhWGhe0U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QrtC79VA4GC-aqoaCGcDLqIby5a1oD277ffros1ImZ7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cp310-win_amd64.pyd" + } + }, + { + "key": "QrS-8YfgaB0swOZXOfUX_9yMPVQbkRZB-nSd6NtDIumE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cp310-win_amd64.pyd" + } + }, + { + "key": "QRGMbVoZFBGiso9zdYNhr9OAfsqkouIIG2EwngxGKNjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cp310-win_amd64.pyd" + } + }, + { + "key": "QR9qpL4Tn-80e1X0lAfXkd0VPKRiKfviPF7kO18lyGsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cp310-win_amd64.pyd" + } + }, + { + "key": "QQYRgNx5P87x3zFADv41ijFDfXlDlbzoYLK2rVhoqNRU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QQvwUwbMsF39K68A74y-qP7hXXxvac22BxykMBo3sOAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cp310-win_amd64.pyd" + } + }, + { + "key": "QQu_-2EdojeMpaArigPaBk5YUkKzAxmmqf5b8yqWfohE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QqtclBnO2aIV3ZxOoDxl5kxwGOO9MPa4trZ2UPgqdbK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cp310-win_amd64.pyd" + } + }, + { + "key": "QqQo2NYMH5Fj76tj4Q8hT4yf_4hpehIdYtHFzN7OOPKY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cp310-win_amd64.pyd" + } + }, + { + "key": "QqilHJWnbYU4LnkISiR7wppgLiVhqVakqhKuRNrML6yk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cp310-win_amd64.pyd" + } + }, + { + "key": "QqbMgpuoEqS0DDeWIyhh4bzlXyhNnE9NugxAYLGQI3WQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cp310-win_amd64.pyd" + } + }, + { + "key": "Qq5CMae_98-DRWc2qFdIdp1TPwl0Uzb_p0Woi2eSO1go", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cp310-win_amd64.pyd" + } + }, + { + "key": "QpSlV-BjcCems5OkjSpz0sMr0fzs5k62adcn1siGlJcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cp310-win_amd64.pyd" + } + }, + { + "key": "QpG7_yW4XgpICkuU-zsTP3kUfsPCYVGiAMJKj_oXSq-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QpfZ3f73-5IIpSXYVgw0hErAGgF_V9bTKdNlk6NbLDYc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QPfxLW4XI72oQI95kCRZpV6C5FayZcJfCePZpvNDUWNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cp310-win_amd64.pyd" + } + }, + { + "key": "Qp7HFMjsuhrF2eux3Yh0YSuz-j1u1xRj0c4VdD3NWY4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QP7fCAbsNhL9_uQoy36k1bc2TPIYlT-cuGNtugON5rWo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cp310-win_amd64.pyd" + } + }, + { + "key": "QOw-0ww3KbtDzB0DcKh8u7IXcYe_nLF31QRS7z9H8vUw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cp310-win_amd64.pyd" + } + }, + { + "key": "QOuugRbuTkwDaMU3_8rgsrjw5lGFpAFElSFcRcGs6cdo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cp310-win_amd64.pyd" + } + }, + { + "key": "QouEuCBZNom0xY1Ed2sdSL2DLbf_2p0FMwFybM93ECLM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cp310-win_amd64.pyd" + } + }, + { + "key": "QoOh4DIxdlqkrU2OBWRIdQ2EIfpHkEKGT8oi9uJfJ9TQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cp310-win_amd64.pyd" + } + }, + { + "key": "QohOEtpCn2KZzkzJnpoTUTccudX-t3xh0iyPWJ06VHcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cp310-win_amd64.pyd" + } + }, + { + "key": "QoGUrioHbPVOnnK6QhfbyCxW0idJDmkZ0Fycy4BFeiHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cp310-win_amd64.pyd" + } + }, + { + "key": "QOCKb2GE_eqFfkw53RufuXVzDvl1P2jKE7pbcn1vsBus", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cp310-win_amd64.pyd" + } + }, + { + "key": "Qo4RjDssx1LSstRtAWotPeTnbPN9r_MnVk6K8DwrPva8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cp310-win_amd64.pyd" + } + }, + { + "key": "QnVbnHOJG5QQIefgfgb9ib5ODRMaOjcdTNF_W_RoDFPQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cp310-win_amd64.pyd" + } + }, + { + "key": "QNgY8X9rYvzB7Sk5hgIgrIN564iu0b7HW5LnlfIpXqq0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cp310-win_amd64.pyd" + } + }, + { + "key": "QNe-9Vt52U3dRYT54qPCTEcfDEvcSsPcP4PcSTp86vgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cp310-win_amd64.pyd" + } + }, + { + "key": "QN_WuEVkl1CKISOfc18zBc7-vCkCTqB4GiFq5bsp9Q-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cp310-win_amd64.pyd" + } + }, + { + "key": "QmwBJT0NyF8OMw2VtIP8JnwahpGfrOS3lzcWZNcNO5ag", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cp310-win_amd64.pyd" + } + }, + { + "key": "QMuvVzoDl45fsgbALTuXxmMptHXuRr_d3567judse6dA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cp310-win_amd64.pyd" + } + }, + { + "key": "QMnk4ace1l2zacGr4LSPtbGyBoLEzRxUqsTI7kV6zVk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QMJKjmUgv-KJY5wAJ1w_Exl3eRuK3Xp-Jw7eb_pGZegg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cp310-win_amd64.pyd" + } + }, + { + "key": "QMhqtuRk6a5DOWANxAQZw3TW4SLsNwl7WqBO0oVGX1_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cp310-win_amd64.pyd" + } + }, + { + "key": "Qmc8ERXjf_L7TCEgjf6JdL0YU83EpUJGqayXakwqP-ls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cp310-win_amd64.pyd" + } + }, + { + "key": "Qmb-4KBpnvHuFrlER1b6kPwQwGIsqd5uIvB0yMsXJqJg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cp310-win_amd64.pyd" + } + }, + { + "key": "QM8nQDG9vRSxzhzRitJ2wObHxSEfNG9_-M5wGj5vcv-g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cp310-win_amd64.pyd" + } + }, + { + "key": "QM_CF3q1PBH6HLJyPHf060L7wMieMFQ7forJbqJAi1ak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cp310-win_amd64.pyd" + } + }, + { + "key": "QlpSPhTtztaUhhg8sZmdJQiPxmGllAFhV8CCfzl0OoV8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cp310-win_amd64.pyd" + } + }, + { + "key": "QlnPOjJfsBGzriGcnOdNLlb4ieqQi7ueV9uG3-0oiW5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cp310-win_amd64.pyd" + } + }, + { + "key": "QlLrnB8KFefW720OKCALHglKaYE5D9YXOaexNjvSIBqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cp310-win_amd64.pyd" + } + }, + { + "key": "QLlLBSlXMasGPYdVJIU3PEYjDTO_1xUJasGF20NaTS5g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cp310-win_amd64.pyd" + } + }, + { + "key": "QLFUF9VbqZry1J74UqG9x0fmL2Sf_klcohtctCGnYxjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cp310-win_amd64.pyd" + } + }, + { + "key": "QlegL1aJXnTTdNJaOlHtWT_zVtNKFhpVmVu5Wu6pW7z4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cp310-win_amd64.pyd" + } + }, + { + "key": "QL0LMYMeDZjd_04ovo7GypX-EHfWfzk5tzQ6V_fzWPHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cp310-win_amd64.pyd" + } + }, + { + "key": "QKVjJ0Es1DVsELlD-44xYAXrfYOpHHTu8TAvVNIrg9Ws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QKUStVPl8WRR1RzN8u6idZX_ZDV0cyRmebXI6eIDKdko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cp310-win_amd64.pyd" + } + }, + { + "key": "QKua_t8x2cUUO46hMUGp29Zlx9AqzLac63mHyWXGWfvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cp310-win_amd64.pyd" + } + }, + { + "key": "QkQkRPxKDKcpDT8KeWq09XqgeG-aTH0NMD1BIbek0yF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cp310-win_amd64.pyd" + } + }, + { + "key": "Qko_A_zAIgzOSlnDCBGOQE5XkSCLMuwnezDILohQOIi0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "QkkCorDzdWi6P_I_L2UczbCjDOTo2Te_gdLUUWi2_4Wg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cp310-win_amd64.pyd" + } + }, + { + "key": "QKj3KXDBapF7hXZWDb2IB6J0hDNv-pK0BjdxbiLp5jfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cp310-win_amd64.pyd" + } + }, + { + "key": "QKdcaSh8tR7h0t7OGxw2SAp-jujQEeRdtJ7SlJVJvEsc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cp310-win_amd64.pyd" + } + }, + { + "key": "Qk-UTyVdRogrWjTgVezKYV4miOKr32zrCbjbAUisycTY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cp310-win_amd64.pyd" + } + }, + { + "key": "QjyQiLgdSZ0bmBDXQAHe2t2sSid7I7pFvZLRceKDj_z0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cp310-win_amd64.pyd" + } + }, + { + "key": "Qjvwr7awiPpLWfqNlwqtL4Z-7Q8xx5fM09vWV9XspK10", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cp310-win_amd64.pyd" + } + }, + { + "key": "QjRatiTHexYeDwUHd1QQHOa9H5aVmqop5Ly3YrljYpUg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cp310-win_amd64.pyd" + } + }, + { + "key": "QjQ9tPtS0gm-q_3otItYa9sJQVBcdtu7vBbvosgLAPw8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cp310-win_amd64.pyd" + } + }, + { + "key": "QjPvqWKG90ntwV-gQaLpsnN6XvBblebtzrLKho0wrFcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cp310-win_amd64.pyd" + } + }, + { + "key": "QjPCJvl1TRZEuQ9sHlW46PVqyEatp-0MEbZNNH_VUyK8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cp310-win_amd64.pyd" + } + }, + { + "key": "QJl0-ZzKFCeEueBLoV7yqxe3Z4MigspvQzLMRSBSmfvI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cp310-win_amd64.pyd" + } + }, + { + "key": "QJiPFV3cRD6TSXX6D3V9b5icBnLdhtPU8D3id0NTGxcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QJHZ7rudToWWWti8GpJJ1zMnU9STZLR01LZCjTK50538", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cp310-win_amd64.pyd" + } + }, + { + "key": "QJG0QO6W6ZLM0EOBc5p7YTlUnbaK7PKbcA8DvV2puRSY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cp310-win_amd64.pyd" + } + }, + { + "key": "QjCuW1_bCFApsCkTIGOpSCCGcI5ERbNj8F2H4TVWAfD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cp310-win_amd64.pyd" + } + }, + { + "key": "QJ7QGw4ifvMTNrFfaY7byrEbxUUNfJzDeEYSIcRrqtYs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cp310-win_amd64.pyd" + } + }, + { + "key": "Qik_KGTbffQmIFy5rirW3nOHzRG6ZJtVNdEfG2kh0WcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cp310-win_amd64.pyd" + } + }, + { + "key": "QIJqqwA-bPajCeoGDwoIokcwKUi5tReKC2PXLbHK7M4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cp310-win_amd64.pyd" + } + }, + { + "key": "QiG2Vo0MDAvB4eNeEGMb2WYletqBcoEi4xR_qNpeD3Zc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cp310-win_amd64.pyd" + } + }, + { + "key": "QiDS8RQlhnRLMtmuX8zA_2xpYzkRHxSeGQOnpVGpkUaY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cp310-win_amd64.pyd" + } + }, + { + "key": "Qi4t-Eq4IzA9j3pscUd42n5DZt9Z7V4nzJoffajZUct4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cp310-win_amd64.pyd" + } + }, + { + "key": "QhyFcbCaKZHi131E_pEsLc4X2oLSId1-Y9cLJzbyIFxI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cp310-win_amd64.pyd" + } + }, + { + "key": "QhVdyNHDsWbSSu80s8_-xB1v_sZW1SS8kPUqwJK8qZx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QHRYHX6qjsn1Wgmz3OX45amS_H9GqJckHC9NnaIMaZcE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cp310-win_amd64.pyd" + } + }, + { + "key": "QhhCufQeCkyv16KlAoh7-CNjW9Maq9LaT2gvoLpQ6Duk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cp310-win_amd64.pyd" + } + }, + { + "key": "QhEVeAjg61-Bm3NyjZnvxcnGciqPFCokkystXtxW5BOY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cp310-win_amd64.pyd" + } + }, + { + "key": "Qh4kuAr2aNI44lQ4ci4mHqEwiLqjTaohm_rH7ZWqXUSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cp310-win_amd64.pyd" + } + }, + { + "key": "Q5bIKGlNWDfB0NOBFHG980gVOTo6shBgC7__tPEXqsMo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cp310-win_amd64.pyd" + } + }, + { + "key": "Q5EINjQCLFVluB4o7T8zajsFvfwlvOKgMS0WztmwGlnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cp310-win_amd64.pyd" + } + }, + { + "key": "Q5IqMUn_PFbVtOtE6FZvj4gg2AUQnL_qHhKu6DZ9HbOc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cp310-win_amd64.pyd" + } + }, + { + "key": "Q5m5Zfyrc1FPgxkhKbkSVhERANWe82cgkPPEsbpY9z_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cp310-win_amd64.pyd" + } + }, + { + "key": "Q5vHUS_jQskgtkin7rUKOXAXbK5bQLDj-KMwb4GFNmI0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cp310-win_amd64.pyd" + } + }, + { + "key": "Q5vspEhr0FalrdQNye6_2F7upCNuWJ3mKZsBH9TY3hYs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cp310-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp311-cp311-macosx-10-9-x86-64-whl", + "id": "15904524867", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 35578372, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Qxyu5zeZdJNMWCPM3wXlyB9dnSLiLjZv3JtAFZ42WfVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-311-darwin.so" + } + }, + { + "key": "QaVrh1IJUwxL46pfIjFE7sdaySV0Dcs8RhT3IjStLDUk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-311-darwin.so" + } + }, + { + "key": "QB2OieZneQ5q58x9Fz-pnrXjaN9_2lBBmnvJ1ilau5g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-311-darwin.so" + } + }, + { + "key": "QBcvntsjj2SebjCsFdeC9HuAhBjwUItsF7eXZBXcVbVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-311-darwin.so" + } + }, + { + "key": "QbFwnUqpgaxvdA80bZEVkSxlvnB4X9f-ieDNS4ZN_tnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-311-darwin.so" + } + }, + { + "key": "QBJLDsFERffzPHVBGB2wn_OEHRYKtfyszarjaFtSdPSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-311-darwin.so" + } + }, + { + "key": "QbJuxuKRTDVZnXLZR8jnlcZpYXf8BSkbOc_k2KJeYlo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-311-darwin.so" + } + }, + { + "key": "QbNH0bt9-04NvmFTTXDweO_q1yensExv-5BPwcKmN95o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-311-darwin.so" + } + }, + { + "key": "QBqHpK1L4BSQPDeDxlcjB7s10WVDVDqtdo9ZOjUFj5AE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-311-darwin.so" + } + }, + { + "key": "QBTU2bXLU64MIVDE0rPzTCsEenNK8_AvISmGr9pJgpoc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Qc-MwAFXWb6g-tC8fupiThXGmaAfsBlaRNPblrHwvmhg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-311-darwin.so" + } + }, + { + "key": "Qc7tRRRSmrNWfdO6IyhFdT04XP89zyjG9PdNih6l1LCs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-311-darwin.so" + } + }, + { + "key": "QcG4JRRini3402YDyUTUQIsfcE8ypGC-6NUC5MrAQmRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-311-darwin.so" + } + }, + { + "key": "QcHOM5ljycjemS_rl00E2K5nK4qM9kUo49K_vK7J-1ic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-311-darwin.so" + } + }, + { + "key": "QCJqTurzj8DOTiaQ_wJ8l17Xb_6J7IKY_B5fB7rT4gps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-311-darwin.so" + } + }, + { + "key": "QdDHYOVXxRtEz_RWe5TiCNp4rP5JQld4EOdv62xdoD-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-311-darwin.so" + } + }, + { + "key": "QdJEZo1YZg9Q9cB2j02-x4pgpGvMiZpkNKWshZ-8dx28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-311-darwin.so" + } + }, + { + "key": "QDlQvOip0ic_o-iKJWyNXL9IVUNvDrOVy6PTCFy42yEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-311-darwin.so" + } + }, + { + "key": "QdpC6YpGxzoG9pKAxC1wiPMWDgA40_7rNMXux2Tcmfok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Qdq-0xvZ5cMhSvj-GGiBetBbUMqsBzQSLEfsmztKjEzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-311-darwin.so" + } + }, + { + "key": "QDyTPZtH9XbqTdRoYTyZcQVRpcT_vKbMAu4YwrwWZsn0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-311-darwin.so" + } + }, + { + "key": "Qe34HTIbX3LV6iOgvkexop0aQtVKkgRr_F3nQn8-EISo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-311-darwin.so" + } + }, + { + "key": "Qe4gr-2HR0pW_YrJxmZZs7E5R3DeSXhAOH3o1CVm2NqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-311-darwin.so" + } + }, + { + "key": "QEhYqQ_Ai_cB1sVbXSXzd9ac2MN8cJ7Zz5-Eh3zoVKo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-311-darwin.so" + } + }, + { + "key": "QEZF8lGnk7n3gKKEwZz_dcKI_JlX7gTLyXrhn611ylHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-311-darwin.so" + } + }, + { + "key": "Qf2pXE9pzxFByZTVpkR5RwTaR_cl85TgFowkdKF6ppbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-311-darwin.so" + } + }, + { + "key": "QFCT0jTPcVZ1vl_83izse_c4_8A24PRNfppYQrvFjYT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-311-darwin.so" + } + }, + { + "key": "QfQRrIBPXiLH4pA-QPrdR7HG0WdblMbIl16xBCO4bB_Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QFSyzYHZgjegIYEVM6rzvylCmG239rLAzVLsi5k3s5dk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-311-darwin.so" + } + }, + { + "key": "Qfzws_mHoqBt9JXUcpkBZY91QdcxSE94USfFmdcEtPcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-311-darwin.so" + } + }, + { + "key": "QG3QYqZY7_GB6YgwLAcyEd6YnJZh6EJ8MLamLn9Hbwu4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-311-darwin.so" + } + }, + { + "key": "QGhM3CnVoCGJhzV79pX7k4GyQWV4_-Q18U3wG0UM-I8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-311-darwin.so" + } + }, + { + "key": "QGmRi_pj-WFVNuSjRisLTgdnPV-Vw23C-aMKTvQJUeSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-311-darwin.so" + } + }, + { + "key": "QgNb3sULHgch3lhUmciRMqJio-Mg7WFDQsVbesI7tor0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-311-darwin.so" + } + }, + { + "key": "QGNMWpN5uT6dGWo48ZSJLDsUcQqEDiQruQM2RjsFkxDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-311-darwin.so" + } + }, + { + "key": "QgQJQRG2ycmsLHXyBJaLXanwaGFsPvdVVD2jc-wF6vgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-311-darwin.so" + } + }, + { + "key": "QGUo711vfc433ZZRfZe0Ypd4pS2o2pIwpcpHUGs7lgbo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-311-darwin.so" + } + }, + { + "key": "QGuPWoON-TD2HGC--5lr7o61l-rDqJaNhtbe1-VW3mF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-311-darwin.so" + } + }, + { + "key": "QGy18aOyYFiSrsYXx9NyP15J-JZJQmXWTCD6ejR1ttG4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-311-darwin.so" + } + }, + { + "key": "QgYkedhkklKMJiJAPkAqCJWXNWGbV8N_bVMKwyGtJlYk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-311-darwin.so" + } + }, + { + "key": "QH_nmmSdxnJE6NrfJoD4waT94IdnjkzsuVlWGxkep7gI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-311-darwin.so" + } + }, + { + "key": "QH5pk8CL-YFRPSqGmjUTzbHOL7LOBl7y8y95jrB3HSFg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-311-darwin.so" + } + }, + { + "key": "QH6lf-GEyN6JX66EIQryFngSgJLPqCYDxd2mnOZI-whY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-311-darwin.so" + } + }, + { + "key": "QHc-Z1JBVc_G1_Al6GmbJbhqeWwFzzCG867esQGVj3-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-311-darwin.so" + } + }, + { + "key": "QhE71JIzBR6AaO47RQj8h9UCw-Llbc5v0UxWJ3KdyO8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-311-darwin.so" + } + }, + { + "key": "QHfaP_BwotK3D3NblfYogpPRbvsJQ1b5kdP1fPcZhfXc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-311-darwin.so" + } + }, + { + "key": "QhOdV3ytIiQRuc96R4k-sZNRzw8e0RtuUnGtk8u5JIOY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-311-darwin.so" + } + }, + { + "key": "QHq-1_2amINJ6Et2-ZiG5SkKJl8atdkhVwgK_yiJq1iw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-311-darwin.so" + } + }, + { + "key": "QhswX17xcIJxjCIKb0nJDMLpQT4X5aZGFOsjKZnP18JI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-311-darwin.so" + } + }, + { + "key": "QI_QbUh33EM1HLwcxx7lNgMizjAw_Udw7MM1it6kleX8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-311-darwin.so" + } + }, + { + "key": "QI8uiar3q7Vf5PfPCr7wkGsbUF3-NkAJHnivGMv4xEDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-311-darwin.so" + } + }, + { + "key": "Qia_cU98YmZEgo4Bupeg1n_AxIJp5P1olanIN0Dgnx4s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-311-darwin.so" + } + }, + { + "key": "QIblp7lJYkzC4qvUeC9KOE8a2OTvB5PzBX_ex8R7Xoew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-311-darwin.so" + } + }, + { + "key": "Qic7LhQUP7l0tBfNvHgEuL5NiVsUSIrUctZAAYPKvLbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-311-darwin.so" + } + }, + { + "key": "QICrVKn2MhszjYddowzqxiVihez_HWhMJfnUsd8gUe6c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-311-darwin.so" + } + }, + { + "key": "QIGhkZvbomMbfXHZQBAB7ogNS4_raXg6jwYin_pnCXnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-311-darwin.so" + } + }, + { + "key": "QINnmLT6xjIu-zVT8VelyaD5g7UlsidB52b8qXIq-NXw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-311-darwin.so" + } + }, + { + "key": "QIOPtZah97m-WNq7CCrurBL2wfWNc020MClLhA0m6SsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-311-darwin.so" + } + }, + { + "key": "QiPbAwmxpL05UBjDrAg-zqDz05_Xkp5kVVyWrEy5-Ai8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-311-darwin.so" + } + }, + { + "key": "QiVyK9wbZZY69_aAw6mpYXkwPh_r7OAm62TPgxJm49vg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-311-darwin.so" + } + }, + { + "key": "QIYnW-zKn7wM2uMlyu_1qTcCyrdAQKYRzp280pxq_vNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-311-darwin.so" + } + }, + { + "key": "Qj4dxuMWGxNztIHtrkWt1iDL5Dd1qo25CGV4KCy0wMXo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-311-darwin.so" + } + }, + { + "key": "QJ5WMEfLs-jm2jSpkaaPEz4K9D3CxzYGrSv2s8paYGgA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-311-darwin.so" + } + }, + { + "key": "Qjbcut6S48j72CKP9_8Ll_uVKIsEjgWvlYJADRIUI_CI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-311-darwin.so" + } + }, + { + "key": "QjHP4goyZdv2E_xm3cCPPQC6-ajaN7pi_R4WdPsumgps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-311-darwin.so" + } + }, + { + "key": "QjjUgsONrdY6ccHewnngDUFmjlnv6jpjdrh0y7Ec3fek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-311-darwin.so" + } + }, + { + "key": "QjLTtNwbZUbh7MprqkkkaWt2UhCZSC7k1UQn42DEDOpA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-311-darwin.so" + } + }, + { + "key": "QJQxLVbIrttOHsbSuCQqbr3wgVUe6_nE3FkxJMDeuzBk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-311-darwin.so" + } + }, + { + "key": "QjvSmlnR_05wRis7VtJRPesgmNo-liWc5nmKSm6QrmO0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-311-darwin.so" + } + }, + { + "key": "QK8Trw9s6werBiNQsiKgLci4sNoeyhKiZEndK7W1kB1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-311-darwin.so" + } + }, + { + "key": "Qk8WoQqTzqMjxppK2UIktfpHlIsESucQA86DpzwJpR8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-311-darwin.so" + } + }, + { + "key": "QkHbvtxtgtFf6c8YxiHR0uma6PglZgviGqsKsedFFXkY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-311-darwin.so" + } + }, + { + "key": "QKlZFDFOd1IHhUHoP93SaERhkAGluTurWzE9mXqGP1YQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-311-darwin.so" + } + }, + { + "key": "Qkm5kdXNAW9aNcPCJdPU6plpO7KnA8QUMHGPy2XiWScA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-311-darwin.so" + } + }, + { + "key": "Qko6i3MoXKEQ0HcQSAMaVoPkYY3bkRfG0EOx6mFXi5w0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-311-darwin.so" + } + }, + { + "key": "QlBsvd9M5dhL3bMNR-0rNywhINHcMIcD1qNJeBdgCs5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-311-darwin.so" + } + }, + { + "key": "QlEiHb3oe2KVinARUEqgHTfQ0ENlmV_hg_pRH2ddNcF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-311-darwin.so" + } + }, + { + "key": "QLlSZaEuzJQf0nejZ7smgi5JxEAD2V5M1GN7uezCc0_Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-311-darwin.so" + } + }, + { + "key": "QLVpqmfeKCheiv_zIH9WL-MyEkdJxKM256ZYQLZgq2qs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-311-darwin.so" + } + }, + { + "key": "QLvvmojyvouFZ6d_3i87QgkjaIeczp5-UslMf48hBaZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-311-darwin.so" + } + }, + { + "key": "QM6JQ3-9flQUdfUbM7VuSpT_v7jrP07hiRgqqPujnJ8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-311-darwin.so" + } + }, + { + "key": "Qmc-oxSAaaaS3jSh3DWmHLW98HNkVfSGo_GrxZiAnw4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-311-darwin.so" + } + }, + { + "key": "QMcCFAVk50WzzPdmmZNN_Vf6c4obTaJ31__edSaHYArQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-311-darwin.so" + } + }, + { + "key": "QMIFtpG6lXMlAXPgYsJxIhsHRtrEZrKTCzCm8yYH8Wwk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-311-darwin.so" + } + }, + { + "key": "QMm2xhyZuVdOGY4ByiGzAnxFr5fbTrqketPXQG5iUsrY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-311-darwin.so" + } + }, + { + "key": "QMVo1LRaNuHikToZ8AzkN475mvToLbdQczk2Er3RYP-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-311-darwin.so" + } + }, + { + "key": "QN0oSdY2gV0UmtLODFdf3R6HhgrkxIev71jPQXaNXDYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-311-darwin.so" + } + }, + { + "key": "Qn2EeaP-epQQEQ5db_Af_86aGuO8LzxBks60vcBv0iAw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-311-darwin.so" + } + }, + { + "key": "Qn393RranxcekR_VfqOkNFEDkeoEfCt7mQ2QBxotMTfo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-311-darwin.so" + } + }, + { + "key": "QnJbp8NFKwyBL2jqvTifBZEFgC9T6Xt7M5jW7iz9TUNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-311-darwin.so" + } + }, + { + "key": "Qnp1uK9EhQvYhhdpFqG9l0tV2RDsIu-hoH-sQLYtAcZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-311-darwin.so" + } + }, + { + "key": "QNt9PoYy5ZtV6Eq1qHHwUyOsgyuZROP4Kl32TYe7uxU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-311-darwin.so" + } + }, + { + "key": "QO8oqUomV7sjk9U8C_LzkCFCHU3MQE8i29Ovd8plPIOg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-311-darwin.so" + } + }, + { + "key": "QOdrMr7Nb64KlIffXGp_z3997oLWeLB8oVoC2rufkyTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-311-darwin.so" + } + }, + { + "key": "QOLaMTK-1J9CU_ZywlYrNxxkiAYI2gKGNxWRWtsgejDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-311-darwin.so" + } + }, + { + "key": "QON4ywxt9WBEQbF34tMPaicMgH1ReDNDyw-TjEa4B_mk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-311-darwin.so" + } + }, + { + "key": "QozsiN_PFtaQ6WLp2afO-w5vfm2YiBPBORKSHC2RTyRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-311-darwin.so" + } + }, + { + "key": "Qp2WZuFyAPCkfJoype-GBtX0NMSYxJzotlbu03u6IEG4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-311-darwin.so" + } + }, + { + "key": "QP4M419uquCcpQeqtw7V6VgFns0k5No1e1X_-gdEnCmM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-311-darwin.so" + } + }, + { + "key": "QpBNu2L4DsTEatEW3j9hErlQgk34nsZvfRUBHKhLJK28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-311-darwin.so" + } + }, + { + "key": "QpqO8-MHnu8TrVIxxFeiSBsSbCpyw-1n6agMk6EFvS_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-311-darwin.so" + } + }, + { + "key": "QPZpt6k2ETW2G5-7c27ffYjx5Za6l-y-siRt5M30WsN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-311-darwin.so" + } + }, + { + "key": "QQ3zig2p4GHrIbTB6hoy2oE_ySek31a5uzoF4kG_cqdw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-311-darwin.so" + } + }, + { + "key": "QQmA94zCI4wMj4pK9d_knw7stHdzaL2sh05q1kFZDXdk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-311-darwin.so" + } + }, + { + "key": "QqMaxFe6euTJ-i0NehcAGvOQK_NtzkbgHm5eLDhkgLzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-311-darwin.so" + } + }, + { + "key": "QqNEAhpiJvcHtqYEVE5VEAj73-vLl6Bup5vip0XqPEJU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-311-darwin.so" + } + }, + { + "key": "QQthIU9u8Bh1yBuNEkAXimDBvupiyENgem737HvFoS_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-311-darwin.so" + } + }, + { + "key": "QqtVN3VR_Jf0g8VLSC0fzpAFq_-Og_Yx380EG-15LV2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-311-darwin.so" + } + }, + { + "key": "QQu--MZE30K22Zq17igOEWbwOLedSgEwhqqfrQ_o5WPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-311-darwin.so" + } + }, + { + "key": "QQukgoH3PYPQpyhq-ZCZEx9_Z56BPMB3jhRJKHVZv3XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-311-darwin.so" + } + }, + { + "key": "QR--kHNKhCPsOVfVk5O1hhWrwNHgNYK3yi608zdjwLW4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-311-darwin.so" + } + }, + { + "key": "QR6n0O_UN52SVqPv8GB0OvRUR1IZBZiB_1fpMuxvntCQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-311-darwin.so" + } + }, + { + "key": "QrCOoqNiQEGnS1UAhgmsMK3tdCweRnZ2ZXCB1PwUZ5VY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-311-darwin.so" + } + }, + { + "key": "QRD_6UI9Ra2DvmMv0hz0RAwoDKVTC-Rjuek7DN6Vkfws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-311-darwin.so" + } + }, + { + "key": "QRRf95D9J2AOvcO5bw6WEEDD6WEIEVsuA--0cCDiJ8lo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-311-darwin.so" + } + }, + { + "key": "QsdbzMzZT8HM3cRgjA0PTNZuTdi4EQTokIieOuqZNfD0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-311-darwin.so" + } + }, + { + "key": "QSgaekiRw7RicQN-csT3tk4zOmMqunUZ7poWoZ9Tosbo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-311-darwin.so" + } + }, + { + "key": "QsIHGTx8XdQG24LEJK3n7g5B7DQ0AMTByr-MRggST2co", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-311-darwin.so" + } + }, + { + "key": "QsOFIGi6nOmmoBd1jtdlBpWD-7O5dRv7j_5MARTa8ZGE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-311-darwin.so" + } + }, + { + "key": "QSOwHTNXP3-9OqTxAJnA4Pi66eTZ7HD5vgIBm5On62lQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-311-darwin.so" + } + }, + { + "key": "QSU5qpUeALDdsRzpn6328DuVYrcNms97Frwou8keE2jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-311-darwin.so" + } + }, + { + "key": "QT3Aw5AZKQWgcURg78GgBhafatdLfdzbUga7Kwhk4QNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-311-darwin.so" + } + }, + { + "key": "Qt4Q2AZw5cW-HAI1jf-KbsLHH9XEjuKT2POogUhJHThU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-311-darwin.so" + } + }, + { + "key": "QTCa7SobNnusQPomkgExK0lKaMoiGUdDUgAPILDA4q_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-311-darwin.so" + } + }, + { + "key": "QThnT4yl_zx4eEDZiH3dYdUvTJjaONDJGyQ_yGpf3d0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-311-darwin.so" + } + }, + { + "key": "QTiIx8HjBrWwaTCRcArFT9fnGOhD8um2zbGaJRyIrTuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-311-darwin.so" + } + }, + { + "key": "QtJtu1vFhsRf9l2ntvS3hP2OI9yMXC8FfRzQDg7zkBxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-311-darwin.so" + } + }, + { + "key": "QtkX8rHWc8Fn1Wcl8oKJb4WmYZSnjKzRFPGBA6sCz_Jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-311-darwin.so" + } + }, + { + "key": "QTRU5WlYF8_d3llAmhX2vShzbWx4Z4iIFaWlRi1c9EXY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-311-darwin.so" + } + }, + { + "key": "QTVXuY4TkHjLvJ1B6MZQPrKNy3ACxvx-motAw41ai86I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-311-darwin.so" + } + }, + { + "key": "QtwQgn623g1kTmI4x1BtcMvHtDRqyFsMN1PHEzlmA1ao", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-311-darwin.so" + } + }, + { + "key": "QTWTCFPE6tBUPhxVfxAZ5uZxEYdghkP9376Mfog6fuqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-311-darwin.so" + } + }, + { + "key": "QtZW9NbVJe0NIcXouL4iq6XzCKF8_vHqceSx62Z1Mt1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-311-darwin.so" + } + }, + { + "key": "QuEVbbiw91oGzzLjEuXB_Ykq-Njb7BL4gRksATrXsLHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-311-darwin.so" + } + }, + { + "key": "QUhHeRP3MWu__y1OiQiz4TsSiXtDjwLI651KadB5-Trk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-311-darwin.so" + } + }, + { + "key": "QuidAZFwTnRgh-MltD1Ah4RWMUoUrOz4EYB761trRvTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-311-darwin.so" + } + }, + { + "key": "QUmBbS37u8ijyOth22_Ei49e5QO9OPm9a4ceVNK25VYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-311-darwin.so" + } + }, + { + "key": "QuONKbV2JWybnuoXPgYWdTjtr768-CQuolhJiw4W1B6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-311-darwin.so" + } + }, + { + "key": "QuOUPNpn6koALS4XbWfWbhPjkVr3cgag-c1YItdTT_xM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-311-darwin.so" + } + }, + { + "key": "QUZbz_9ZYY3PXEQlqDp8IFIqOw1MY7ug3BggcqHj5z9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-311-darwin.so" + } + }, + { + "key": "QV_2bz9KPF6cw4WegPEPFf6U7mYnDZzwrd5PEpVeYSF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-311-darwin.so" + } + }, + { + "key": "QV1LNlPAL23ewY9hqrr5PsE47OsEEUGPF9UlJafJ9SC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-311-darwin.so" + } + }, + { + "key": "Qv6ZumFL6cjl3lD2RVuqM7B2oCK2y8DY859Lw1iqmc4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-311-darwin.so" + } + }, + { + "key": "Qv70M_ufarkANSnyftLXxRmOOXS0S8W9X3uEqdFgLQRk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-311-darwin.so" + } + }, + { + "key": "QVBQOaiXdFeenn0j8DnzTJ6cyw4i-3f0ByLs0uNRYAkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-311-darwin.so" + } + }, + { + "key": "QvBrx15NJ7xMWD9zpTz3UVm9kWzNdu_K_QSaFJIFAZ1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-311-darwin.so" + } + }, + { + "key": "QvCJeSU8hrONE6qMj7KJAo1J5WgR2vm79DAlBP_R7KhA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-311-darwin.so" + } + }, + { + "key": "QvKoHW1FeMaY82HwssE7BWV0XqgqrLmaeRI_I7NIl8YM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-311-darwin.so" + } + }, + { + "key": "Qvm6JR-CmxJ-1x_h5mYTPwDDwnHGJBhkgFufjjPpeIZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-311-darwin.so" + } + }, + { + "key": "QvnKqbb3QbGOV9whgCE5fyWG4TZQT2K8zTPjYxEgEAHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-311-darwin.so" + } + }, + { + "key": "QVwXc9OAGjImpgUjZ0xX77m6ULTthYCMiJ8OW_BnCIlY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-311-darwin.so" + } + }, + { + "key": "Qw_xMDjcEjm-A5bcBQJa20hDGq3TFHpmmG_9D4DWpqL0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-311-darwin.so" + } + }, + { + "key": "QW3wRNZypc23zaq6OF7Nl8TacAXztbwzMJHbnqCJJozk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Qw5JKIWdWKzpx7tQJIg4SUPmVhv4tPwiSw_Uw0AHDH9E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-311-darwin.so" + } + }, + { + "key": "QWfhF8OsQke4VuVdXJxpw_9CgJi0x1XplaMjkXIV9yKU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-311-darwin.so" + } + }, + { + "key": "QWjGB8Gk3pNHLVMz6ySAs_7H59RC_XtftdpK626SoMuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-311-darwin.so" + } + }, + { + "key": "QWobHsK2YCtib6axA9FwVyRrgkKc3_X0dXUUrR5iYcXE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-311-darwin.so" + } + }, + { + "key": "QWqeTvijogJzr_vCicy0v2GDkMrLZJeaiLlov6lYQPI0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-311-darwin.so" + } + }, + { + "key": "QWY6TrQYTbuj9ChMvGCvREf7BIu4TC2kZCYjovAgr_gw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QWz5RTYBrinPBdg7coG9B8o0-Io7f10EJ_ln7Npj6gDA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-311-darwin.so" + } + }, + { + "key": "QWZm5JQKdp3q4n0h02fLZmFRO4H_b9z7lMqEPaFHb-aA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-311-darwin.so" + } + }, + { + "key": "QxoQcixSHxMX5V6w5PKNxNkSba9lzxmFQPIuJPprY6j4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-311-darwin.so" + } + }, + { + "key": "QXpTjTXpiOzyXv0E_gWn14570z7hFTupsa9y3pJJLnZg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-311-darwin.so" + } + }, + { + "key": "QaoE1HDqZBHaXN552C79gPmBEqdC0rjcuvZcbjKIvy7w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QXzya9g0OupUvglPSbh29lD0TJ0GFZiFkA6xcw0G462I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-311-darwin.so" + } + }, + { + "key": "Qyc3a3GIx0LYMyOzWavl2UcqDzX26CHc59qd7f8n5CCg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-311-darwin.so" + } + }, + { + "key": "QyIeqGA5duFwyog6W5__vyOZq2tDyn7j5uqDnL7LaHrY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-311-darwin.so" + } + }, + { + "key": "QYJl5bSB1HtUQaSj55l3nLVOqHrm9iU7YVQmvRY5effU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-311-darwin.so" + } + }, + { + "key": "QYKlDWPKSlONv_5Qbb8xDfaFMfRsDpRMBmPDxsRjVkxE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QyRTKHwVESrzyaqyZItzez6TzlUP1cj4QfUX_ciheuFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-311-darwin.so" + } + }, + { + "key": "QZ17rnP9R3tCzHtHyKDaQFs7kezWUvpOGUpCuCTsKO7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-311-darwin.so" + } + }, + { + "key": "QZ3MLwCm3OOyohyX2-4e1Bj_0bGLMzDM96uNJ6CxOxWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-311-darwin.so" + } + }, + { + "key": "QZ7-hlQBE7Mb24eAnH0cTaub6lM2BwzHB8rYF4bBNr5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-311-darwin.so" + } + }, + { + "key": "QZUK82SMhT4Fp4ZSX7rTu7OObHA8CuiHgJxldp3HtzfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-311-darwin.so" + } + }, + { + "key": "QzxvQnj88v_5BFsVA537iZ5cFUyU6uQbu6N43AbrW0m0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-311-darwin.so" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsJEUGP4ALKUTW3MJMEsLsHkMo2Snw7ZpNVG2GneRYYQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QDG94zb-6crjQZo86SDpygMbeM5VFjM2hmTZmq6wAEdU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QsJEUGP4ALKUTW3MJMEsLsHkMo2Snw7ZpNVG2GneRYYQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDG94zb-6crjQZo86SDpygMbeM5VFjM2hmTZmq6wAEdU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QsJEUGP4ALKUTW3MJMEsLsHkMo2Snw7ZpNVG2GneRYYQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QsJEUGP4ALKUTW3MJMEsLsHkMo2Snw7ZpNVG2GneRYYQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QDG94zb-6crjQZo86SDpygMbeM5VFjM2hmTZmq6wAEdU", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QsJEUGP4ALKUTW3MJMEsLsHkMo2Snw7ZpNVG2GneRYYQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q_w5jRRtFpdGx6CloojC9NnsIhp5eOf2pH9kfmZavLmQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QsJEUGP4ALKUTW3MJMEsLsHkMo2Snw7ZpNVG2GneRYYQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdwN6AM-BodRwmQj6lzaolZFReCvss6hl3XYc1NHu7OI", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpRHfJghmidHJnnxuVQkAUtppqMNc7RYw_4guEaAXsoI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_41dgSAl3ltiKRfgzCGSwF3qHl7viR_fYeQGW42t3MQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q05zfmsO65veh8PcSvqLk9iHSofnHFS_XcFwzvGfV7Ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-311-darwin.so" + } + }, + { + "key": "Q09xFlUWSIlStySRyOObQKUOGpXDNTTYx25frDs4VkTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q0sAkHnDzoO0JJusXoOhMeOPU6mu5EbW7lCz2WtrjFc8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-311-darwin.so" + } + }, + { + "key": "Q0Z878aDyLGkK0H1aZ98BZnCseJocDK0kIYzMDNU8F5I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-311-darwin.so" + } + }, + { + "key": "Q16RCA1oaP2JcAkPqWcyDPquc4EpqcFcUdw8cpi1DozM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-311-darwin.so" + } + }, + { + "key": "Q1cp6aAEqte5huyPfpcgkgOp8ne0GZHCUpztcZbP_ixU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-311-darwin.so" + } + }, + { + "key": "Q1u6xPhRlNbu8_Cr9yvzsDXrXuPhHaKXkS_svR5wlJfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-311-darwin.so" + } + }, + { + "key": "Q21SV9xWzFmOHOpYKppbqCTRnSwTWyE67UbAfMgXthBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-311-darwin.so" + } + }, + { + "key": "Q247z_LjkIIgNUBFPmhM7M2SLK4g5sgbYvrDt3kQlNIY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q2khYSmVlOKpaCQhtQGxYqq6dp9XocVMX-Ty0FBbuFgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-311-darwin.so" + } + }, + { + "key": "Q360XY37xWDwZ_YNuIeHmy1jNjjfg265cgx5b0-Z5_N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-311-darwin.so" + } + }, + { + "key": "Q3MWdDgfjBJ8VQuStLCG2lv597hEVPOnkTABndyUSsBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-311-darwin.so" + } + }, + { + "key": "Q3zFjv8W30auYYhBBqfgbn5KRPDirPIYgld87byAi3Es", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-311-darwin.so" + } + }, + { + "key": "Q43I1Tat1QLzttASKfVJOSi8aQFgR6fCc5ZOnRTEZQWU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-311-darwin.so" + } + }, + { + "key": "Q4cDnBhfkKB1FvO5W0wM175nJivlS6xbpwQchhPsop9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-311-darwin.so" + } + }, + { + "key": "Q4HLZPZrP0rHDl4wLqAXq_sI_qTAtXvuY1vMUWUzspeU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-311-darwin.so" + } + }, + { + "key": "Q4jwvoq3485Cp7Y1o0thU3JY1ZMHhqv6Kaah0PawArX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-311-darwin.so" + } + }, + { + "key": "Q4khg65VRm7sdgjOdMmLWcsNrfvd_Ns7EcZSUn53c1GA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-311-darwin.so" + } + }, + { + "key": "Q5oo9db9ZfU69exugGkIkos4u9Po3_841CB_LEVULB2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-311-darwin.so" + } + }, + { + "key": "Q5wKL-ohAiJfh4UVtE4iWcwZcMdCfSrKjOAbrJI5BpBo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-311-darwin.so" + } + }, + { + "key": "Q67ol75TB3_yis6l4j6w2yEaGYPL-ezVvnEMrYQFxGQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-311-darwin.so" + } + }, + { + "key": "Q79yUAdCnv4bSNqFAvM7mAgMKUYL0sMDZCZRwVsA0S34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-311-darwin.so" + } + }, + { + "key": "Q8dXN1Fr1PvXVxmV8m6fFh9674AA-xxshlPLs4kBWjfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-311-darwin.so" + } + }, + { + "key": "Q8eoispp21F8hPGjCJ3CHTpJD0s3I1HZv-MIjnAw8Hao", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q8fopdgY90gV2c1T09LKMtci3clXiEab3mTUq24e-774", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-311-darwin.so" + } + }, + { + "key": "Q8XmYsRMI7c-vokYnJvw-DQvfxfisUi7ScSnIA3MKBSE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q91aOdMZGh47eZ2x8xCVF_xdcgL80i-iPC2UEPTW2XOc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-311-darwin.so" + } + }, + { + "key": "Qa48rw9jvY6-uK5UNLSVASc4gsUHC2g9ExEB3iTkGiuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-311-darwin.so" + } + }, + { + "key": "Qa4JMdrW6PY96FiOGnZaetMXYn0pMO-uW3hahFIq25Kc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-311-darwin.so" + } + }, + { + "key": "Qa9ASWYxVixvF55Glkq1Z8AEYsI8CI3s4_t4eK43fVZo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-311-darwin.so" + } + }, + { + "key": "Qabhjf3G1L7rqgQXmoLlyQrxz5bYStR97FL84zMXT2vg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-311-darwin.so" + } + }, + { + "key": "QAJB-zEiScrosTVQmhQNuXePU3fK4jhvoHccikLmC4uw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-311-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp311-cp311-macosx-11-0-arm64-whl", + "id": "15904524868", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45674962, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QJr-0DyaIBmsCJbdxuWnuF5INeZ1ymP6OQ3t4mTVaDG4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QugcubjyzsK4GNR35GtyeXXjKQrFIScXJNrgM-20dt3Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QugcubjyzsK4GNR35GtyeXXjKQrFIScXJNrgM-20dt3Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QJr-0DyaIBmsCJbdxuWnuF5INeZ1ymP6OQ3t4mTVaDG4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QugcubjyzsK4GNR35GtyeXXjKQrFIScXJNrgM-20dt3Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QJr-0DyaIBmsCJbdxuWnuF5INeZ1ymP6OQ3t4mTVaDG4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QugcubjyzsK4GNR35GtyeXXjKQrFIScXJNrgM-20dt3Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzxvQnj88v_5BFsVA537iZ5cFUyU6uQbu6N43AbrW0m0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-311-darwin.so" + } + }, + { + "key": "QZUK82SMhT4Fp4ZSX7rTu7OObHA8CuiHgJxldp3HtzfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-311-darwin.so" + } + }, + { + "key": "QZ7-hlQBE7Mb24eAnH0cTaub6lM2BwzHB8rYF4bBNr5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-311-darwin.so" + } + }, + { + "key": "QZ3MLwCm3OOyohyX2-4e1Bj_0bGLMzDM96uNJ6CxOxWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-311-darwin.so" + } + }, + { + "key": "QZ17rnP9R3tCzHtHyKDaQFs7kezWUvpOGUpCuCTsKO7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-311-darwin.so" + } + }, + { + "key": "QyRTKHwVESrzyaqyZItzez6TzlUP1cj4QfUX_ciheuFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-311-darwin.so" + } + }, + { + "key": "QYKlDWPKSlONv_5Qbb8xDfaFMfRsDpRMBmPDxsRjVkxE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QYJl5bSB1HtUQaSj55l3nLVOqHrm9iU7YVQmvRY5effU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-311-darwin.so" + } + }, + { + "key": "QyIeqGA5duFwyog6W5__vyOZq2tDyn7j5uqDnL7LaHrY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-311-darwin.so" + } + }, + { + "key": "Qyc3a3GIx0LYMyOzWavl2UcqDzX26CHc59qd7f8n5CCg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-311-darwin.so" + } + }, + { + "key": "QXzya9g0OupUvglPSbh29lD0TJ0GFZiFkA6xcw0G462I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-311-darwin.so" + } + }, + { + "key": "Qxyu5zeZdJNMWCPM3wXlyB9dnSLiLjZv3JtAFZ42WfVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-311-darwin.so" + } + }, + { + "key": "QXpTjTXpiOzyXv0E_gWn14570z7hFTupsa9y3pJJLnZg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-311-darwin.so" + } + }, + { + "key": "QxoQcixSHxMX5V6w5PKNxNkSba9lzxmFQPIuJPprY6j4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-311-darwin.so" + } + }, + { + "key": "QWZm5JQKdp3q4n0h02fLZmFRO4H_b9z7lMqEPaFHb-aA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-311-darwin.so" + } + }, + { + "key": "QWz5RTYBrinPBdg7coG9B8o0-Io7f10EJ_ln7Npj6gDA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-311-darwin.so" + } + }, + { + "key": "QWY6TrQYTbuj9ChMvGCvREf7BIu4TC2kZCYjovAgr_gw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QWqeTvijogJzr_vCicy0v2GDkMrLZJeaiLlov6lYQPI0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-311-darwin.so" + } + }, + { + "key": "QWobHsK2YCtib6axA9FwVyRrgkKc3_X0dXUUrR5iYcXE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-311-darwin.so" + } + }, + { + "key": "QWjGB8Gk3pNHLVMz6ySAs_7H59RC_XtftdpK626SoMuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-311-darwin.so" + } + }, + { + "key": "QWfhF8OsQke4VuVdXJxpw_9CgJi0x1XplaMjkXIV9yKU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-311-darwin.so" + } + }, + { + "key": "Qw5JKIWdWKzpx7tQJIg4SUPmVhv4tPwiSw_Uw0AHDH9E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-311-darwin.so" + } + }, + { + "key": "QW3wRNZypc23zaq6OF7Nl8TacAXztbwzMJHbnqCJJozk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Qw_xMDjcEjm-A5bcBQJa20hDGq3TFHpmmG_9D4DWpqL0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-311-darwin.so" + } + }, + { + "key": "QVwXc9OAGjImpgUjZ0xX77m6ULTthYCMiJ8OW_BnCIlY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-311-darwin.so" + } + }, + { + "key": "QvnKqbb3QbGOV9whgCE5fyWG4TZQT2K8zTPjYxEgEAHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-311-darwin.so" + } + }, + { + "key": "Qvm6JR-CmxJ-1x_h5mYTPwDDwnHGJBhkgFufjjPpeIZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-311-darwin.so" + } + }, + { + "key": "QvKoHW1FeMaY82HwssE7BWV0XqgqrLmaeRI_I7NIl8YM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-311-darwin.so" + } + }, + { + "key": "QvCJeSU8hrONE6qMj7KJAo1J5WgR2vm79DAlBP_R7KhA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-311-darwin.so" + } + }, + { + "key": "QvBrx15NJ7xMWD9zpTz3UVm9kWzNdu_K_QSaFJIFAZ1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-311-darwin.so" + } + }, + { + "key": "QVBQOaiXdFeenn0j8DnzTJ6cyw4i-3f0ByLs0uNRYAkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-311-darwin.so" + } + }, + { + "key": "Qv70M_ufarkANSnyftLXxRmOOXS0S8W9X3uEqdFgLQRk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-311-darwin.so" + } + }, + { + "key": "Qv6ZumFL6cjl3lD2RVuqM7B2oCK2y8DY859Lw1iqmc4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-311-darwin.so" + } + }, + { + "key": "QV1LNlPAL23ewY9hqrr5PsE47OsEEUGPF9UlJafJ9SC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-311-darwin.so" + } + }, + { + "key": "QV_2bz9KPF6cw4WegPEPFf6U7mYnDZzwrd5PEpVeYSF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-311-darwin.so" + } + }, + { + "key": "QUZbz_9ZYY3PXEQlqDp8IFIqOw1MY7ug3BggcqHj5z9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-311-darwin.so" + } + }, + { + "key": "QuOUPNpn6koALS4XbWfWbhPjkVr3cgag-c1YItdTT_xM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-311-darwin.so" + } + }, + { + "key": "QuONKbV2JWybnuoXPgYWdTjtr768-CQuolhJiw4W1B6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-311-darwin.so" + } + }, + { + "key": "QUmBbS37u8ijyOth22_Ei49e5QO9OPm9a4ceVNK25VYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-311-darwin.so" + } + }, + { + "key": "QuidAZFwTnRgh-MltD1Ah4RWMUoUrOz4EYB761trRvTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-311-darwin.so" + } + }, + { + "key": "QUhHeRP3MWu__y1OiQiz4TsSiXtDjwLI651KadB5-Trk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-311-darwin.so" + } + }, + { + "key": "QuEVbbiw91oGzzLjEuXB_Ykq-Njb7BL4gRksATrXsLHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-311-darwin.so" + } + }, + { + "key": "QtZW9NbVJe0NIcXouL4iq6XzCKF8_vHqceSx62Z1Mt1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-311-darwin.so" + } + }, + { + "key": "QTWTCFPE6tBUPhxVfxAZ5uZxEYdghkP9376Mfog6fuqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-311-darwin.so" + } + }, + { + "key": "QtwQgn623g1kTmI4x1BtcMvHtDRqyFsMN1PHEzlmA1ao", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-311-darwin.so" + } + }, + { + "key": "QTVXuY4TkHjLvJ1B6MZQPrKNy3ACxvx-motAw41ai86I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-311-darwin.so" + } + }, + { + "key": "QTRU5WlYF8_d3llAmhX2vShzbWx4Z4iIFaWlRi1c9EXY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-311-darwin.so" + } + }, + { + "key": "QtkX8rHWc8Fn1Wcl8oKJb4WmYZSnjKzRFPGBA6sCz_Jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-311-darwin.so" + } + }, + { + "key": "QtJtu1vFhsRf9l2ntvS3hP2OI9yMXC8FfRzQDg7zkBxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-311-darwin.so" + } + }, + { + "key": "QTiIx8HjBrWwaTCRcArFT9fnGOhD8um2zbGaJRyIrTuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-311-darwin.so" + } + }, + { + "key": "QThnT4yl_zx4eEDZiH3dYdUvTJjaONDJGyQ_yGpf3d0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-311-darwin.so" + } + }, + { + "key": "QTCa7SobNnusQPomkgExK0lKaMoiGUdDUgAPILDA4q_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-311-darwin.so" + } + }, + { + "key": "Qt4Q2AZw5cW-HAI1jf-KbsLHH9XEjuKT2POogUhJHThU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-311-darwin.so" + } + }, + { + "key": "QT3Aw5AZKQWgcURg78GgBhafatdLfdzbUga7Kwhk4QNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-311-darwin.so" + } + }, + { + "key": "QSU5qpUeALDdsRzpn6328DuVYrcNms97Frwou8keE2jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-311-darwin.so" + } + }, + { + "key": "QSOwHTNXP3-9OqTxAJnA4Pi66eTZ7HD5vgIBm5On62lQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-311-darwin.so" + } + }, + { + "key": "QsOFIGi6nOmmoBd1jtdlBpWD-7O5dRv7j_5MARTa8ZGE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-311-darwin.so" + } + }, + { + "key": "QsIHGTx8XdQG24LEJK3n7g5B7DQ0AMTByr-MRggST2co", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-311-darwin.so" + } + }, + { + "key": "QSgaekiRw7RicQN-csT3tk4zOmMqunUZ7poWoZ9Tosbo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-311-darwin.so" + } + }, + { + "key": "QsdbzMzZT8HM3cRgjA0PTNZuTdi4EQTokIieOuqZNfD0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-311-darwin.so" + } + }, + { + "key": "QRRf95D9J2AOvcO5bw6WEEDD6WEIEVsuA--0cCDiJ8lo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-311-darwin.so" + } + }, + { + "key": "QRD_6UI9Ra2DvmMv0hz0RAwoDKVTC-Rjuek7DN6Vkfws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-311-darwin.so" + } + }, + { + "key": "QrCOoqNiQEGnS1UAhgmsMK3tdCweRnZ2ZXCB1PwUZ5VY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-311-darwin.so" + } + }, + { + "key": "QR6n0O_UN52SVqPv8GB0OvRUR1IZBZiB_1fpMuxvntCQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-311-darwin.so" + } + }, + { + "key": "QR--kHNKhCPsOVfVk5O1hhWrwNHgNYK3yi608zdjwLW4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-311-darwin.so" + } + }, + { + "key": "QQukgoH3PYPQpyhq-ZCZEx9_Z56BPMB3jhRJKHVZv3XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-311-darwin.so" + } + }, + { + "key": "QQu--MZE30K22Zq17igOEWbwOLedSgEwhqqfrQ_o5WPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-311-darwin.so" + } + }, + { + "key": "QqtVN3VR_Jf0g8VLSC0fzpAFq_-Og_Yx380EG-15LV2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-311-darwin.so" + } + }, + { + "key": "QQthIU9u8Bh1yBuNEkAXimDBvupiyENgem737HvFoS_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-311-darwin.so" + } + }, + { + "key": "QqNEAhpiJvcHtqYEVE5VEAj73-vLl6Bup5vip0XqPEJU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-311-darwin.so" + } + }, + { + "key": "QqMaxFe6euTJ-i0NehcAGvOQK_NtzkbgHm5eLDhkgLzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-311-darwin.so" + } + }, + { + "key": "QQmA94zCI4wMj4pK9d_knw7stHdzaL2sh05q1kFZDXdk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-311-darwin.so" + } + }, + { + "key": "QQ3zig2p4GHrIbTB6hoy2oE_ySek31a5uzoF4kG_cqdw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-311-darwin.so" + } + }, + { + "key": "QPZpt6k2ETW2G5-7c27ffYjx5Za6l-y-siRt5M30WsN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-311-darwin.so" + } + }, + { + "key": "QpqO8-MHnu8TrVIxxFeiSBsSbCpyw-1n6agMk6EFvS_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-311-darwin.so" + } + }, + { + "key": "QpBNu2L4DsTEatEW3j9hErlQgk34nsZvfRUBHKhLJK28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-311-darwin.so" + } + }, + { + "key": "QP4M419uquCcpQeqtw7V6VgFns0k5No1e1X_-gdEnCmM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-311-darwin.so" + } + }, + { + "key": "Qp2WZuFyAPCkfJoype-GBtX0NMSYxJzotlbu03u6IEG4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-311-darwin.so" + } + }, + { + "key": "QozsiN_PFtaQ6WLp2afO-w5vfm2YiBPBORKSHC2RTyRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-311-darwin.so" + } + }, + { + "key": "QON4ywxt9WBEQbF34tMPaicMgH1ReDNDyw-TjEa4B_mk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-311-darwin.so" + } + }, + { + "key": "QOLaMTK-1J9CU_ZywlYrNxxkiAYI2gKGNxWRWtsgejDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-311-darwin.so" + } + }, + { + "key": "QOdrMr7Nb64KlIffXGp_z3997oLWeLB8oVoC2rufkyTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-311-darwin.so" + } + }, + { + "key": "QO8oqUomV7sjk9U8C_LzkCFCHU3MQE8i29Ovd8plPIOg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-311-darwin.so" + } + }, + { + "key": "QNt9PoYy5ZtV6Eq1qHHwUyOsgyuZROP4Kl32TYe7uxU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-311-darwin.so" + } + }, + { + "key": "Qnp1uK9EhQvYhhdpFqG9l0tV2RDsIu-hoH-sQLYtAcZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-311-darwin.so" + } + }, + { + "key": "QnJbp8NFKwyBL2jqvTifBZEFgC9T6Xt7M5jW7iz9TUNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-311-darwin.so" + } + }, + { + "key": "Qn393RranxcekR_VfqOkNFEDkeoEfCt7mQ2QBxotMTfo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-311-darwin.so" + } + }, + { + "key": "Qn2EeaP-epQQEQ5db_Af_86aGuO8LzxBks60vcBv0iAw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-311-darwin.so" + } + }, + { + "key": "QN0oSdY2gV0UmtLODFdf3R6HhgrkxIev71jPQXaNXDYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-311-darwin.so" + } + }, + { + "key": "QMVo1LRaNuHikToZ8AzkN475mvToLbdQczk2Er3RYP-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-311-darwin.so" + } + }, + { + "key": "QMm2xhyZuVdOGY4ByiGzAnxFr5fbTrqketPXQG5iUsrY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-311-darwin.so" + } + }, + { + "key": "QMIFtpG6lXMlAXPgYsJxIhsHRtrEZrKTCzCm8yYH8Wwk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-311-darwin.so" + } + }, + { + "key": "QMcCFAVk50WzzPdmmZNN_Vf6c4obTaJ31__edSaHYArQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-311-darwin.so" + } + }, + { + "key": "Qmc-oxSAaaaS3jSh3DWmHLW98HNkVfSGo_GrxZiAnw4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-311-darwin.so" + } + }, + { + "key": "QM6JQ3-9flQUdfUbM7VuSpT_v7jrP07hiRgqqPujnJ8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-311-darwin.so" + } + }, + { + "key": "QLvvmojyvouFZ6d_3i87QgkjaIeczp5-UslMf48hBaZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-311-darwin.so" + } + }, + { + "key": "QLVpqmfeKCheiv_zIH9WL-MyEkdJxKM256ZYQLZgq2qs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-311-darwin.so" + } + }, + { + "key": "QLlSZaEuzJQf0nejZ7smgi5JxEAD2V5M1GN7uezCc0_Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-311-darwin.so" + } + }, + { + "key": "QlEiHb3oe2KVinARUEqgHTfQ0ENlmV_hg_pRH2ddNcF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-311-darwin.so" + } + }, + { + "key": "QlBsvd9M5dhL3bMNR-0rNywhINHcMIcD1qNJeBdgCs5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-311-darwin.so" + } + }, + { + "key": "Qko6i3MoXKEQ0HcQSAMaVoPkYY3bkRfG0EOx6mFXi5w0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-311-darwin.so" + } + }, + { + "key": "Qkm5kdXNAW9aNcPCJdPU6plpO7KnA8QUMHGPy2XiWScA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-311-darwin.so" + } + }, + { + "key": "QKlZFDFOd1IHhUHoP93SaERhkAGluTurWzE9mXqGP1YQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-311-darwin.so" + } + }, + { + "key": "QkHbvtxtgtFf6c8YxiHR0uma6PglZgviGqsKsedFFXkY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-311-darwin.so" + } + }, + { + "key": "Qk8WoQqTzqMjxppK2UIktfpHlIsESucQA86DpzwJpR8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-311-darwin.so" + } + }, + { + "key": "QK8Trw9s6werBiNQsiKgLci4sNoeyhKiZEndK7W1kB1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-311-darwin.so" + } + }, + { + "key": "QjvSmlnR_05wRis7VtJRPesgmNo-liWc5nmKSm6QrmO0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-311-darwin.so" + } + }, + { + "key": "QJQxLVbIrttOHsbSuCQqbr3wgVUe6_nE3FkxJMDeuzBk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-311-darwin.so" + } + }, + { + "key": "QjLTtNwbZUbh7MprqkkkaWt2UhCZSC7k1UQn42DEDOpA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-311-darwin.so" + } + }, + { + "key": "QjjUgsONrdY6ccHewnngDUFmjlnv6jpjdrh0y7Ec3fek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-311-darwin.so" + } + }, + { + "key": "QjHP4goyZdv2E_xm3cCPPQC6-ajaN7pi_R4WdPsumgps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-311-darwin.so" + } + }, + { + "key": "Qjbcut6S48j72CKP9_8Ll_uVKIsEjgWvlYJADRIUI_CI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-311-darwin.so" + } + }, + { + "key": "QJ5WMEfLs-jm2jSpkaaPEz4K9D3CxzYGrSv2s8paYGgA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-311-darwin.so" + } + }, + { + "key": "Qj4dxuMWGxNztIHtrkWt1iDL5Dd1qo25CGV4KCy0wMXo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-311-darwin.so" + } + }, + { + "key": "QIYnW-zKn7wM2uMlyu_1qTcCyrdAQKYRzp280pxq_vNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-311-darwin.so" + } + }, + { + "key": "QiVyK9wbZZY69_aAw6mpYXkwPh_r7OAm62TPgxJm49vg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-311-darwin.so" + } + }, + { + "key": "QiPbAwmxpL05UBjDrAg-zqDz05_Xkp5kVVyWrEy5-Ai8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-311-darwin.so" + } + }, + { + "key": "QIOPtZah97m-WNq7CCrurBL2wfWNc020MClLhA0m6SsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-311-darwin.so" + } + }, + { + "key": "QINnmLT6xjIu-zVT8VelyaD5g7UlsidB52b8qXIq-NXw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-311-darwin.so" + } + }, + { + "key": "QIGhkZvbomMbfXHZQBAB7ogNS4_raXg6jwYin_pnCXnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-311-darwin.so" + } + }, + { + "key": "QICrVKn2MhszjYddowzqxiVihez_HWhMJfnUsd8gUe6c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-311-darwin.so" + } + }, + { + "key": "Qic7LhQUP7l0tBfNvHgEuL5NiVsUSIrUctZAAYPKvLbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-311-darwin.so" + } + }, + { + "key": "QIblp7lJYkzC4qvUeC9KOE8a2OTvB5PzBX_ex8R7Xoew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-311-darwin.so" + } + }, + { + "key": "Qia_cU98YmZEgo4Bupeg1n_AxIJp5P1olanIN0Dgnx4s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-311-darwin.so" + } + }, + { + "key": "QI8uiar3q7Vf5PfPCr7wkGsbUF3-NkAJHnivGMv4xEDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-311-darwin.so" + } + }, + { + "key": "QI_QbUh33EM1HLwcxx7lNgMizjAw_Udw7MM1it6kleX8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-311-darwin.so" + } + }, + { + "key": "QhswX17xcIJxjCIKb0nJDMLpQT4X5aZGFOsjKZnP18JI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-311-darwin.so" + } + }, + { + "key": "QHq-1_2amINJ6Et2-ZiG5SkKJl8atdkhVwgK_yiJq1iw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-311-darwin.so" + } + }, + { + "key": "QhOdV3ytIiQRuc96R4k-sZNRzw8e0RtuUnGtk8u5JIOY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-311-darwin.so" + } + }, + { + "key": "QHfaP_BwotK3D3NblfYogpPRbvsJQ1b5kdP1fPcZhfXc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-311-darwin.so" + } + }, + { + "key": "QhE71JIzBR6AaO47RQj8h9UCw-Llbc5v0UxWJ3KdyO8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-311-darwin.so" + } + }, + { + "key": "QHc-Z1JBVc_G1_Al6GmbJbhqeWwFzzCG867esQGVj3-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-311-darwin.so" + } + }, + { + "key": "QH6lf-GEyN6JX66EIQryFngSgJLPqCYDxd2mnOZI-whY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-311-darwin.so" + } + }, + { + "key": "QH5pk8CL-YFRPSqGmjUTzbHOL7LOBl7y8y95jrB3HSFg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-311-darwin.so" + } + }, + { + "key": "QH_nmmSdxnJE6NrfJoD4waT94IdnjkzsuVlWGxkep7gI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-311-darwin.so" + } + }, + { + "key": "QgYkedhkklKMJiJAPkAqCJWXNWGbV8N_bVMKwyGtJlYk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-311-darwin.so" + } + }, + { + "key": "QGy18aOyYFiSrsYXx9NyP15J-JZJQmXWTCD6ejR1ttG4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-311-darwin.so" + } + }, + { + "key": "QGuPWoON-TD2HGC--5lr7o61l-rDqJaNhtbe1-VW3mF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-311-darwin.so" + } + }, + { + "key": "QGUo711vfc433ZZRfZe0Ypd4pS2o2pIwpcpHUGs7lgbo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-311-darwin.so" + } + }, + { + "key": "QgQJQRG2ycmsLHXyBJaLXanwaGFsPvdVVD2jc-wF6vgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-311-darwin.so" + } + }, + { + "key": "QGNMWpN5uT6dGWo48ZSJLDsUcQqEDiQruQM2RjsFkxDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-311-darwin.so" + } + }, + { + "key": "QgNb3sULHgch3lhUmciRMqJio-Mg7WFDQsVbesI7tor0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-311-darwin.so" + } + }, + { + "key": "QGmRi_pj-WFVNuSjRisLTgdnPV-Vw23C-aMKTvQJUeSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-311-darwin.so" + } + }, + { + "key": "QGhM3CnVoCGJhzV79pX7k4GyQWV4_-Q18U3wG0UM-I8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-311-darwin.so" + } + }, + { + "key": "QG3QYqZY7_GB6YgwLAcyEd6YnJZh6EJ8MLamLn9Hbwu4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-311-darwin.so" + } + }, + { + "key": "Qfzws_mHoqBt9JXUcpkBZY91QdcxSE94USfFmdcEtPcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-311-darwin.so" + } + }, + { + "key": "QFSyzYHZgjegIYEVM6rzvylCmG239rLAzVLsi5k3s5dk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-311-darwin.so" + } + }, + { + "key": "QfQRrIBPXiLH4pA-QPrdR7HG0WdblMbIl16xBCO4bB_Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QFCT0jTPcVZ1vl_83izse_c4_8A24PRNfppYQrvFjYT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-311-darwin.so" + } + }, + { + "key": "Qf2pXE9pzxFByZTVpkR5RwTaR_cl85TgFowkdKF6ppbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-311-darwin.so" + } + }, + { + "key": "QEZF8lGnk7n3gKKEwZz_dcKI_JlX7gTLyXrhn611ylHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-311-darwin.so" + } + }, + { + "key": "QEhYqQ_Ai_cB1sVbXSXzd9ac2MN8cJ7Zz5-Eh3zoVKo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-311-darwin.so" + } + }, + { + "key": "Qe4gr-2HR0pW_YrJxmZZs7E5R3DeSXhAOH3o1CVm2NqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-311-darwin.so" + } + }, + { + "key": "Qe34HTIbX3LV6iOgvkexop0aQtVKkgRr_F3nQn8-EISo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-311-darwin.so" + } + }, + { + "key": "QDyTPZtH9XbqTdRoYTyZcQVRpcT_vKbMAu4YwrwWZsn0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-311-darwin.so" + } + }, + { + "key": "Qdq-0xvZ5cMhSvj-GGiBetBbUMqsBzQSLEfsmztKjEzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-311-darwin.so" + } + }, + { + "key": "QdpC6YpGxzoG9pKAxC1wiPMWDgA40_7rNMXux2Tcmfok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QDlQvOip0ic_o-iKJWyNXL9IVUNvDrOVy6PTCFy42yEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-311-darwin.so" + } + }, + { + "key": "QdJEZo1YZg9Q9cB2j02-x4pgpGvMiZpkNKWshZ-8dx28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-311-darwin.so" + } + }, + { + "key": "QdDHYOVXxRtEz_RWe5TiCNp4rP5JQld4EOdv62xdoD-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-311-darwin.so" + } + }, + { + "key": "QCJqTurzj8DOTiaQ_wJ8l17Xb_6J7IKY_B5fB7rT4gps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-311-darwin.so" + } + }, + { + "key": "QcHOM5ljycjemS_rl00E2K5nK4qM9kUo49K_vK7J-1ic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-311-darwin.so" + } + }, + { + "key": "QcG4JRRini3402YDyUTUQIsfcE8ypGC-6NUC5MrAQmRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-311-darwin.so" + } + }, + { + "key": "Qc7tRRRSmrNWfdO6IyhFdT04XP89zyjG9PdNih6l1LCs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-311-darwin.so" + } + }, + { + "key": "Qc-MwAFXWb6g-tC8fupiThXGmaAfsBlaRNPblrHwvmhg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-311-darwin.so" + } + }, + { + "key": "QBTU2bXLU64MIVDE0rPzTCsEenNK8_AvISmGr9pJgpoc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QBqHpK1L4BSQPDeDxlcjB7s10WVDVDqtdo9ZOjUFj5AE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-311-darwin.so" + } + }, + { + "key": "QbNH0bt9-04NvmFTTXDweO_q1yensExv-5BPwcKmN95o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-311-darwin.so" + } + }, + { + "key": "QbJuxuKRTDVZnXLZR8jnlcZpYXf8BSkbOc_k2KJeYlo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-311-darwin.so" + } + }, + { + "key": "QBJLDsFERffzPHVBGB2wn_OEHRYKtfyszarjaFtSdPSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-311-darwin.so" + } + }, + { + "key": "QbFwnUqpgaxvdA80bZEVkSxlvnB4X9f-ieDNS4ZN_tnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-311-darwin.so" + } + }, + { + "key": "QBcvntsjj2SebjCsFdeC9HuAhBjwUItsF7eXZBXcVbVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-311-darwin.so" + } + }, + { + "key": "QB2OieZneQ5q58x9Fz-pnrXjaN9_2lBBmnvJ1ilau5g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-311-darwin.so" + } + }, + { + "key": "QaVrh1IJUwxL46pfIjFE7sdaySV0Dcs8RhT3IjStLDUk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-311-darwin.so" + } + }, + { + "key": "QaoE1HDqZBHaXN552C79gPmBEqdC0rjcuvZcbjKIvy7w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QAJB-zEiScrosTVQmhQNuXePU3fK4jhvoHccikLmC4uw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-311-darwin.so" + } + }, + { + "key": "Qabhjf3G1L7rqgQXmoLlyQrxz5bYStR97FL84zMXT2vg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-311-darwin.so" + } + }, + { + "key": "Qa9ASWYxVixvF55Glkq1Z8AEYsI8CI3s4_t4eK43fVZo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-311-darwin.so" + } + }, + { + "key": "Qa4JMdrW6PY96FiOGnZaetMXYn0pMO-uW3hahFIq25Kc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-311-darwin.so" + } + }, + { + "key": "Qa48rw9jvY6-uK5UNLSVASc4gsUHC2g9ExEB3iTkGiuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-311-darwin.so" + } + }, + { + "key": "Q91aOdMZGh47eZ2x8xCVF_xdcgL80i-iPC2UEPTW2XOc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-311-darwin.so" + } + }, + { + "key": "Q8XmYsRMI7c-vokYnJvw-DQvfxfisUi7ScSnIA3MKBSE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q8fopdgY90gV2c1T09LKMtci3clXiEab3mTUq24e-774", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-311-darwin.so" + } + }, + { + "key": "Q8eoispp21F8hPGjCJ3CHTpJD0s3I1HZv-MIjnAw8Hao", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q8dXN1Fr1PvXVxmV8m6fFh9674AA-xxshlPLs4kBWjfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-311-darwin.so" + } + }, + { + "key": "Q79yUAdCnv4bSNqFAvM7mAgMKUYL0sMDZCZRwVsA0S34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-311-darwin.so" + } + }, + { + "key": "Q67ol75TB3_yis6l4j6w2yEaGYPL-ezVvnEMrYQFxGQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-311-darwin.so" + } + }, + { + "key": "Q5wKL-ohAiJfh4UVtE4iWcwZcMdCfSrKjOAbrJI5BpBo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-311-darwin.so" + } + }, + { + "key": "Q5oo9db9ZfU69exugGkIkos4u9Po3_841CB_LEVULB2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-311-darwin.so" + } + }, + { + "key": "Q4khg65VRm7sdgjOdMmLWcsNrfvd_Ns7EcZSUn53c1GA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-311-darwin.so" + } + }, + { + "key": "Q4jwvoq3485Cp7Y1o0thU3JY1ZMHhqv6Kaah0PawArX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-311-darwin.so" + } + }, + { + "key": "Q4HLZPZrP0rHDl4wLqAXq_sI_qTAtXvuY1vMUWUzspeU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-311-darwin.so" + } + }, + { + "key": "Q4cDnBhfkKB1FvO5W0wM175nJivlS6xbpwQchhPsop9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-311-darwin.so" + } + }, + { + "key": "Q43I1Tat1QLzttASKfVJOSi8aQFgR6fCc5ZOnRTEZQWU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-311-darwin.so" + } + }, + { + "key": "Q3zFjv8W30auYYhBBqfgbn5KRPDirPIYgld87byAi3Es", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-311-darwin.so" + } + }, + { + "key": "Q3MWdDgfjBJ8VQuStLCG2lv597hEVPOnkTABndyUSsBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-311-darwin.so" + } + }, + { + "key": "Q360XY37xWDwZ_YNuIeHmy1jNjjfg265cgx5b0-Z5_N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-311-darwin.so" + } + }, + { + "key": "Q2khYSmVlOKpaCQhtQGxYqq6dp9XocVMX-Ty0FBbuFgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-311-darwin.so" + } + }, + { + "key": "Q247z_LjkIIgNUBFPmhM7M2SLK4g5sgbYvrDt3kQlNIY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q21SV9xWzFmOHOpYKppbqCTRnSwTWyE67UbAfMgXthBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-311-darwin.so" + } + }, + { + "key": "Q1u6xPhRlNbu8_Cr9yvzsDXrXuPhHaKXkS_svR5wlJfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-311-darwin.so" + } + }, + { + "key": "Q1cp6aAEqte5huyPfpcgkgOp8ne0GZHCUpztcZbP_ixU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-311-darwin.so" + } + }, + { + "key": "Q16RCA1oaP2JcAkPqWcyDPquc4EpqcFcUdw8cpi1DozM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-311-darwin.so" + } + }, + { + "key": "Q0Z878aDyLGkK0H1aZ98BZnCseJocDK0kIYzMDNU8F5I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-311-darwin.so" + } + }, + { + "key": "Q0sAkHnDzoO0JJusXoOhMeOPU6mu5EbW7lCz2WtrjFc8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-311-darwin.so" + } + }, + { + "key": "Q09xFlUWSIlStySRyOObQKUOGpXDNTTYx25frDs4VkTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-311-darwin.so" + } + }, + { + "key": "Q05zfmsO65veh8PcSvqLk9iHSofnHFS_XcFwzvGfV7Ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-311-darwin.so" + } + }, + { + "key": "Q_41dgSAl3ltiKRfgzCGSwF3qHl7viR_fYeQGW42t3MQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-311-darwin.so" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QugcubjyzsK4GNR35GtyeXXjKQrFIScXJNrgM-20dt3Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7tIvqXg6Lg0jsLjswbMBmdj0pc3RqaawvG-9Sv35Z48", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QcTXyER8ieXpTn7htAQQQb_9nPXhq_ktY3_RTXvumtno", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QugcubjyzsK4GNR35GtyeXXjKQrFIScXJNrgM-20dt3Y", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSonztQHQiycU8lDK3p7p0KWbDxfJlGMRLS02YlNDUDA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "id": "15904524869", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 42028668, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OMPrZ_0nrvSosItyX8lAm26Yq_ZXp1HCmAe0QMHY54", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_Q0C4C-_b503LLu-XWwhcKnDvrdFleCLa6DRv1KmqRA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_uY8r2w4xwLR2YhfL16ldd6ywHM-RK9tG9uAUyXB-r0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_WBq745FY3Oczhb37NQd9dMTkQjYD5_GCkYuVLhX9K8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_xeD42g_KhEjnhx8oQjULzd7nhv2Il_U-Q5DQk0h4VI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-fnIEd_HFTvt2zGzbDIotzjjNEZQjbrXqybWhyvYw5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-mdTGRcGzOlHCdcQwLpkPwaobr6a_GZ4gqJQeN4n5XM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-SDNDpep3GfgFRAk0VjhDA7uhKd6541qlF_sCmKJGNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-XiF32YdIgNOblIzXGeF5zUiuUj9coYdLY9SZLTy0i8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-zU76lVA7giAukXXfa0QAfjOkT4tXz30wjzRhg_uLck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q03S2koL6dxd04dmFgekCE7E6X1V3-8i1mKzBAppPINw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0dlRc0M3RCEfb0FYc1dZhEBw-HBqMxlKz7n99SSSI5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0QIp-tVSOnQk9023nsHAGhDZSFFw7YkZRATKvKA5zTQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q11f3qu3V_oxRBNtTqkX60lyEY_XVWjF-SWfR96bjfIw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1dchZxkRKvO4SqJDJrhSog6v4E4W-P_sac98BSw0odU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1vE8h3Xyr-P7ZT-Z7lxdlnPKpKfa0dHBnNoETuQNuFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2aaIlwVgvMG2oAEOyYUf2vUnMwU_1HqUSguR2MyvWzk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2Iw1UaVnpP22yOg_AMRAdMxJTdDKbFwo2FBf-UBTST8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2LvLrdy6ahCE3-zSKae-4XLFjm65J1h28TymS97ylu4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2zJAvMpvpwETWo1_-w3jSFwhIBYUgV4H2Qm14djo2Ek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4wJvkoxPVmdbadruS0BXgFkJ_GT1bI4ri4cVdP6pKWU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5CRvipEW5SoZWEDQPBE2yNXnEjYSyGdG4XSW-HeSyUI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5JHA3R6F3Q2igtG0sr4zSm33wcPZJfCnAIViR9Ga9a4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5Oc48-LsIbyW7T808Y2E2VjmXgzN0oBBe6PBX81fwnM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5zPwnDeYn5AR0U7R4jjZGPZFY44PxITxC9nOGH9yKtc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6aR1CCa2HMjzalkI8EL6Y0LyXthEB_OUCy_WL9QteE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6P_K3_10AbX_l_4r5lkhXkOf74XIfdL4sB2xTZICrTc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6tG84OfanjAZEPU0j1ruPOQ4pL2u3xHypPOAzKv65i4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6wWOx6Sj1wLln5_fk81gnvICV3WSuBLS4iXBOe8FjbU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q79tu4WnR_3mn7dwgTwK7mdGd9dvyxtrM5_J7S9gCJsQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7d6y0i_oeSV3ndEAKNQj7Yvh52Q-GoVg98QNAPwfE9U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8fg-k3N0LyvegsKjbwnbAB3JranLX3_0UNoOsl7GErg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8IMA36EBOCybMDj9coleJKfob-QpljQk6gcpQKyTjj4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8j5LNKQRgemcN9Z8N1KyPbSMMcB64Ffv2zLKejmFLF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8ReACWaL7k5JuKuZ_uhH8sEV0nQRIwQ97XVNlpYhYeg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8zHO6f9vHcZzSUHsragaG1c85jrxO0iZWSfDgEGmBgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9J_-5q4Tz87zGz791ztZeFADtO1fwFFyXaLZ14TVulk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9X_xpawx14DMavhIH9XtL-Hm3nM1Ik2-Zddwk3kmJfE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QA4eibhpy_OzqojgRKGAr07tAJbZgHh5lIGYbCeLCwCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QABBRraQWRN6-aQrFozNmm_odW83uw05dQv3muvub2VE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QAhkWVE4pwyFl21OzQ5SMx47RbQw9Gag8busJSJm12cI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QaIaYgwwp3yjWrh1ziqEOJDgWzgbmYAN8eo0TczZFrSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QALgW6-7Q-PcHCaNcYviWP7Nk_s14ADX0McZCxmM-4Fo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QAmHp4TQmw8f2QhWvp_usc5cH43KCdk9w4SIHxB66pio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QAoISjp6_2Up-CKoifrDeMzdSIJVP1SCDZpWrCh6g6cI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QapivE_YIRcn15Hs3Y9SH3mU4aX9mZS8EUKoZVTVXqOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QAPkBlMDW1NdWsXu2BqAVv2VaisNu6uamtp0D72Jzh2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QAVSMVeJ7BvnaSDIyvCT4JHTtZBRRb0Wtw2s7S7OmS08", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QB2iyJGZpF8rJJ4MVXTRFtPU0tryOuizqQLBCTHIGPL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QBAAfnleLXYSnUP3O8V-FtSGk2zFVTFgXHrAfaxxsk20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QbaZS2-ZSuK6YBHZxiBNXBUV5fK3R3SiFMPqBIygRyTc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QbdcKGm_sXGglM5V8XBcUQmAklloDOBq3hPIuwb3vHFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QBHbAI68Ok-3x01ckrUWgyniKWhGcv8Rd1FlsGU2SGN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbif-70I5SCHeQ1cKDZ8pq3SPjUqmRxdmwvM8r8E2jZM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QbjSPAcD_bOwB3y584gbNrfUogDGJZPc0fRzG7wgjI0Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QbUEoni1MV7hF5GCCJ_WKMURfPv8QAsblRm47Q9dgJg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QByQbJadZ02eiUAFZw0Xhn8FYzhO6Sk7FVJojlf7y3jQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QBYXQqV3078TuCgSHsDbPXXxnCCs7BPdCVh5jq2J88vY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qc2tUMS3Sd3MrTaCcR1iA7XNFMf-fd2CIqCx-kElrEno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qc2Z9QFsERX6qaXjybgpr5jxRLSYM56serMbNn9jRDmA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QCb8q8DFHnN_Q0-bYbhEbqTo1VMV-dJ4KLQJuHIwpkEI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QCiYN1OnTU4CK1mM2f1HS-ohuhOKEoXFCki77-RTZiYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QCJPoPg33sROp_b4hsXofOUKb1xLFEcthFlEPpiN6ns0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QcPhKT6IX4pgVoAWzN51pEB3I_lyga576yEinNhmJNlg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QCprWybUmdac8UTsY0tbQwDJkOzvVizwdti5aQ8hdG-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QCv3_NjmnNb_w21JciTZMZox5Ql6YTFGbHbgD5p5olTA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QD5SokOPv8yKt_1jscoo8gCr7HyMebTs7Nl2E1fjv80c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd88E_80zdZkI0fK-nYgz7iyCQAYM5YQdpPiDj9aixrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qdi3KWKp3aC-ZNyW1psho4-NtA9WcY4Kh5JlR_O98xyM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qdiy0Z4G2uu0QKJxnaICpEIc5LMEUZnjZlzsVoRNFp3s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QDjKoBII7AlSU9XuRTtA8BZLeVtg5hM7X2ol0y4wR3tk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qdpuqng9SailpnSVkCVZZbHKMj-jn2kTr4MDRA8wXSy0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QDSGIkw7nCqr1mSKacR00bbcEi4oUIjX0mq6CK7MyYG0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QE5z09kiru8Ep63wkj1ZCljzrjOqwGQipo64yJSMM-Y4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QeBLHG65rJF33oFzg7mss-XTPA8InNmb1lc-rNF06yDQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QEpsRQ4y5u7l-lJ9cMEYQQOruhSDKB5XWSYZQ7A_YMeE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QePUQf0HUZfyF7S7ijsXflQI0M273C7-TYDiKlJ5rAZ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qf384sXVwv6VlcpTLhqhT4OmCUToVYfL8Qx-prx_O4VY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QFBaRcpS0e1SVCP8hnyewN_8PawzPLscnA_B8HkxmAyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QFCXDNWBMIgQbYYgoGi0UffcxPoyCZFMb-589RbQ4UcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QFPqZgTF_0qsJSMOVNTNmgWJwn3aBKhpWm6CfABUJzww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qg5-az-WzH3GDh_vLjGuOVH8hw8LdK0Zj3Bfx1ZJOsBk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QgFR6pMxUnbKASrnbYjG06obHdV0FrH02VKi9ZBuu4-g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QGFYK8ed9dJOh0uUEph8r03I9vlHoacyNwEyEG_k_jho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QgPujc-ykLlvlBHK2V14rJDJpUNpP07My6DmorMqXRNg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QHc9MRtfp2o_Nze8-VzrlQe6NUJQx8-LHkfJoPcdsmIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QhcL_m9gCg5MlBlCHkj6uSnoXXg3mAtObGiRr3oKBOJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QHf8NA9RHfTkCnACMEAROwJPqP-DExcMdbAqXOxSfgfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QHlq151rrwJPttOufFB-GVWyfJ76IcY4Jrwnox8-w4E8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QHNsECwUNmmWb9Fz7hv9QBB5GUOOwLroccMENQ22ZTGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QhrJvIL_hEjLeINVqgd3diFw57oCYeb_z00j9oDoY1Io", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QHrsAyJYMSILeCE1DNTuxMhXrVqOyZd10dmJw0QELArg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QHZiZDtjkI20BtvLLF4cRwKxh14IABpeDD5kDaTiLGBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QI8MDbajbUVNAXg6VZpLsGpP_RbXczinqnavnRZIe0Cc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QifNIttTK_2PeWrJw35JH9nmkMINB82EY5jLSpRa-1_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QiT5CIoHJxly-i0NjQ3c4l3P84PQFoShB1hzruXmGwR8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QiTMKStoYgIBer_gDS38W8BkJFvWc4ECKBQMfMjXeQ3s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QiwOyfWt3FLf5uN3h-qCghzqGrP1YJcY1fXaOWTpknPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QiZjvYW5tLA8uDHgpWN9P6h9nSmFTXGV9vQTs8lupTvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj4sxGB7BvSzP1fKu7X0n1B0FECItvhTjGgWHp1HHLpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QjEPkohxR_tuVHnwO1hfWtOGoMC3laxgvHsTAhU3a5f4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QJgYyxG4Z7G1Aupt88rO22boqjq61rQ_NEONDfsn4MQI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QjMkkmMnR3FMHzuI45gLol7xo-MnGfFWDNIqeMT_U6aM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QjT57l9OONEQ68jIOQn19A9OKkcNda6Kvg5MvZu1xSOs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qjts-fPquXNtS1FxY5RK5SmFxD-wDCtL2e89Rs-B7J-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qjty4TfcMFGUwrnmHEJqFS18NP9R95iSAufnPCYmQS5k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk2uWLPMqDklV4G_LekoBQnVzy5Lw1lQcyhoDwL_Mdps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QK7E4AEmPmbeEnQ_dULh-BXLyiGIH7hM7mS62S5C0WDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk9dkvkpwTc7O-9rbEEoPNvbgLmhZaGxADdth9_zEvxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QKgeC9OVJqw9ui8lh81DC88_4HBxAO4KUZdvqi63QZtw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qkock1SEzdplTI8qRpQ_cbFD4KK41YIeKtYrwPHu_rf8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QKQmMCTSrOzLGJHFJb9FC9aBvV0NoI27jGfBh2ePq_o0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QKsHopgcIKfsKfsnqUU-ELwoCzgDbKW-vGquZxQ61UGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QkUoSQPDZIiAHWLqwvF81fCMpFjPvqP9OMpicAoFOiaU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qkv7BiW3rn-mkHNo4SextnWsO48ojwyptTlVBmZNiDqs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QkXvsJaV3qCFfOaxMhfImnp752nCGg1tRt2DvhTJEp9M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QL4puz4fo1pfCTz5C7fOQZNzvIYY64m1edf_a0ZLEDoU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QLb2jzhrZ6u9JfUjeRVpCBLebQrw2M3QSqrJKEdQKvV8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QLImf4R6KBItMZMSW04Fvp1xVsK0Gz4gMJzOhXIsra_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QLm8488uOQXnYE4xXH7u65AVi8lNt2qyl5gsX_JZUB-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qm-0O1HTvSb7nF-_RSkIU9ANdEar_7k0mnO-pohORjH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qm14NZZuab-gM7lcI-3AZTY8W-H_DQuy4PIpKCOPqc-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qm40cyuOMepR5n5LzViRyLcxKBKnF7DYr_3djbq-zY1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QMgovEh_htwEqqW43kywvxCgkUmfIsq8eZomycafM4S4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QmqynMEuZeDPUH_vUmbGnEs5qW1jtutbupzt7E5BaJ6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qmt0ZAHDBX4qpRl4djkd74I1zBA4fPA2a9uRXr11aZWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QMvC-XZNhyWBy9Xoit8PhwQ_RhEpgEgCiiIrFRp6-8P0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QmZsZoiAxZBCtbcecJXz23h4JbxQAw8dvbT6nb2-2Ad8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QN-JwvEqAH8gA9XS2SHJKvuKpfSYL_J74pojqihlNgHY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn7feYepEoort_53ZaC5mhcm_dMevgUzgP_DSajY2oUI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QNH5EjU71waYxb_SQfGhhvaeUMqCXCloUgCRnLDXncuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QNlUrR4obxKGCxRslIc8ObPSKnPrje7iQkEC8EYzWdME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qo11MGY-mmF6U9T96N6UU4z5L_-sOW__VzxRb9r7h2lI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QOkLP7bCQGZIRd_UfYGBBIj9jmF6SoT1vv8moRwAzV0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QOLbqfDSnaZX5z0L1__p0elE_AsB3LFKg90uEeE_k67k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QOO7VZ6-Yvpj3NG8cDUS2baqYapR5XP4BBObTeM7thgo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QoQilD7unez7jJPK_2dWsWwQJIA5My-1wzswrxhLcRJ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QOxPOUZw45tRNTGU0e9aK3acsHL6NjBdSf6-LKPfUs_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QP0WrKupxcQ9QflwsuWos28EkcBuruyPaEn5J-GZRvYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qpj9dqiZxxUIBcDHvezVNWLop6Xw7-wdm9SFBv4uH8W0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QPk0fk1xt-GR0CUnsFhCZ62sUIcqcYWQmZM3JOEwz1vw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QpNRfl6nufjYrVncfhxTOOqXcxsAEIRPq1Qs-aqF2Ztc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QpoTJOMtDFq8Glc91B99jKDeCx9xqIse_lg7BAcpCWdY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QppqScGYnA3Qlg5Mu8LcDUtkDLPQsEMwxQXJ4BD7r_5w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QpUSDdvFijFOlTZTujPZ6bawKw6bT6i-M6mUY3lnJsNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QPVzz9NMKC5TakT8oQQ5JSOg0pVxMx39a56KW8qqEo1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq1v3ZeeDqy4oV963oGMFu-riejjNYvhqiBDSwPqwRiQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QqBZB5FyULeU3oyYFQehlkrcSZoTaFiXAg5gimNi8CmM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QQkD1HI4szJ6suLCqymjZ-8IOhTC5JyjvKeZBb8y0z7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QQSnFXnPxuxZTaAZoCtM-NK3271pPMEeu7fEEWzoKupU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QQTeoWlnM9u3-kbSPil85AIywus2dm3Nuwi8RIWKhH30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QQUVMUjRQlmY5o2HO9-TrgFgZLd5YViboTvUl0kCptGc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QQYJt_YcJCOgXfQ9U7RdAHAhDFEMeXIJa5F4DFGxWHog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qr7v6pbzW-Dh8u1rXuGregxNdOnZFWwf3kGIW1JFCziU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QRaeklgq4aJpsgtxdUW3dJ3dL5PRkS1BkUOz-2pg_QUk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QRKos2yC4cAf0hxn4QQdxZXZOe3-Cbv-omePjEniEXr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs16oO4D4RDuz8E-LUjtn7wvE3Ch2ZDxW1qxp-Qsh9Bs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs1rlmz2qDf08DTnKwP763r43o-wBc16sK6DUq8OQrbI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QtCcRXnO-1Y3LQJ9K8YzHyA0an5E7Pzz_pJgK-bKMeUE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QtDHqsJXynbd38Ewjsb6t7POCefFNyPbEGVN7v-5EUf8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QtgSG2QgFTMGpz8cVrq5UJsFhdmpL4oDhHvBJAolVcfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QTJT4IWjjQAPKN1BA5TGuyb8wQfBZCpekaqYvzmtzPhY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qtqdk0LQOBi7Xqd0xG_iR_sa-X6RE6L7GW2I1je-QZls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QTrc1SQSKJ6IjYh38vckD1us8nQpbfrLyJFWj-25F5Ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QTx5KYKgkTca8L9D_6FPD6KQqCYDA94e4sdCBTO30j_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QU6RDO4JvC2VJO-11ISreSczSk7OKTzKowES0lcNhqh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QU94Gsgg9LTiWd65S839zmHqWwc-1tuRjwWSR8qNx2Lc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QuJuQzq4-sJ_MpmlmLw4SXN7HzCLsmLrDL23koIhytzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QukdNLGLOHnNKmiYH9GGRK6EXn8fv1tMDNt1FeRacou0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QULt9WYRdkms3EF4cIiDAw7XQa-Xx_-m_OZiWp3PXEg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QuMGBBZWgQli0uXSBmkBwMZRgV-6a0MDuOwdA2IfxFAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QuO_Ycugc2w2A_gUmCl7i74bFLIIvZfhW9bWCb9OW8Gk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QUQrU5khkpoWiRYXhOZcYt-whZfl4BqNQoKkZypS6P78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Quux0AKFi8rVoVwqQV9Pw50AiLCrggw2TQqXH6wrhm94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QUyQRO4nJwIoPzRCOij_lK52G9CctHI9nXqgRDvGb1ck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QV7G6Ma4xCSzn0ymKZcAPt6hxlr8J8BFa_4ammU-g5X8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QvfOZuGHNVgfoIcTxyp5uWfYaYA6t7GxDvGfVMUNB0Qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qvj-r88Oa7KLDDDJdv6y2K-93qxGpvgNxrJzkB4riYvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QVl9deHRt1tSbyn4UmgXSxinJ-ymJb5XCbk6W29wSaFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QVLQ5eanJgswQvZ078YPI7RYrCdOpjFm2rsff_2H3eWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QVN1vhkRCPbChZbO4aJ0G1UQtHMb_mfuV_6C4Rrwe-l8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QvQFxiz0t4DHeBvKU1jJ2W3jxZRxmIxij-lQ1DGDrNqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QWcPJ5XfxdwZUF9Hp9NSVuCB7TYO9ykqYX91F8PYMjOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QwggSRhZJH3zvskwIVzsAKbJS_m3UJ8hnjvXiojf-cik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QXcgd0je6lMGKBqqAi6DQnufCw0rwvs7f2F-IFkrc8JU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QxDLTqoQr-imKN5g_S3Y5A708BZzbJp525wnLnwYZEx8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QxgE5W53pwqB7nhjF8l7qbMX9ezQGGdwzESFHgiGx0Cw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QXk8l_BRiK5LtdsJVtLRiNw7RYF9Uwe8SPwiOedXkQ6c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QXmmDTTMvT3k6JBeXk8r8Gwuzv3T-zv0xG6TW-HT0IpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QxqdKko9O_nfxAymwC_elRMzG1EqjbmOahYLJXHrSF_o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QXRLHflnU9hhhxO-bdPJOYm3wny271XU-WonBEXEcUqg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QXvIt6LoTWmWNBZ5o5xkOnBOKg9MzkqN5UQ3CWMEB2eo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QY1u6gIJR9trEKm-X2_tZPPr8qVbWa3HbF9pD1AVnkyc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QY87GsJhAMdR-BDLa8t9_prfKdDJKf9XsAAKKTYRduNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QyjSWudLcA8eyoQDzfHL5NwZdinwEbBJV47Yy4vqcdUI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QyqtmItKTcQwamdhGy-6crohQfdY9hoD3t9JowzpuyRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QyxCWpsTE8SKwnA_24g1lulfp8-lzMALnF7bM3mQfuIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QyY_ei9xXrdJXjjSmqOvtOuaXraFMhVSTHuD7W2-LepY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz2pnMCW7lcTyqSTWAz3MFpENZvSB5HAjJHxSfjJXNzs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz98tvHkyXogJcBQSM5N44rQJibhpN6eetk4kNBUGJxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QzBm0XxJ9Ihxb1JA3V9Bcjj9K4gHvVxrzlCrSQC5dC8E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QzC4gY6gx9h1ZPR1HYdO64KEAhly2lk-vWyIDFW3Luqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QZkZOgzow-xnPRv81-Us64pFAVHILtKsKKstrNEpiWFA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QZmjwieAj7jZal7r5Htq3IsFLJv1av8WWeUAW1rkHmmg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QzonIr6hywGp2JDokSZin8ktNLtISbGSD0cSS0qZ23AY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QZT2Wa0xUZy5z2esB3iiww6W-TgpETUHUJRChmWcqSVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QZWM8CWStJMhOPUVj5JdlIhJyj56jWSRPPPBZlk26a7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-311-x86_64-linux-gnu.so" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QByrjGJv0LG-1LZRTTyH7Cy5YUsFS0sqPV5H2iCeXRK0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QZmKfRIZyo8H3IPdqB87m_p0w4IYjMJ8uguJY8rpbrXs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QByrjGJv0LG-1LZRTTyH7Cy5YUsFS0sqPV5H2iCeXRK0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZmKfRIZyo8H3IPdqB87m_p0w4IYjMJ8uguJY8rpbrXs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QByrjGJv0LG-1LZRTTyH7Cy5YUsFS0sqPV5H2iCeXRK0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QByrjGJv0LG-1LZRTTyH7Cy5YUsFS0sqPV5H2iCeXRK0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QZmKfRIZyo8H3IPdqB87m_p0w4IYjMJ8uguJY8rpbrXs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QByrjGJv0LG-1LZRTTyH7Cy5YUsFS0sqPV5H2iCeXRK0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QCEtLZePRcKVVDRXoc2_F6lrfGgBE2NQTNucIe16506Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QByrjGJv0LG-1LZRTTyH7Cy5YUsFS0sqPV5H2iCeXRK0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQBKoIQSTZuWNpG3z6r52G1AVE_95HFc1e8gi5V9oBik", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qfg1mGOpvrHT6r0y9rCG5rmGbFSrJsTiuGKCLsbcYT5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_IEzLgRuJugvKpqbtcQkP1RarYtAZ4Zj_x2XToBnC58", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-311-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp311-cp311-musllinux-1-1-x86-64-whl", + "id": "15904524870", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45199693, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QzT_7Ky5Cp_FoXlp7AbfF4-GWEmGb5-zZTMdn2QILMF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJqpS_jOtcUgEunWQ_pY2W1JgFw7K8J2JtB5WK7i6VIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJqpS_jOtcUgEunWQ_pY2W1JgFw7K8J2JtB5WK7i6VIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qo86Thmluy3fyVLIbbX-ycqmtneiZU_4lbncEhmzh-DA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QJqpS_jOtcUgEunWQ_pY2W1JgFw7K8J2JtB5WK7i6VIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJqpS_jOtcUgEunWQ_pY2W1JgFw7K8J2JtB5WK7i6VIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qo86Thmluy3fyVLIbbX-ycqmtneiZU_4lbncEhmzh-DA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJqpS_jOtcUgEunWQ_pY2W1JgFw7K8J2JtB5WK7i6VIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qo86Thmluy3fyVLIbbX-ycqmtneiZU_4lbncEhmzh-DA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJqpS_jOtcUgEunWQ_pY2W1JgFw7K8J2JtB5WK7i6VIk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QIWNTn6ExScXpFYXNccF1XQ_XkVwi_DCqS2U0QHZfMJM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjA4xg5QZ344CCeNuUTdIxXT-RwTXyHxx_0S4WcJU_eU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiNDEpknJT5UlVjAct017KdURHEq6A2yvj_6aLC4bGMQ", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzYzIQI1w-eMgVOQtfQqjI7TUqqCMkumZFyXYUiCa8xg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QzStPa_mS-hkpFVsdPdBjoRPb-xaba5U4vOp77MlCCcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QzSoMAm3TME5qbTAh2LDJESMX9_kjJ4wnnT6ux9lUWHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QzMTKe8GMgMwJCCPg7xBc5ETMCdq63_HwLNfimtlHS64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QzKKJrjQarNlK1urgGMOz5b1U5rb6XD89JHKcbPeEQTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QZJOoSjpyPtbed6dEfCSVk0o-LR6ki1KPN8dLdBAxUJk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QzicXlnQhZNcqCE_zHh3RN2x90qA4aAu1BD-ck7fUELA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qz6k5t4BdpbnnZU04xi4Edq_yTqds7NuRnFdnGw7qm6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qz5uXvJ3ynvfCHGQm9dtTc2n-N8v2FdPRwjIekIQAxKY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QYzEvPsmYGWz9UqA2lmfmATaRLoehVoyNt0rz9A8t_sE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QYyFRqoA1OE3T1kYwmqsdR0iN9aZNQXJGkbMXGsoSLYE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qyw6cS0K_zaoA0eB4oCxmjsLtkqGRCCo1w2T9QAz5V0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QYNLUSfGhiJxGo0a9RGlfxDvujXxba51yq_jVxMXufb0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QymVMxdpV05IaYFVAE3cR8KZ-FBL97L9LeghU71YqMjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qxyj6-bdB-qxA5_wYP6o0JHTnw6gxx7IAomhkkMgDFgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QxpRi9R9p_7LsKVHuhCdoTdK2O773kZwDVPfWMeEAj5w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QXkt3sBfw_XxdB-j8Cy1Q9e-a9WxT8fX1mSSehtCNvqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QxGdVYA2Nn5gAV6HzSvDKTKFe8D_cP7D7lKcPO_mCRxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QXehWZWdy2-eemS56GnMdggsgN3g6gz4IxqTCQUMZmpo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qx4h1f61vSR83cPTUUBkpQCLS85ow70m5RZZ_vOIbTpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QwYtCOIAXL_nxOTgRgeWCA-4rWXn6cglQRONard59deA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QW7eptCRbzRkgOoarJWjlxYgMBBOoT360B5zOkCgvP-w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qw5iSv4rzbkzIDoON_A1GzlPHAfcYHbuN2WDGogv1o_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qw_4zjD2szWyRgkLrkCBkpfXtk4JpeP2HoDcARgOZPXk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QvZMZqjWhpaWmhourPlEFGRd2ksCoy4LF688DMVAml6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QVvlxkDCGMo9kuSWRH8XiftxIutaHa9upGvAAaWyv61Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QvubYh0R0ND06TsFp6tl6xGLF4hDgPlRBNjo2yJTcb-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QVh0C5JhfIri1qjoauNVf_K_anhoR243tPcvrbOi1IgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QVeTxapsRR9PFjOnMTgmw0S8wmROKEExNnpsiNUcVrUs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QVeEE-GuGxg0GMLEznWguO_7YlqdrvzLy3CDdoqd1Lts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QVDt2mYEOdC_Guec4yiT_2aV68cRLy0tIKE-yHCF-90c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QVbQ7vRS4ArHIRFuTHUYXnotTtkMVvWqoMYbmArWdass", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qv-WNF72WanRGrmngajbw2bKBCR_qojLx5VAf6Jhhzxk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Quxhz4xXFqL58Aoj2ATM27e2JvOrwHLF1jlZfRfHsOsQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QuUJuWJlmS1ALHq9jx0gpxer3gbrn1KfNrGy8HZXSoR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QusM81XIuCNQ9VWYS3JMDQsZoHl_GNVFe1-mtbmS7fpY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QUrXmas7P5Lpfptdrwib99Bg6zc6ix8yv2RoKnsY8nlc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QUriUD61qXIUH23fNXPefZKjLxbLQesX9tNrvPpgYiMI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QurgwkmTHUmnoWSkUUZiYeFjnAPoZ-DHq_CAdKchQKNs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QUnLIikb80YLqJF_q5-y9XdFuwgzEUtMmCPntm2h0vuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Quie9SqtysxZNRzXIp33GK9gBNZ7degneK--1KIwJfYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QUgDKyu-jxccUurfmbtOPYLNzjT1XiaAen9_gAdodi2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QU5qz00hQ4POkKBSqmjY1Mb_rt9aOViZuHAv28r7fvwk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QTrDsv6oySkFqba_nwvg6yARNeEkftYvLV3E4h1S_KsQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QTKoou6iDI-f6DjEBojHIMGr_7ZIQ5tffe966N9oAsBU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QtjJwHVgu6OR-pwmjSFbUfegGxuU9xFgd7XKmnKRjQVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QthB9kkgQE_AcbAhxGECousTpxuD8HlQ1t1lAgPdxmmM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QTfTFUAP94ShE0JYnblXLyXZUrqekcXp1x8Gv-23ZOa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QtffvB9YOZ7mXaT1ZMCf4mVjJy1mLIN9kd4N7NDG0x5I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qte4dRTXRzHJHyzZrHqpFLreuDRTHjUt89f6xXEzntxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QT6_XrY2xfNQl3JD35NgmoR7IbU-hWv8F_zJkcrF1EAc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qt14OGmCwLK-e2LVL9N00hf9a7VCjacHcAvReJZ0M7co", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qt-PBrVqQorDYU2lXMbA81elBW7ncWmYeDaaCSxnj0zQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QSs95ynQML9ZUrzdoatMtfoOxam80K7NDaOsQ2U_Lpcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QSRTS2cyTsILLB8kMIu-6abKxBgf-VAtmfd5X9qBSxS0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QsQK4EyPWCuwKfoBwJss_Eby1Mcp9lr-o3BSS2EdVoN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QSjB0D7k7Q09aaKZq7gMLRRnUNCOBpfvMIIiP3sH1lfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QSIZLGnaTO5h94kpgRtWOUY6xpBfE1f03Ba3RAJ7nByo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QsfO8L_Tn1OCjESVxsJ_fLoIikSWg-naNrxsXtt3s8uA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qs4r7FxOQlx0ZlbkCLCGWxdBZ1eEqMLWigoE6hPN3KTc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QS_uQVS6jC8WZ8kPMiMilIeGYXS6VcAZ2shGcfQ4OqBw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QROaQiZtF5_F6p7SKL5njJRKiWtumT-UxgHgNaWGooG0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QrhyL36oByO1q4ilcTj2cuJuiVWnLg-wfMT5AC4RFzAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qrhntxe1RUxuSQjsYsZ3R-jBOqx_jTwFlGp77CbqskBg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QRGxRy2BNUOmwPOt6goVellE-_aba9w1Ho0fmrhG4RPo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QRGPh1CRUnff6aiA1t0K7FZ4zXW_4fyQhSRYHoBdYsFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QRBKa1cV5IypwqJGDGmnrpzw-bAwpoOz-RAtGDZADHBI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qr6Za_V-6ATKiXVbUSWDSlcTQW9Jni9Ms6Cjroul8AJk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qr2S5amjvS3EzqUXWc3qiVLR9EQ-TAx8ZIUgJvqX3dMI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QqNgeWTzu2PB9Ta9Zuzq-uDA-mJVO7PzUljKI8Dy0TG0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QQmfMFwubT4tXqVdmTHN3GNG-Ivhjb9VadmslpgnomGY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QQDpn3wYALT_pIsbTAyr1ztnpr6Yi-SXca-iS1UrsZnk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QQc-g38GrVMsPtUqGGfmGaxvxV_JbTaavSfkf-Miamyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QPYm1XolbN2pO7TEJzRnjmRlvhpKFRVxeaptsEp0G3KM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QPNFf-ii1a6X4AoERlnf62Ho9V9UK3FPbS3LtOVSfWlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QPH6Ng_xnwn2De_zBVKvW-i-5fEs32R31otdgg1C7kQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qp3CTy5xMhSji0qSU4-i9hOtkXR4cic1ce1obJjD4McI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QOVlTPp3nXZPMRMZ8F6xilIRn-Yy66pJm6KVl4T00mpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QOpXFlsHrBCdNock74X1aZeJVQnbUZM21fIUlFxCDz-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QOCHXUXsFZR5KwZ2SNW1IzehxTHZOmuz4SVJHS-dIg3w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qo5yZj1RHBq1x9BUMHm8a5Eb6oCGTMscQ4N25hOzSLvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qo4JH25T2Q17pe16bYT5_D2KAM7hMa-ZT4N8y2Pw_oqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QnXGQP6eJAsreBE3YB5oCVA0rLOktkVEA8sHw2L61uhM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QNRJjt46psvcLKwaLUZYmFIqELPrApn8l8_muNSnOVUs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QndYDpYQV32V0X117WEKuZen7an9xc7yBxabqiFUeZ1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QN2Wf0cAwRwrEWcVh4ixlUFmRnLyeE2-wvbQgMw_4nOk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QmZrxuE3RIqYB9ID5Ofy_RtuceNoX7ky96VVG6lWIQ-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QmzBQu90AwSFxoHHy7pHWbbF8PtgZbkdInXX_Wquc9DA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QmU4nrREsJDjftCK5hMbRv9boGGogwHny7izmzpihfGM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QMQ_mODcE58EhFkoLbZbnMLwpjfuQHk6wdUAVwd3ZQ90", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QmP45a1BsQI65rXsL4SeJRMCWgTqhHOJHgdeMwGhanFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QMl6JVLXCQMm9PhemSfDo8jqzf2Iqm5DdTxiyAMI9CgA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QMEaSEYbPXLjkUTCJSlJ_bG8Nk3h9R7RzeFVaaLlCZLM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QLzOv3E8Rwjqu3rdGv6cQHSZMsmhykaWPHcNJskPSxPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QLzaCovaWdh2SQOGWJJSiCfSjb_ogMHuuqIbs4UkDNNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QlyRUsgKRsI94tXthak6KyNH8u_4xp5ztotHX29Rj720", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QlxObY-BXekR1-LBGsV5-MPkNvi6Z5RZ6JSjYupVBmCA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QlWE0u1H6mDvjbvNyeFfrXY2S4Q-jB4r25SnSu6p1nWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QLIBNZrlIVCNBMAgmtEqiB7bhDDnfi1XHIE7RNX2KjEo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QKTqoyQOLyBCYeAc5joWKNaxFxan6nMHbJQ102qHl8YI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QKNSgtXl-FO7P0YlrA7chQ475JF1kEAeV_SECULwrQdo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QK1iqnqMcpqsJjJ0y9zZ9HHkGvJ2o0HGeBzCmx00-kjo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qk0I_LrfRiAfUFzEG1PXYrrkhupld5gOFHp9jxb-46qM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qk_CuwEd8BVECxfWRmfOnCKJE--XDMLtRMSSbwOaMGp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QJx6_LRpkbIR4sDS_gs_5tgkqnekY1kmJHXNWt4_mfRg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QJoA2Q4XZHr0qnFSk7KNrLZfhy0Oeb3gbVpQmgLE-JJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QjmV-9DFH5qWnZnd5XGlPdTtGHEnP0G8-v3cov4uK_VM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QjmhPnM1cnjeJag0rKooV0QxzyBFKsdwx5RMdAi-vLtY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qji6wfOcA-1MJhGB6gSAenZs0N9DUylg4KUZlFj3qjtM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QjFn0ei-NOthoRaZUDnrKungngroYfk2LCLuRv8lB_hY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QjdyiQ1upXsRdyCfpDgL6kdogd0cFDqFDFwhNBIy96ko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QjDRpEsZOU400RbaIPJnMlUFE2orgKz2Bmzu_YloAufY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QJd1KB2d4Bn2UaMQ0NBjuVvgDZnA2E2NQibSL-afmjs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QJaY0IioRlcqWw3rd4n9HnW_tKs9t-pg0uCUSR_Ma-Zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QiU0NkO5H4_gIB17Ui-PcSz2qrNMq_DNpb8TIy10acw8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QiabKH5sYmtdi7XLUKj8erc1eTjbrNX6a8ejkT4OPVr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QHzgyyeEC2A1gp8ieSIyQFd_T1j6sBdjjmqszFVVd4BU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QHWfZxioqsTGLUiWghUFyAW1bMcfU77skdrEjzGbPnP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QhrfNs1p7MSXLBhUwa-zY85XctQpBCZ23yczY1OQuooc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QhPyDRnpfgdrlkncb5PEK55U_taBZsF4KBRygq_NMuys", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QHmgN63l_O6jUZlEvkG8RefTS3vaJo8Wbjh34ofvJIEA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QHLPC0hBQZ__FcmfOFniX6MF60HUTOEl2d0NVVJT43ZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QHlO1BKrFX4Efj3CRckhf_uvtvf3eKg3ObneDRSygDVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QHIagMgghb7Ofuxqe8AsEDgp-4KwIe0JrTboWOYnhlb0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QH82VrC7nu-wUxjUsw5HM3na0-SkUbohR3jfL-gB0cA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QgXJ7V2flLfXKhOLtLWNK0FgFk3LqOjjt5pLMe03CrwA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QGwyEJQEIG6nlPQvugrWRZnbTQhTbmZhPmdf8iewajko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QGkCAQKbQl23UsXzHZfkTC-BVO23DRJNgEbUHERrHvks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QGjwP-fqhxvd8j1rgpPQCk2JevZ7Kwp-G9Ksbb3ufknM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QGbcAxyvPi0ztCgo9wZSqb4ZwzVhC70ONusS4_gAu-rY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qg9-4tt0c7s7brlnfhMZ_ExwGFhMwEWRpUSzjATqQNbI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QG4735rjwSTo8LZD5VMjgJbo3laRdWIRgRt2skd1PheY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qg2VLIGbGE_0DxcAC8xJ9xpESDyzX36AxPNTic5xf80o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QfW_243hZc8MYFxgSMGMNmUqnol_HLcGVqhj_yUra_ok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QFjP3SRiRto_IL8_liNxuIVp0EXA2GVLjNHSF7YBds4Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QfIeccf5O9m_TtUpGVeZnRIoY9k5hlL_MyGgkv2xVJ4U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QfdmURIsED_vsEHZHa_ul_d0Utn4jCZlfwF-W_xk4SJA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QFAkXs-ykwXXagP_oUCrjwxXeiGc7pz_6itsYMF5_jpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qf7wPJtnUCXDtTU3BPUzVdEmtkvgM4hEcAGbgL3sG2Vs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QF-pBOTkDzgOtFUm4Ae3YYq66YNg1caBY1Jh8N9tjIhQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QEUg1dbuJZ4IJzxtsviwTfmM1aEUxCg47-RGwobP_uIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QeS5IuC8Ig7AlORB7q0gG_VamxoNuCr77iF84H7i3fcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QEMwPP1XiJYdTOTyM2d_Ycg8cnPNGUwLDCh21B0NLSVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QEjB1Ld_7r4V54SiMfuuyvPqrYMztpGuM8pf5tdQxJec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QeA4MwwnrywNGptx5Ir_91zihBTF7f6YKlV-t10ejaEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QDw0FoHPl4pdDc3s3Gr5sNbEi9ljTNvb5d7OiJ6NHVkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QDUvtbZbhJKyD_taVIb6g9NLgNXZ5WPtYN01W_n2Et2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QDd-y_y2eoMTDE0xrcfPaCT74SbOArgvN-bmThnBk3-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QcNisyT3FeuyVx8HWHOsmS5kRMFv2p3rPbewwJaQ96gE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qcl8Qiwb1zIX5ezcsIVcWRkOtupfxa2-sMNlDkFLxVfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QChXPcu-liKOiqUjRsekT9txzPOQkzq13AOT2ydgdzj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QChilFkNpFn_DB-xNUAsNzNb6_aVAq4MN_l2St27frjE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QC4rcUL9fSPNtv9HFNG5BkS0GSxV-sSUPUQh9rDkvJMg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qc0DA0wk5wkSQh4QyWdlVnuJ-aiMl3bUN5wZ0XpSyd9k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QC_DqeYUMkHiwyT1NqhgViDz4wRJjE08brJAWo_4cRyM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QbxLF9b9fqF-t87UiRNXief_eCnNOJwm0KSgeCcsiWFA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qbswx-215RPDkGPKHfaY0k_3XYdCVkoSe6hzuAscyh5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QBrZjc5qcHug90qnTbFV9cqd8Gv0csct5ClH0ysFS3fA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QBQOTmOiTHf24rVgQGJulyun7hxSV66QCyvetdI4rN1g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QBLx2WJm9BEZTPBYU2ryfNPlkwnuaIyo3fNeZ03JXDx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QBDKv5WtI-yqRLWAPyiZZikraY21GizgrAmn22oKlWK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QbcRspKkWeEw4C96kmqie-U7jVA2QTmUBf8dC4iz6Rwk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QBAiOKxbAmlokcn1d3JtdX96BudQss-mWETJ7pgIjIlU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QB5N05nudOd0azbVziqwGmrzXXN14CAh6jpuFWTVLNvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QazQBPsRMzb7GL0_plZ2kHUmRpdCuN5KM_cjXrMZXQAA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QAZ5JvEc8pBs9jB0GybWISRK-0rz5gKYQIWR4JSK5tMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QaUHjomv_2Tek8YqoLnWs3xFY7RKvb-FSH15LVtsMubM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QATkGrbiUbHI7_C_NFHf0XI08paANZlCrany35sPQhPU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QAtA4nGyevJjfb_P3MsAMtWL74RqoeaJ8DEQKxtKWPtY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QA-2r_trq8J8_6WOqd_sl52LSPW2Z0RlhPqwEtAHUbV8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Qa_ykUYjj7SQMcT5653etaj4a-_--bXQYHQIHsbXrFlU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q9ncnctfW2VzFsullsWkFTS6OISoPKdOiJ-niGj3ikFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q9iY2aP5dTZgEem8LTCGfKfBnZIMWcSjhbtWEy9RjXQg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q9fB5HdbSsrzLdJHeszib1SGaBYns5fgXOPrk3JcFLdc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q9BQ0Ih6oT4y15LCZYpylZvx2DnDg6HNwk7gX5polaC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q8Y0A8C_-Te1S2Zfur3wx6EVZF8n4h178A2t7wXuGWNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q8tkm9HMZxxp2CH7-wrnYiL3RVm4WWOIJFnMHZH3V71w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q8RdqmXKfli4QsJCXDtah6O9f1xbiTzr9_KGFZieQ4ME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q8mGbR8625Rg3sOMQa7Z2_TSUGlDaRnw37OMhjeJ0DWk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q8f-5hvL4-MXJfeaIPgJ5NtWOPNAP96RWnfDOcR6lI58", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q73TF1K2YukVou2Ahq6375FAc__34lDvvKmIbAGcOQwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q6BFffPOrhiUiuFPSf-o7m-E5HVc1Dwzx1EQspM49cN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q5XW-UIUU5slybtU7jnTFFc2fz2mDXHZWAlNRlfy5YP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q4SYiX2FLFFkm5wMt1Ei9bTa__-Ul6tyVf7QxfE8h3ac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q4RYDK4VyaOPxGvlTQKQbnaQ5GKv4zi-gG1CU8rDkcwA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q4R-oUdgD_Qhlbj4loIsvd_SgD1zDq4IQgien3ib3HIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q4lCSRBkNuM82uGBDirdqoHWgZhQhF-R5LSyp_LDHORw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q4E9QYWJxYrHCTBFn5FDA6EGxZ8aKu6OrVCFiKlbCgcY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q4An4eQrvFohUg9p7UvKJSJ8wp_t9aOlBdjcvqrIDyvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q3oHsz_VvGfnXwNbYfCFRTUVw7NifCpfxbjpY9FRit8E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q3_QEXUZyi-f4pm9QtuP6HZCY2IlHazFyGQOi3nPSA-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q2jH8pQKriZMB6vQhhkZl5D-EJssp-XBmQ0qtBEuCIxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1yQuYkI37mW1MKqc61p30JWvPVnXObERlE3WcyY2YsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1Vl-HGebOrCPr7bSxxLXqvdMdU5K7GatyiLklfaeu-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1tPFce-HVgAoY0lMiJH78JjEreWZcb_ogVxceE1YRNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1iAqV-FTBKVpHUnB6Keml2ZFZBfezHUH4HpZWjfwzQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1hLsw4WrunF38DChCFxRxmbbRFxahM111x12sGIzQSg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q1Ghur5dnThjxz_flBwIxHJMA_qmbljvnxBAHpK3EUoc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q0pxtaoZdoiE-Vbw5jwZH4m7sAhpIBfKyxqPGnUABtA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q0pG54ro9Xy0nWPdxqui-HGm8zKcUY9Z9r5ypQSpXKVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q0hQE4YFJLLVxEV-XZCbsShoETDEtA2P2Hp8XyrQ15MU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q0ew8WP8bB0tTYAiWpgXnI-m4-HnxEoq-w8_FNBl6qrU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q-TOTCvS2ayK4gjJh95WgYrLynvUUzYUV72ZZGXCuRgQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q-8SMm9ijMWYOVIohEm3BCHKKSHl6wIghngKDhe-QEVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q-6XauxEZsdZIKRCx91w2oANlJLWyuMDiiz6m2lBHeVY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q_ep_WsG91aTCw0keeid2tF4kzRTv_2EgVpDyf18y6VI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "Q_7AaxoVs1Zhk7sHJPpGfSX7QFeU2bcCyQnto0Y0nGgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-311-x86_64-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp311-cp311-win-amd64-whl", + "id": "15904524871", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 28667950, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmkrOqNCMR5beYSCTDGnWJBdBlO6f2YOkciHkFtanmcQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q1xHhAUVZR9Oab4ix5UbDI8wDlUuVAPl6TaAGKgzBWmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cp311-win_amd64.pyd" + } + }, + { + "key": "Q25gQjtXXYKLPXyAU8bo2O02ePCA3HHl96MT-r6SiFZk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cp311-win_amd64.pyd" + } + }, + { + "key": "Q2cbcRIHsWa6_MnT8_0bC0PslO6k1fZ5g8ekWr0Rfc_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cp311-win_amd64.pyd" + } + }, + { + "key": "Q2wXqzSvKaVWhhzcrUQV27OD7csoYAWH3oMFcnJeHoBU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cp311-win_amd64.pyd" + } + }, + { + "key": "Q3DS978LUt8hywtGk5aAz0LpL1k60tiSuFJfCndQEw_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cp311-win_amd64.pyd" + } + }, + { + "key": "Q3g_URthISbelqwjNxbBZXBB8yRwVNki2z2bil4hw_3Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "Q3pxHWs1tyXdlIUTUtKZdk0BKvTOJAmKQ6wcyozsw4sc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cp311-win_amd64.pyd" + } + }, + { + "key": "Q3qM3uwdOILP5iAgb4BMtTNNlOBEgG6E1arbq13tMjvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cp311-win_amd64.pyd" + } + }, + { + "key": "Q4aPh4zHP3pLn3mBGSPYX9lhW0zOfY-vzG1CR_ml2Wnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cp311-win_amd64.pyd" + } + }, + { + "key": "Q4FZrS1_bMESltuKMSFn4fkUiXSY2SO18zo5ygCi-WX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "Q0xQkNpc8QFCL6F3wlHelHQGGxiI61yTzrI7ZHFdIbBc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cp311-win_amd64.pyd" + } + }, + { + "key": "Q0wXfjWbU2TaMvwMgzXuhGZaJy2Hbs1cnQnXkeejRC34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cp311-win_amd64.pyd" + } + }, + { + "key": "Q0nvj3rdyNwqeaFGSXyDhOlvLNdDOF76ff4RIf2Ox1yY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cp311-win_amd64.pyd" + } + }, + { + "key": "Q-RVmQXm2QFmlt_SShWo__LVUVpT6-KoBJlkJef4csDA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cp311-win_amd64.pyd" + } + }, + { + "key": "Q-nm1Et2Yq-r705NhlLV0Mm9l51J5IYqPGlX_2OCw0LA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cp311-win_amd64.pyd" + } + }, + { + "key": "Q-mOLmCey4aEuOjRGRqgKH76N7rM9uMlFQwNRz6bOgqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cp311-win_amd64.pyd" + } + }, + { + "key": "Q-mlcEDp5jdBfIj7kEEALWmgQxoEOPjR0PsFsnOuevUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cp311-win_amd64.pyd" + } + }, + { + "key": "Q-_MNqvAHyxXYskWEjbTKAIlc4xVCMCuYpGS1OOIhziM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cp311-win_amd64.pyd" + } + }, + { + "key": "Q_vBjfnP66o2tNSB4DU7wd5OIZOyZXyq2Rebm4Q2TnBg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cp311-win_amd64.pyd" + } + }, + { + "key": "Q_ezcRIGLJlIaElGInLq7KG7IZqjDxelKciwqMG93yJw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cp311-win_amd64.pyd" + } + }, + { + "key": "Q4p8yfppUGhAEd3CI7iDR5xgPPj3041nLTRFrbBXH7G4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cp311-win_amd64.pyd" + } + }, + { + "key": "Q59X4bc5-B0Rd5s4lluEdedrQAzrEQLbrCyC_qUfRA1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cp311-win_amd64.pyd" + } + }, + { + "key": "Q5RyRZIBgvy_nL0E9C3okQe_iVYPxIyRiqv9vO1jC9KM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cp311-win_amd64.pyd" + } + }, + { + "key": "Q5SWb1VqhSMW_YWfZ2F9SyMYYowzqWp709sa84ocg--s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cp311-win_amd64.pyd" + } + }, + { + "key": "Q5tYBmKENStcDYFS224N5tgDVvbFcuQRmvNSkaUgJQaM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cp311-win_amd64.pyd" + } + }, + { + "key": "Q5YcoEySWZyU_yNByOERYoYQIuuXoUdy2fBvjsqb5cho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cp311-win_amd64.pyd" + } + }, + { + "key": "Q63jglQvP5h_qMm3yLBWP4b0_0y_1niNN23XAs8RISmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cp311-win_amd64.pyd" + } + }, + { + "key": "Q6IQNXmnJxCLosGN1fIfda1wGwxTs2pUmapDsa3_Q6HY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "Q7uAqV-kHypazdO3mKdAVClQFjbKpNcDba3t1YHeaIyg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cp311-win_amd64.pyd" + } + }, + { + "key": "Q7Wb-vN_ja2zOD3ni9RgJDxQyHkCcR8FcB-9BC6PCf-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cp311-win_amd64.pyd" + } + }, + { + "key": "Q864znqrrHdi-yYU9aoj6ETuCBKkVTG0LjX_1DQQon2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cp311-win_amd64.pyd" + } + }, + { + "key": "Q8eaUoJMtzm8URdJFG9Cne2P8wZGay8wA-9W2IEw88as", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cp311-win_amd64.pyd" + } + }, + { + "key": "Q8fkMG8e23v0kF8P1lbzEsCBjeYMII8JSIbr4b1St6BQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cp311-win_amd64.pyd" + } + }, + { + "key": "Q8TpYMwZg50Os1NADSdlUV_cjbZ9tFCG3iXV4sgg28fs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cp311-win_amd64.pyd" + } + }, + { + "key": "Q8uxrGsQLR4u2WGID0GzOpeYxUfOmUl16LYFTOasyE8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cp311-win_amd64.pyd" + } + }, + { + "key": "Q8v0a3GckJcg_ljw0XE2Qe81T_AxR7inTGfxj-x_JNm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cp311-win_amd64.pyd" + } + }, + { + "key": "Q8XwbM9g8KLy4Brj30iI9L7jvCGs2myaov526Gh7EEok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cp311-win_amd64.pyd" + } + }, + { + "key": "Q9J7LMfqKXvXfOlSBh7ipg3F4ZC8mu73pT3jILRDK9EU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "Q9Q3wW8aYZ0D4CWaWf_iFN9RKA1SoxIC-tid_mHALvfY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cp311-win_amd64.pyd" + } + }, + { + "key": "QaFEjcIr55fILG7OIPT3Q28_C3OPzumkA6hgpvWEhhHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cp311-win_amd64.pyd" + } + }, + { + "key": "Qagswyg4aiLAq58NLYytdx8ASTDmX_mNag7qDVw_bhQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cp311-win_amd64.pyd" + } + }, + { + "key": "Qak42Syhjp7gNL5AyW_7RUvu-Ax70bjXQVTwiwyQ3YYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cp311-win_amd64.pyd" + } + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmkrOqNCMR5beYSCTDGnWJBdBlO6f2YOkciHkFtanmcQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QAp45fvzAajhY_dGsyCmiH_W4753rKgJ-JrGqHtF662Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cp311-win_amd64.pyd" + } + }, + { + "key": "QarQSrLRCZV_qK4FUKJ4WWrrQ8lfD49bgtLdEj_df1r0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cp311-win_amd64.pyd" + } + }, + { + "key": "QawNV6iKwN_QeXac_J9K08V8m8U8WvyEHwag5IwkvIm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cp311-win_amd64.pyd" + } + }, + { + "key": "QaxOFW9To8_P7qMGhTARWqRAj9pjCL21dli1p_m37wiM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cp311-win_amd64.pyd" + } + }, + { + "key": "Qb15FqePr6cTu2u7mdcC1OvP0E5WEOLaQwDu4DaQ4F88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cp311-win_amd64.pyd" + } + }, + { + "key": "QBeLTilFb0JdT4OnNXa50GuwmRIflDGmKiwcWL1zc61Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cp311-win_amd64.pyd" + } + }, + { + "key": "QBJB4jmle0eMv2m6pPYAnvt9FV59nUn9MMOo85PIiieU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cp311-win_amd64.pyd" + } + }, + { + "key": "QBNgdYp2HzZDtmGTmT3Kvauc2aFpOkGRCKAj6ef7tAic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cp311-win_amd64.pyd" + } + }, + { + "key": "QboSI11JhvDvaQ6cTshFzbNAAkm_CAiHxxOOxDedcW2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QbQ3P_L75ggqPJcPPQuO9vha1R78WdP3DApLT3NlV4a8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cp311-win_amd64.pyd" + } + }, + { + "key": "QbT2mdyhtCP58L1B53W6FpX8vy0-lmKoH42MteRa9LtQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cp311-win_amd64.pyd" + } + }, + { + "key": "QbwTLCQ-hZOpu8DaDoLjIWRPhLB-tKPqc-KfSAExh928", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cp311-win_amd64.pyd" + } + }, + { + "key": "QbXxoT0_Io_SbjLp5WZC880a-RxnofnkGxXlGOtdrSL8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QbY0hdpc8eokdqafroQ--FDTUaikWU1a4J6sLtgoevzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cp311-win_amd64.pyd" + } + }, + { + "key": "QcdAiT_u8phzkr3O5UfiweHrhQPPtI1v8huJ3bgHXhrg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cp311-win_amd64.pyd" + } + }, + { + "key": "QcH0qOlNWYwXxQPcWnalnWPW_EYQ0LP7sHxiZFySBGhc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cp311-win_amd64.pyd" + } + }, + { + "key": "QcxIvENcej5B-PFK2hANbNn--Ma2s0VRe5R4O5oU3eIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cp311-win_amd64.pyd" + } + }, + { + "key": "QD5LG6hhtw34JkHJ4DAX8a0CeV3UVUScnr-Z_qWS9rGU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cp311-win_amd64.pyd" + } + }, + { + "key": "QdDtmWpeG2OfhHLVduNOM_SjuS_8UBSrDI-r3FwMZq3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cp311-win_amd64.pyd" + } + }, + { + "key": "QDIutgpZeeAfHQNSiTL91Zx1yQhj5C9BIj3DIIvajj_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cp311-win_amd64.pyd" + } + }, + { + "key": "QDJn4jUjhx7c_a3mis8iTG0hBkLQcgNYqTkfL4cQLi0g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cp311-win_amd64.pyd" + } + }, + { + "key": "QDMlcfE5U3Fdb880PIaQ9kWIvZICOG0y2oZhiXmMqvk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cp311-win_amd64.pyd" + } + }, + { + "key": "QDmt3Nsv0O8xQHvh_m6crq-H5C_3HE38QUBxp9a4rUQs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QDppuu05sGyvqqnwlhZ1f7pU55HDoT7npyiX4p9hJ6yE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QdsfN2l4he0CDac6voXKTjZ5eEHtnRTVYFfvILmWRvZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cp311-win_amd64.pyd" + } + }, + { + "key": "Qe2aZAU-Og4KUbXf2yd68jXtUAScmtVKEfoSHyDGHehs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cp311-win_amd64.pyd" + } + }, + { + "key": "QeNyu8DVr57oemK48P2Z7UFQlP3TmbnDFD4XWRrED9yo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cp311-win_amd64.pyd" + } + }, + { + "key": "QeUWs34NHrl38-WIM536xN5P08emhWiXBlGK4T9bUJxE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cp311-win_amd64.pyd" + } + }, + { + "key": "Qf4uK8IZUwbwJVbH682DZkhFQb9-KYhDbdfP3KW4YSX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cp311-win_amd64.pyd" + } + }, + { + "key": "QF67WXeGX4_3JYFTl-yPLOEQTkZRYFHFbnX4qAJWLRns", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cp311-win_amd64.pyd" + } + }, + { + "key": "QFd-rqP8acmbj_v6h8R0fMeU-icbMdG9IPM7aLy_FJfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cp311-win_amd64.pyd" + } + }, + { + "key": "QFGSaTwWHCuMmcf0B67qtyRko0layUBnINjP4scuGsfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cp311-win_amd64.pyd" + } + }, + { + "key": "QFna_lN-_gVlHhAvdaCbmP8Qp8eGjyvjKpWz6O9h_aeI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cp311-win_amd64.pyd" + } + }, + { + "key": "QFWceN3OsIb9xC6ia-yQeEL3Qrl48YDpveDdLZ8RfSPM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cp311-win_amd64.pyd" + } + }, + { + "key": "QG7XpcbnN2bH8eWt2SnBvx9A5mYips8k9iA9yc37jQBc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QGagXtzWjHAbA5wpUeq7Cj7-gjB7aZRPtbtdh3PahUFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cp311-win_amd64.pyd" + } + }, + { + "key": "QGL_rCcm7RM3EhKMw3ZO5NhkR9t9zksBTZx6ospNzRWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cp311-win_amd64.pyd" + } + }, + { + "key": "Qgo-Vbdw95GApI0eNA2CoM5vgQG6UHISNIR1fvz1-OWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QGVS5SxlQcOLJprU7qwqUz_dwjS9AEgV_MBu2dW61bcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cp311-win_amd64.pyd" + } + }, + { + "key": "Qh0UcJGsN6O0Cdcq_oAcSotmN1kVNMmifpxlbIGn7iy4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cp311-win_amd64.pyd" + } + }, + { + "key": "Qh37pOv98GROsdSqfPYX8vBABEifg5J5UrMFDGTRwx7o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cp311-win_amd64.pyd" + } + }, + { + "key": "QH9CksBzX3K8CQOqN8y0R1ZQ7PmcBhf2diXOrSaQ8_Yc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cp311-win_amd64.pyd" + } + }, + { + "key": "QHbTUFQTFhHC94d_uVLdUtQZq-avfE1gX--8uTSorOk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cp311-win_amd64.pyd" + } + }, + { + "key": "QheOODSVfQZIDtiIgCNh1I0LVhSC4NCfRzBUBb30n03E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cp311-win_amd64.pyd" + } + }, + { + "key": "QI5GYCWAHEUYF4uWb5aTOFkvGH7XA3unLFPh6RjC2ZW4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cp311-win_amd64.pyd" + } + }, + { + "key": "QIC9DHgmlzQAWbIYKo-eIcTSK75KLdZTzg43FB17-y2A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cp311-win_amd64.pyd" + } + }, + { + "key": "QID8uqBXqB0FT6d478TNuBL2eM-1cCK1q9t4pj8qJmGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cp311-win_amd64.pyd" + } + }, + { + "key": "QIemtzTHh4vygTumBQJgxgzbLYMZG4srieVGtcXXJ6Ic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cp311-win_amd64.pyd" + } + }, + { + "key": "QIeYrPI8QfQ6tgu-h1F4fSht3mQrvSEk-Yl-LOl473JA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cp311-win_amd64.pyd" + } + }, + { + "key": "QiFqaqCJlb0ikflt0u8PqazoPAFcqTRAt47dWY392Ifc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cp311-win_amd64.pyd" + } + }, + { + "key": "QIJGu4jIYAcflxIr06dBw98BKuyIHSzL9L9a_22sXX7s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cp311-win_amd64.pyd" + } + }, + { + "key": "QilnN_TwQX4DjVShZNFUojYlgTxcYWCXWN8y_XNwa9fo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QiMpEjnyggg3jaD3K-CL5psmG87r_mSuTc4MdQeYahz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cp311-win_amd64.pyd" + } + }, + { + "key": "QixlbcuSwn1hwW6o2XGu-JQT90JjBhuLX-ycE88nDEFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cp311-win_amd64.pyd" + } + }, + { + "key": "QIywvY72jeMIPJ-GY02uruRLu4MTm3IBK3_3bsRLJfX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cp311-win_amd64.pyd" + } + }, + { + "key": "QiZUZBVIyiuKSmd3ajk9NMiAhCx19qVeLu_5Z4BVvgVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cp311-win_amd64.pyd" + } + }, + { + "key": "Qj1je2qKHiWIl-NznCwfMmKWQeHtPLL0sWCCSC_QQWZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cp311-win_amd64.pyd" + } + }, + { + "key": "QJ8T57edofiVQ0s9LPLWB_Sbq2bpWVsOpAVKZEdyrceM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cp311-win_amd64.pyd" + } + }, + { + "key": "QjE2zW91oMnrGWP9gIxMfyho5SVtxyK80wYcmmaiFxSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cp311-win_amd64.pyd" + } + }, + { + "key": "QjILHeM7AJzBBo9Xt93GkcVUq-DC4Pku_TvCCkbzbiRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cp311-win_amd64.pyd" + } + }, + { + "key": "QjNJycP4JjUlSb345J9imeMIkoRjH4UxUYN6SGZa0HA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cp311-win_amd64.pyd" + } + }, + { + "key": "QjnZARnQ2kMyK3joJ8W1bCril-SiaVVn7imdKE8tMZTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cp311-win_amd64.pyd" + } + }, + { + "key": "QjpQ_aHRJ6fBWETh5_9j76D6rwvx8sbJ50mNGDoV_fSY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cp311-win_amd64.pyd" + } + }, + { + "key": "QjQf2vTEIyonxd3Zj16Bz2he0M6aBg7gVSvTbJVXmkC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cp311-win_amd64.pyd" + } + }, + { + "key": "QjYCJL1uRCMgIWIJ2CwVIW3_ZoiZ9hK4eXSC98GsXRq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cp311-win_amd64.pyd" + } + }, + { + "key": "QK0kvaJ2f_AkW2m2qIJ_HrYSVzmvyTFvehpu0IUEJKOY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cp311-win_amd64.pyd" + } + }, + { + "key": "Qk1u-dUVRYL_8c9B27DLqiSbQmfZYMSTRYx0K3jwzljw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cp311-win_amd64.pyd" + } + }, + { + "key": "Qk5kAYZUUlO3ioPlG9XOwPwXqA0C0VZEsqqTm1MvMQGw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QkLoBkZPQo-4fUIbsjnrSiYQGDOX89ekGOXM1kZIxRQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cp311-win_amd64.pyd" + } + }, + { + "key": "QKolqsVSyiNl7T7xFzqnvH812YUZQ6z7wyEnPVNFUD14", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cp311-win_amd64.pyd" + } + }, + { + "key": "QkSoTd2mbxCc-bLVwm8yGByAJ-fKbznZ4q4V8g_HtBic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cp311-win_amd64.pyd" + } + }, + { + "key": "QkTc_UQIVURg2KcEBbXxGXrkAg0ZP-gF7GCH0mPng-1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cp311-win_amd64.pyd" + } + }, + { + "key": "Qkvg454a45rG64t26WGuuUsor6qdIiHTKC0dllfnklIw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cp311-win_amd64.pyd" + } + }, + { + "key": "QkyvpKNTxkRWjPQnrr0tpfNNI2rcHfoQwulKP9xB3Tro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cp311-win_amd64.pyd" + } + }, + { + "key": "Ql1FplxO57etNIaJJ4tWEIWEAveh-Ze2JY7z0rIPkTVY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cp311-win_amd64.pyd" + } + }, + { + "key": "Ql4qLbYAiAZLbcxXlVD3A0P0sY2BJo1n5g95UHxvPHqg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cp311-win_amd64.pyd" + } + }, + { + "key": "QLe3I7bYeznyjsFau1jK-qM-5WpJAf3T6IDhICDGpO-I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cp311-win_amd64.pyd" + } + }, + { + "key": "QlfyyNvw_kmBjEIIgq2TyFJ9sQKh9gCaym2Ff_nB2ZEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cp311-win_amd64.pyd" + } + }, + { + "key": "Qlms_6i0pEbMl4RyYr_bfJ4131_bRywDVik9DTNSbcwQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cp311-win_amd64.pyd" + } + }, + { + "key": "QlO6TJ5dWbS04ZvN_y0gtZ1aERLpHv0XwAZLHtQnBKFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "Q1t8FBkYOp_Vd42WMkbASw0uHLnAgVYDhZBETnDoyD9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cp311-win_amd64.pyd" + } + }, + { + "key": "QLTmVsvdGp5Cw-fEhfGUiR-kH4cGSswaHVnzBpWHkUHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QluqLAHBUqHHqwjzGj3SUcsts1DpC0vFew9chqHZfHBM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cp311-win_amd64.pyd" + } + }, + { + "key": "QM79iChaXNJINnFEkxAnkzVMRGcj-iGcck5cupXX-yM0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cp311-win_amd64.pyd" + } + }, + { + "key": "QmCTMlJ1ZGWMzRg3rZ9_4eY1_95WxVT5NmdwOOfxvn_4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cp311-win_amd64.pyd" + } + }, + { + "key": "QMIq9X8dz61i1yBtkAep6K6EhG3iktJBETMmvhqzpBwY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cp311-win_amd64.pyd" + } + }, + { + "key": "Qmtr7KB-Ki15DZpSp7rl1vGmFP04eacwpTiQLe3Xh_qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cp311-win_amd64.pyd" + } + }, + { + "key": "QMX0T5WYRt0IipqPYnEDIsRWijSFxrNVNY0EeocABzFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "Qmy56J2PYnPP65I0_ulTbu3AFicqTQmE3-4f7Rn5Q64g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QN9DE2egZY0sTnNoWudkZTTWtc5QHIcOrMHVRDpoBa0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cp311-win_amd64.pyd" + } + }, + { + "key": "QnbNumuqEGwzdqVNSsklBh4IoUfbG5mh_dGUBpRo2dRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cp311-win_amd64.pyd" + } + }, + { + "key": "QNhlKzMiSDVBnZhicXBXmpk9s8OURbtT5nzVwLMiEC7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cp311-win_amd64.pyd" + } + }, + { + "key": "QNHtPo9z6sD2IWpFXOSKqqHC7AoQul5JCPidEx1z7qAs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cp311-win_amd64.pyd" + } + }, + { + "key": "QNNU37iwgWmJcXUaCO0NKs-BxZH-KYF_ex7YHCuRjfq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cp311-win_amd64.pyd" + } + }, + { + "key": "QnUUyHvcMe2lNn2ZBFsTUfAGv0Ybq_sdc_3tA0ej6ZPg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cp311-win_amd64.pyd" + } + }, + { + "key": "QO1TCU7hjVD7zfwTAgVAYigbaNpyRgG7tftNExA5CFAA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cp311-win_amd64.pyd" + } + }, + { + "key": "QO9SVAyOD71fMbqjN5A7cyM_6gfu5U1sePJw643taH3A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cp311-win_amd64.pyd" + } + }, + { + "key": "QOckhzvB2jc8at_thDqogHppmzXNHzHiACI2WUDSbNZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cp311-win_amd64.pyd" + } + }, + { + "key": "QogaNKsykfZMckbyJ5pbsX110NGy99H7gz1gAg2c7hyU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cp311-win_amd64.pyd" + } + }, + { + "key": "QOR9RlCHZCRHqcpVB2gjnwTwlRtfTiHCaaZ8N4gHTAPo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QovcpnNnqjGt7zWpNlWbNrd_IgEPZ2RHavbN21jpUrT8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cp311-win_amd64.pyd" + } + }, + { + "key": "QP4WQX6xZ08kFrmINcmlN7NPXmxKVULVXYPiuVfF7zXk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cp311-win_amd64.pyd" + } + }, + { + "key": "QPhcLPohhvD8yvkZVCpZPI5vZ1fLWx6pKhcLYIGa4O9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cp311-win_amd64.pyd" + } + }, + { + "key": "QpPMaoZCHmW2aFuTZvkwGI6omqygfYEGRStXWgoqINCo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cp311-win_amd64.pyd" + } + }, + { + "key": "QPwtZ4bl-RI2u1U5aKDWqRvMWiubLmfbfM2fPzKeSNws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cp311-win_amd64.pyd" + } + }, + { + "key": "Qq4Hit4ZNteXlg61w64qkjtnMg7x1JJlvMEsd726l3Qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cp311-win_amd64.pyd" + } + }, + { + "key": "Qq6qcTW-BafTbFOO8T_Z7VAW4y3C-8qiXVLN1CBnh4kc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cp311-win_amd64.pyd" + } + }, + { + "key": "Qq7u1tcfthJp0svfWTfI1vYT392feCPhbke6ES80V8y8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cp311-win_amd64.pyd" + } + }, + { + "key": "QqnTfd0ximJrRuACScYQjuoI21NNq78bJwDz4qSjLFzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cp311-win_amd64.pyd" + } + }, + { + "key": "QqODpbZI9cRyRhFYflthuAiASkLuTBrpG8Ub5z5h4yP4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cp311-win_amd64.pyd" + } + }, + { + "key": "QQpwy7w4OUOdtWRD244_itBFWJCdikQzPdym7yVjgZHs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cp311-win_amd64.pyd" + } + }, + { + "key": "QQyXtMdzauad2UAogjDXEF6v9HxrDMCoeNxMLEPOUi-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cp311-win_amd64.pyd" + } + }, + { + "key": "QR7f8KuQYmFUa_bBZBzjFahy03xA0mJtIs8IlUSU7onc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cp311-win_amd64.pyd" + } + }, + { + "key": "QRcOnWnK3YhiSWWOhJOE5N-wPUdf1bDEKIuEU6ZlNTCQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QrL_ADAsX8qTZwlXV0QGWJOr8w4_xrf9X_3wnxvUQW2U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cp311-win_amd64.pyd" + } + }, + { + "key": "QrN5F2t5TGsLNYHhSsbyyAKi2UqPWuMKuTQB2f38INzs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cp311-win_amd64.pyd" + } + }, + { + "key": "QrvFSrl7us81kVSFH1yB3Lj0cCfGBvS_loHhBhi66IVw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cp311-win_amd64.pyd" + } + }, + { + "key": "QRvN99FnkZPPiczopHNmnTL-uJyAq_c5XM1xMU-aQ5Dw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cp311-win_amd64.pyd" + } + }, + { + "key": "QRvwy25-t13L9lQOmDj56ybEoIBJH8j8LB2WZM40GogU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cp311-win_amd64.pyd" + } + }, + { + "key": "QSLdIvhYw0QKHctjXCMNBs_UC1tN6czl_LouCZ2tSz6I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cp311-win_amd64.pyd" + } + }, + { + "key": "QSZ00RBvtSGL2RUwu1yTN7GJ34T3HrdKGNeb0_aeKUY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cp311-win_amd64.pyd" + } + }, + { + "key": "QtcI2Nvs7buthto1I-R72v3LiJ1Ks6GwWSxOrxiu4GG8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cp311-win_amd64.pyd" + } + }, + { + "key": "QTfNrA1_6F99tWqorlK6yftGfOxb3zbBuLD0uwJxipus", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cp311-win_amd64.pyd" + } + }, + { + "key": "QTHjc0ijkOdxM__1yyqSQ0fBfJ0nBoFYTfwpPFmuV6CY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cp311-win_amd64.pyd" + } + }, + { + "key": "Qtkr9Y2LMGnOCxboOT2wYn55NNM8pqwM28hPr9J9phi4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cp311-win_amd64.pyd" + } + }, + { + "key": "QtThDxYbfCCKkB8vMQ4VlINuaIGi0FfN_YMM961ZCbC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cp311-win_amd64.pyd" + } + }, + { + "key": "QtVU_Wr7B0Qx1W0yURsrEoZKZUmdvBnfTVwv7kvdKgW8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QtWdfTVn9U1AQWCJrgJiGL7Ghm_P-6OB2_OMfCSBXu5w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cp311-win_amd64.pyd" + } + }, + { + "key": "QU0RpY2BJopccWauR12x9OuzfXbxYQn4p9svSPgSDPv4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cp311-win_amd64.pyd" + } + }, + { + "key": "QU352GoTH4REw9RweIVmD-WCSX3USJ52VHbQgWSW6kgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cp311-win_amd64.pyd" + } + }, + { + "key": "QUb6ph6TrRYx6ywsVwIkJ3EODsJBymbiCqfvhGyWykyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cp311-win_amd64.pyd" + } + }, + { + "key": "QULgenEZvodsj6P5NjbO9z-FYYBGy0cLjCG7nAbg7SN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cp311-win_amd64.pyd" + } + }, + { + "key": "QUm4e3DAZZd5r9eXEGse8LKPCZ0V--4SWp1Vyor-PLFE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cp311-win_amd64.pyd" + } + }, + { + "key": "Qus3JpeHu2t4c48ULnpBrYv_nAzClH7iLIfUkFrhHZ8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cp311-win_amd64.pyd" + } + }, + { + "key": "QUYoM-zyZ_B4Cr8avAclFHrRNhIN1htUl6gMXWxJd33E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cp311-win_amd64.pyd" + } + }, + { + "key": "Qv_TOT5MNuxL8JM501LMp0m9cZBp1hUNra_ecCodoj8o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cp311-win_amd64.pyd" + } + }, + { + "key": "QV2cGn68yD1Zz5K97dOOYBNAQ_c38EX_IJUIr7i_UjZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cp311-win_amd64.pyd" + } + }, + { + "key": "Qvcql9nt17EKVjjE0SgSgi3-bBJsMvCGJJITJ9cfdQgY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cp311-win_amd64.pyd" + } + }, + { + "key": "QvfX3JepYmIGpuwVELVqsOChKY92YPonTe-ZtyH__Tsw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cp311-win_amd64.pyd" + } + }, + { + "key": "QvGS4Fdi0P-tPy-JYN2XHBzjcYl5z7Rkmw_6qeMrRo18", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QVLU5_9LPEXR8dAZRFxAlJysiL5y1yOW71WBBDFmdFrE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QVpX5Ep9gdYe3AmzeHJfFnhVVxIq4R2T9NtBSrtJ0lSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cp311-win_amd64.pyd" + } + }, + { + "key": "QVRPQKb9DC8LvZATHnV5SKc1yyh9YvxGDAsokvpES9tw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cp311-win_amd64.pyd" + } + }, + { + "key": "QWa3a3sHfidqpgiQCdNUsF_NzV2oVQwEUZ5T_sa7IYKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cp311-win_amd64.pyd" + } + }, + { + "key": "QWFxJjjyojyFCJoUlBH4FIpBI3qOXyXwmX4sTesvAf8k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cp311-win_amd64.pyd" + } + }, + { + "key": "Qwj803VdGosj2hKiwaAgEOdJNZ2HPdEKqdWdDdalOlz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cp311-win_amd64.pyd" + } + }, + { + "key": "QwPnPpoObdgpcIPmux8Mg4ZlYP03I7Kk5SVzsjPjz_ok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cp311-win_amd64.pyd" + } + }, + { + "key": "QWPXySMPsatvwQeiHnLHGnlqap9OlPZeCIuocmFEXoEw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QwyEXSgZvISBPJIZYbUPT2ChX_GTUUztAJvyaXlJDI1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cp311-win_amd64.pyd" + } + }, + { + "key": "QwZS5raYdXcp81agQYLg1G8W2hXVI9W0It7ctAZ2PjJE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cp311-win_amd64.pyd" + } + }, + { + "key": "QXhX3riAQGJNvV7Ppi9GYfs52mAsRoRpNj562t_6dmwU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cp311-win_amd64.pyd" + } + }, + { + "key": "QxOzq4deU-fTSyAABYVfCf-iGvpHHFRilZ5rNXvMVPdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cp311-win_amd64.pyd" + } + }, + { + "key": "QxuBbCV3S_U_5lbEpcYMdI2ojEbthQGFtoWx_imXT3Qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cp311-win_amd64.pyd" + } + }, + { + "key": "QY68g15XQ2IG80xwVqMMzOKlke8VnaYo7WOk7CGfqhKc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QYhkY1SjyxZfGO0Oo_JGgmQ8yQ9oSDAsReQEQCeth72s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cp311-win_amd64.pyd" + } + }, + { + "key": "QYKrqTED5eVEDCM2ecpncXlD0po-GDyFMx6GXioxDSkI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cp311-win_amd64.pyd" + } + }, + { + "key": "Qykrsj8ygfoxq_SXo7sZ-U_leMozhQFipzTfgUfo_1iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QyUqlAryGPE575Uxho_J8Pw2p4kGFCCYgrTmniSetMyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cp311-win_amd64.pyd" + } + }, + { + "key": "QyZ_QdDdlh6mvFvJoWGZT4ZC73P_YsTdoIGGPiplrMMc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cp311-win_amd64.pyd" + } + }, + { + "key": "QZ33RICGHmsPPIIy4yGYw4I0lxlR1LlzmULkN875jZ_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cp311-win_amd64.pyd" + } + }, + { + "key": "Qza1_N9mPmsW6Ocqc3g7C0UWEbGHJZ0tCRZ1aSsRt918", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cp311-win_amd64.pyd" + } + }, + { + "key": "QZe-Dzj18PKCY0KtehrSQbZCEL3I6lnsbEnmeD_9EWec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cp311-win_amd64.pyd" + } + }, + { + "key": "QZleXVnQuYetLacn4Xja6N52mds5KLEy-jbtCpKbTN-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cp311-win_amd64.pyd" + } + }, + { + "key": "QznDOY4KdRCbSolvo9MrQwb0fqQrvYjlO5wQQQ3B52js", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cp311-win_amd64.pyd" + } + }, + { + "key": "QZnvaeRKW_16CpDT7BiGDufwL1TmBkyZWl_5qoa5oz-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cp311-win_amd64.pyd" + } + }, + { + "key": "QzyA3QQQKpYrJ4L8o1cZucXkctLrboPBstU2beBqLmOE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cp311-win_amd64.pyd" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmkrOqNCMR5beYSCTDGnWJBdBlO6f2YOkciHkFtanmcQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QTGEo1QfbRjsYvS3LJHb-DAqkC86DYgYMemrM_XZN5c8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QmkrOqNCMR5beYSCTDGnWJBdBlO6f2YOkciHkFtanmcQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QTGEo1QfbRjsYvS3LJHb-DAqkC86DYgYMemrM_XZN5c8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QmkrOqNCMR5beYSCTDGnWJBdBlO6f2YOkciHkFtanmcQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfinegrained.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QSe8sEukPSaTzfTRalKlbozbnYjIOEVj4ZHeAFOZGq90", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QmkrOqNCMR5beYSCTDGnWJBdBlO6f2YOkciHkFtanmcQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QTGEo1QfbRjsYvS3LJHb-DAqkC86DYgYMemrM_XZN5c8", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMjw4X_ufdYD2eC0IKNliSDf71zSJiZRzNSoutXe6CHY", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QwYNQlkh3WgkGpzay1SlEJKhshr4wOHL3s7T27tWPAcE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp312-cp312-macosx-10-13-x86-64-whl", + "id": "15904524872", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 37062245, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q-vYhvf79NfH3lmO8fMIQGPgAGho1tmqRrWa1vEWD6PE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-312-darwin.so" + } + }, + { + "key": "Q032AwGaHX-vuntYp3yk4_qBbugQbFHjeNL_0fjm4iOE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q04X0IRkZGtUqSiu9FAB2AJoWvD-i-TsRaWxPLnKWoo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q05D5-HlreU2gFiz1cOUgQ7qzFh6f5YzP3yN7PKcDgyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-312-darwin.so" + } + }, + { + "key": "Q0ePqV7YFeHp-IMavYEaOrHHGBc71N1-yO1f477gvmzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q0Kc9fmRiBp7c1YheMgqhCgvxlCmU_-wEjpzo1Vs8oek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-312-darwin.so" + } + }, + { + "key": "Q0n0eVWTIrkQd3dPkpWh8pWyl76b8_5s3p6S8lMK3Wa4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-312-darwin.so" + } + }, + { + "key": "Q0V2UHaStdi2SRppAdVOdRCLag79YL1tqj294mKFxZNk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-312-darwin.so" + } + }, + { + "key": "Q1-He_Jx3QKG0jEBvKqz9ZABicsADiX1w-Lt1MHw5Gls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-312-darwin.so" + } + }, + { + "key": "Q1msM90i227t6I9nW0iM2fk9-fuh9RuQUVyJ-UxumsGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-312-darwin.so" + } + }, + { + "key": "Q2YS_cqw7XmQgIAKK9E4gEnEljG2iqRxgmjZVO2mbquI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-312-darwin.so" + } + }, + { + "key": "Q3efeG8drwSojD23EFXK12C4BNIW05709NQvho-ZeGgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-312-darwin.so" + } + }, + { + "key": "Q3KyORUTe4yGidokW7lu0_UKbNOQJH2Kh-q0SKyfqRJI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-312-darwin.so" + } + }, + { + "key": "Q43OpyU3OteGe5rHJlyXQRzSD_k9WNZAWE7TSnQfNj5I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-312-darwin.so" + } + }, + { + "key": "Q4C8lj-voBedl8yO_Xnhok9apPuiXzz99AiQwEA5nFVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-312-darwin.so" + } + }, + { + "key": "Q4eyLw6D-dOlJB-q3G8hUrWVK_ncz2UacyONpj6Z2EMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-312-darwin.so" + } + }, + { + "key": "Q4FphWpERl5PJ5tfwcQCfbfyeOHAUvxG7e1uJ0x6Xhrs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-312-darwin.so" + } + }, + { + "key": "Q4MZIkhAeS3KCMCOCeXsWmr8k6k0twQxmhgcp_W5_E6Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-312-darwin.so" + } + }, + { + "key": "Q53RVE4zlit0hxuRbe7LCJKH9gaEX7RsPvBCOfqzs1TI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-312-darwin.so" + } + }, + { + "key": "Q5cLoc9hGfcEkUufKoEZi9yCdoUhr26sHHxtn_zn4X3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q5DhAfPTFqk8xmF-JSaXsvaMxbzlqOPgCP34UNMdPsNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-312-darwin.so" + } + }, + { + "key": "Q5fLIfMRUc9MgGwPZuvEEtHsWRLXwdnAlWcRjp9jC5Ug", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q5sxqzI5RtQ4ACgMVX0-Wdh1lHAc-obxsEdIC3IaPB2k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-312-darwin.so" + } + }, + { + "key": "Q6BSKKbCCQjBxF1ns0JCfWxofTktS-PswW4Lvi1r_Q7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-312-darwin.so" + } + }, + { + "key": "Q6FyWeIl8KDJ1WAxC_K-D5nyF1n13LhkSQ_kE6o5UcmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-312-darwin.so" + } + }, + { + "key": "Q6lIp7LcbRInZCTJbbQ-fh0i7Mc86Hg-o5NeB_isa9rw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-312-darwin.so" + } + }, + { + "key": "Q71AQ2TOgUHdT3Zm7-3apBJL0Zq6xsmMd1QIoLCrWMzE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-312-darwin.so" + } + }, + { + "key": "Q7AeWPEBSz8O-RPt0-8uxsERBrhLm0mRt9uLQ2ktB6mI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-312-darwin.so" + } + }, + { + "key": "Q7eWb8yGEDXNBTKg7_jliWNhLIQLa2Wwihfuo7c1ObxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-312-darwin.so" + } + }, + { + "key": "Q7qICB9dKRtGMn2mMrI4T3CYHfWdQzUgCKCSrae19w-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-312-darwin.so" + } + }, + { + "key": "Q7viZaIUNfFstSwpkfGjUseQypEZXExkKdcM9YoSYD0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-312-darwin.so" + } + }, + { + "key": "Q8efJFzGT-Q3FjJkGgsyxOw6F27pPe8-GMbQFzdqvaFU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-312-darwin.so" + } + }, + { + "key": "Q8iFa8loNYH02cJHCr1QSMPBEfE6BRsuRrL80QMgpOQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-312-darwin.so" + } + }, + { + "key": "Q8kYrEevdDNETjCbMNPk4LZT9FNUViyA6J_hCJs0gyGo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-312-darwin.so" + } + }, + { + "key": "Q8LGz2Z5KmcO8FY5RJTfUjTgkIzHumpQm2OxWIVbmiF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-312-darwin.so" + } + }, + { + "key": "Q8sXaqYzZq1Bn-uuwblgsSVtvWfEWaMRG2LGVSBkYL1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-312-darwin.so" + } + }, + { + "key": "Q8wNasxGgyxsEkyBFYv582eX1NOTR1j3uMFoTnaIoyWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-312-darwin.so" + } + }, + { + "key": "Q95hs25UKhi3LQuxTYVVJ-kC-FbXHtrd8qW_oqB4tH8Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-312-darwin.so" + } + }, + { + "key": "Q9phu570UNny6iTkMpbMfQ7BJ3ghrBo4wj4R8I1pQRFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-312-darwin.so" + } + }, + { + "key": "QA0kvblrpRH7xlu3HVpssQzd1gmXwDET6Qw85NL02THs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-312-darwin.so" + } + }, + { + "key": "QAeHlVzeTGr0eObyWyVtnbhLykn7bRBeHXmKMiUY0F6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-312-darwin.so" + } + }, + { + "key": "QAFVY8kMn3aCDoKWerv3kztwt9q8iyxhRM71J4rKESsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-312-darwin.so" + } + }, + { + "key": "Qapa7w149HeL717BWigH6ozwjsegXAR4Q5OPyl2iBzZo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-312-darwin.so" + } + }, + { + "key": "QAvokcgou4vOYA9aTMclRE_LPvzLvNg2nJuK6xC9hKcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-312-darwin.so" + } + }, + { + "key": "Qb3H9fV5AoEn8HnITkFUIbg0PmAioxsFZCa3-irevZ1o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-312-darwin.so" + } + }, + { + "key": "Qb55N9Gxy4ybFDy_keCoHYgK4S3Q4VnchBlMSbioiGFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-312-darwin.so" + } + }, + { + "key": "QbITLt_5UO0x8egz3MLQSbDGOAQ2UQYq4PIfaGQRLNA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-312-darwin.so" + } + }, + { + "key": "QbusPC3z6Q-Pog2ANAYMiHxV7MctkIpfawO8ZNtbGIg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-312-darwin.so" + } + }, + { + "key": "QBut10GbX_BCuoaMYSTYKqJNKcoZHqkGGP62JHuPFCTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-312-darwin.so" + } + }, + { + "key": "QC5e2EyZ0MyoWFf7WCeMKVEsCmhtgAXkwW2Fjxsk7HTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-312-darwin.so" + } + }, + { + "key": "QcdNRl_iHGhrFeQEtd3UBw81VabCbpdsKUG7FG7UnOnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-312-darwin.so" + } + }, + { + "key": "Qceqq_9LfG3hlnXfNzVJABQVdJjEU4QFw8IMoDVK4mzA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-312-darwin.so" + } + }, + { + "key": "QCGJFOUCOTE_cgQG4gr6pbP6chd-Az88jrozwFw0Y2rM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-312-darwin.so" + } + }, + { + "key": "QcgXBp6seEUg5JYGhiQtXjWOA1ugCs-9qbwzaOIgqsVs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-312-darwin.so" + } + }, + { + "key": "Qcvt15CpI9bdDCqxeD0cimjBAmkWmKmk9stkO02mvbPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-312-darwin.so" + } + }, + { + "key": "QD0gCfSdYU8hP-mufm-klpiZchtH1GkATvvpzUMZQbtE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-312-darwin.so" + } + }, + { + "key": "Qd3YoRb1S0jfOA2a0EkOmfO_6EtZlhmL7xuxXzo6TYAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-312-darwin.so" + } + }, + { + "key": "QDCCP32yYL64O1IQzgVSFLRvnzaaI7CxGXxxidDdxvE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-312-darwin.so" + } + }, + { + "key": "QDlQ_9_NSJfYOavhJ6Xgm_5TTCJn9L7c67wmL0sT2470", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-312-darwin.so" + } + }, + { + "key": "QDuwBFS9lOWBcegL0_haixTdQpxga8O2nvVYOL0Qb08Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QEDWgpIdl7-RJ4wQ3LBhb5j-Gbdqemqdcqj4oHKy7XrU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-312-darwin.so" + } + }, + { + "key": "QeM2R_sHl8zqGFW_6AOc_1JT5ukru3MVtp8CUar6Mo2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-312-darwin.so" + } + }, + { + "key": "QEnCyACkwS72C1dXHmlL_F1Z-h10_6NI1-_gyJKBuL10", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-312-darwin.so" + } + }, + { + "key": "QEQsqbYMX9_-T_RnyCcF8cCBwUr9frhD9C1EPS3Tp9bI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-312-darwin.so" + } + }, + { + "key": "Qer1r_59Qf9UA6i9rB8_8pfsuKUhBJbsXSRYA3mB2zA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-312-darwin.so" + } + }, + { + "key": "QeWqAcWj3SUnEfIhqzdoKu67bTx6Ix8IvsCgKa8pt2KA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-312-darwin.so" + } + }, + { + "key": "QF_R2AiZvOX6EZMN_4_uZCghvRLABW20WG8684rHGDZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-312-darwin.so" + } + }, + { + "key": "QfK-mLJN4QpFaknLxFzPEg8kjk9UlKk9KJK5iX2lxe1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-312-darwin.so" + } + }, + { + "key": "Qg211CS1eEiVTmAVo96AVk_238xwxlfVcy4xA2OiyO4Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-312-darwin.so" + } + }, + { + "key": "QGd6HvM5k57tU5UD08hJJGwfBUPQmiHz5J73HU-rKzsc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-312-darwin.so" + } + }, + { + "key": "QGJzr1b_ZR0iND7doffh3969vKDM90nNJSu9tUdj2g6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-312-darwin.so" + } + }, + { + "key": "QGtzUs_ZCYfdzpjsATobABfIdqb3X7zsix9PvoCbFeT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-312-darwin.so" + } + }, + { + "key": "QGWX8XWjkYRW-zTmCGlHUlAlXGSv6dph_HKLZirV2mcI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-312-darwin.so" + } + }, + { + "key": "Qh_eBO7c6GJYU3mvOr-qobqEc9n2EBCzCwmmLNNHeHA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-312-darwin.so" + } + }, + { + "key": "QhCRyH1pExc1gIp18ntWUAoWERiB5hSLz4MuUFw_WMls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-312-darwin.so" + } + }, + { + "key": "QhGJo1GAeKQ61pNWLKt7eRKCYfcE6MebGApoZ3NBP1g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-312-darwin.so" + } + }, + { + "key": "QHglwdFui-Mk54-T68bOOWwqSpEG9SsJRFNKEJ6EPbvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-312-darwin.so" + } + }, + { + "key": "QHgr_bi8QUBZNKIWkwArN6tv5cG0AloGLTtowh8xW4r4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-312-darwin.so" + } + }, + { + "key": "QhhAWYxH-Rvkvnb-kWcQ6dwHdlPQMCdJOlDdAxMhcTaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-312-darwin.so" + } + }, + { + "key": "QhS65fN2LtQQuCGf9Q_qzwWqR_LyKO6xDsvuT9_rC3Z8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-312-darwin.so" + } + }, + { + "key": "QHvung4fNgtyOI9siTGEgttmH-gckmgY0LsCtYvwq9tA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-312-darwin.so" + } + }, + { + "key": "QHWZgTW5ajBZIQJD1eKXJ2yzE-5Mn56e_XxrnUSaz17c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-312-darwin.so" + } + }, + { + "key": "QHYcOdviZgwAq5Dz4YtqNuZiEvh2ZY29f4RuS1Ke6EO0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-312-darwin.so" + } + }, + { + "key": "Qi-cP2HmgusErqEBax16nmT1wKju9gl5YUriE93CvPxQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-312-darwin.so" + } + }, + { + "key": "Qi1lfFAPWd6zKtCF0Yx5v1LTgZOT9R47DJ-mZqJ7R1IM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-312-darwin.so" + } + }, + { + "key": "QicDzF8xohqh3_XPJhE9vbEn961hzEpw_3bjFYskqRTQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QIMP-5ZGph5Jn1VP_MF97twOupRRAZS2AQcCMOFEQGEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-312-darwin.so" + } + }, + { + "key": "QivPmOr-Sv3ti2E3cGap930DcSunNKjWwvEySKTPfzwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-312-darwin.so" + } + }, + { + "key": "QiZYEj-DriX5gbjzQ_nCcE7tDJ_VXy9CeroQxNafqL1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-312-darwin.so" + } + }, + { + "key": "QJ8luyh_zW-4DrWtCLGKGjohe82P69L6yuhXCLSc4F7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-312-darwin.so" + } + }, + { + "key": "QjaVDGggpW7tc95_LBjrPSrr-6iHsVer6NEaBG_T32FM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-312-darwin.so" + } + }, + { + "key": "QjBjPhwN-4zQFycLyfM9CTC4e4f9XctSYKZQ4YPkq2eE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QJE8viTDq14bpn0kcrJjWNxHTYzSpovOMvqWMYK2mYCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-312-darwin.so" + } + }, + { + "key": "QJNAI0fbRqMbcNyAjuXRnbolu5QIEY06qm73fYYl0ri0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-312-darwin.so" + } + }, + { + "key": "QjRPtdgSVCUpriKUEGUyLevMrCJwnf0QJ3Tdz1xCr3-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-312-darwin.so" + } + }, + { + "key": "QKaDCC2hQa_BS46t4mR7qs2wNiH1NwQlaG-kz5uhWzfU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-312-darwin.so" + } + }, + { + "key": "QkeiG-tWrgFNzJfzYLfKjNnB1jpezhPJ0iAo7oJpFlRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-312-darwin.so" + } + }, + { + "key": "QkiJuINqWMAXTMDQr7KEFcflVwc0WCNYZow8dKTXWfzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QKjeY3Z_dxUyBcKPOqppacTfP8Z-i-xzgcH-2vGeUbWA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-312-darwin.so" + } + }, + { + "key": "Qkl-MuTVOvMX6L1HBcCgVEHimGxZ19eX5SkooZ2f_1WA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-312-darwin.so" + } + }, + { + "key": "QkvNAVmH3FkhiT2jbke48uzC8EaEeeviyhNIKHl-ECNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-312-darwin.so" + } + }, + { + "key": "QKwpAAS1TOU4Jv0x0QhdVRRamUYEaIMdG85j9F6Z34xM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-312-darwin.so" + } + }, + { + "key": "Ql12hiRwpqhtyYXKxSfcC5HgGcV5ktnU39EHPQDytFQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-312-darwin.so" + } + }, + { + "key": "QlEbZvUN1wG1Z59IUCbfCevPK6zupLzKmyPAuZFLTl9w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QLOpSqPzU1eITo4gtB972hqNPy6DMFr4UEIoIqqJ2hgc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-312-darwin.so" + } + }, + { + "key": "Qlp0fCE653giSrP4CtEJ7FfpHPIGHuwinhEVtm-N9-lc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-312-darwin.so" + } + }, + { + "key": "QlRGa9gtwBogYDZCc-wU3ugJ2vouqD-2UZ-GQSTEwOKI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-312-darwin.so" + } + }, + { + "key": "QLRW0rOkZmF6uEyhJu78N7L_Fti_d94hB-TrH83xBRXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-312-darwin.so" + } + }, + { + "key": "QlUTR_wbMtVzEge5hfL6OwdfTqOI-1UviuLAswKHUovU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-312-darwin.so" + } + }, + { + "key": "QLZOLG2YS1ko6DqgUZFdlYJvxkwSx6ESj-Tk2nTYvnsA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-312-darwin.so" + } + }, + { + "key": "QM2ilBNGUPOnhKZ1OIz0fedsnxH4Ck9OvyfGEHka_dTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-312-darwin.so" + } + }, + { + "key": "QM2wRyJ0_YpsEZT6ZrTgZ61Dm5Z63Y6ZF00NzcKzjjLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-312-darwin.so" + } + }, + { + "key": "QmaZLIM9l7VnzPMF-Z1xOA4YnZIqETKQDyhOBPS0UmqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-312-darwin.so" + } + }, + { + "key": "QMNA02HZ6lUuZjpE3b1EKu6_sdRnYc2oYMiV9l2Nzc0M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QmofMBu_hySk6xL97EdydzAM3p8aTiNxjlSl1UD5sKM4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-312-darwin.so" + } + }, + { + "key": "QmpHb9K2kGLHm6NSjxmdqqse5D3M6KXVe3d-kMu8BRxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-312-darwin.so" + } + }, + { + "key": "QMPsu3BtIw1Uk2JiaocW-xLm7Ndikh7rZkhksvqpKKqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-312-darwin.so" + } + }, + { + "key": "Qn2vDVndEvqfNTjB696Tf_JvyaveWavHkQzU0HatJUa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-312-darwin.so" + } + }, + { + "key": "QNHNyLp6bm6ZKJP_idcdJGYoRa_ddEwgUdmn-Y6jq9e4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-312-darwin.so" + } + }, + { + "key": "QNUM_iqWSmrV-ftc3Gpi5BZ2nzvFzjzWDIRiV6BhC6vw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-312-darwin.so" + } + }, + { + "key": "QNwaU-P-xRYpGnS1q9f131tBrNkhkjGmXYBt6gPyqcH8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-312-darwin.so" + } + }, + { + "key": "Qo0R9qMj1BCBRrPEZE82driXluWHTemYF2KAAnsFxYqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-312-darwin.so" + } + }, + { + "key": "QO2sAlL1BPFScGqnisv4ONw5zr0ZZzvpd4RqXocbSHkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-312-darwin.so" + } + }, + { + "key": "QODWCXVmK0viloKKl3-LGYh2sQXR0wBeC2zIAiQjq11Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-312-darwin.so" + } + }, + { + "key": "Qoiq947yDL-YxvuYM5ZbLvA_9lkGhE5-A0Tz_S6VL5_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-312-darwin.so" + } + }, + { + "key": "Qon9g4PcDssD36YeSsKCn_IFnVKgETpk01klPZttkOI8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-312-darwin.so" + } + }, + { + "key": "QOoOf6peSTGAIDxyzb38HF9XZir4JaDkSOR01kep2eW8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-312-darwin.so" + } + }, + { + "key": "QOyQ6wy1rDyiSJqwkWGdSieyvDk2aFZvJw6wgxU8ddqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-312-darwin.so" + } + }, + { + "key": "Qp1FWpMo46OlVFBDG7vD5guyWpXJgmqJSgtN9YhnSotM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-312-darwin.so" + } + }, + { + "key": "Qp6zaQMAH4WmWoYYFXc6GonLDh4EFKXbRK2Ci0O2DcK8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-312-darwin.so" + } + }, + { + "key": "QPBtpKXGe1QYlk5ofEpFsQMw3FuCUcIJlS9LB23hNtyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-312-darwin.so" + } + }, + { + "key": "QPFFWapd3vUrkpApxesSIdYaR_HXaSSGYReLfbNl_UcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-312-darwin.so" + } + }, + { + "key": "QPjngUOC6ITLIe047kfoWNfFPQfHdTvPqoQ4iwJOWf9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-312-darwin.so" + } + }, + { + "key": "Qpmir6rrDdXqQM3bqqw67z840UXwAKnufRRE9f1uOho0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-312-darwin.so" + } + }, + { + "key": "QPq_HNyRBiqR9xoTGZQcVTBONrpJH31aUXYzLRui93K8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-312-darwin.so" + } + }, + { + "key": "QpQvTkIJbgWFff0CNuEN_mpXt6bCVObC9sVvcZVJO0e0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-312-darwin.so" + } + }, + { + "key": "QpxkUwvu-azLcuLlVyUAfWP8IYQM1QM4Q9XpveMaLw7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-312-darwin.so" + } + }, + { + "key": "Qq-S4p6O-iwrgg4H9uDLZEMLnU8yJI85l07sJu6PP47g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-312-darwin.so" + } + }, + { + "key": "QQBXxvbVJkqmLCJBoN_4QopJFiXrtZHCtcXJVs5ticr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-312-darwin.so" + } + }, + { + "key": "QqEw2d-N2Ele96ubQjdAxKJLdovq7FMxql3929zLUE-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-312-darwin.so" + } + }, + { + "key": "Qqgo0JY0MFJvt2z85H-fcxvPnuMYWZustQUMb8Od-_LQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-312-darwin.so" + } + }, + { + "key": "QqijznUAISfxusoYgRXIoX_OH9pUdUlkh6Vu-XYZliIw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-312-darwin.so" + } + }, + { + "key": "QQKUTagFxdgPWLpjEM7vWDleqPXpG6bOmBGvxBgpz3iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-312-darwin.so" + } + }, + { + "key": "QqQfDZKPJ9NMlRLuDMGNl17Ia8VNvz-1KO3RfLc7uMuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-312-darwin.so" + } + }, + { + "key": "QQQnTsmbQ0GC0bhmhZc3ppMH_tYKta4-IbnvFYUYPLuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-312-darwin.so" + } + }, + { + "key": "QQTm2AWlvkUVGbBNwNe_MFGRTi5nw3bR-kuOh9-NsQmo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-312-darwin.so" + } + }, + { + "key": "QQV3iWFB2eNPPKBUqebsCfhBNbzBITH_1ZhN0mdtVk8E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-312-darwin.so" + } + }, + { + "key": "QqwHXr3Y9v6nyHgZIY_9tmhEE0hhp8MXT7hL5goBiW_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-312-darwin.so" + } + }, + { + "key": "Qrd1Qkm2wq_1gBSwN8ByS_AwoBTk9PUjiTHCNdjYh2FY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-312-darwin.so" + } + }, + { + "key": "QRGSHyKjVuKTJVkE1xoe84qIiBlnLH7MYj3pbXb21sxo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-312-darwin.so" + } + }, + { + "key": "QrlOvTFi0ZFVq2o_J6BwCysJVU9G31-_y_wmbtqwOchQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-312-darwin.so" + } + }, + { + "key": "QRRhSmNNgVzm0ODjcDJUODsP9oVFNDoYSTpfgHGwkXFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-312-darwin.so" + } + }, + { + "key": "Qs66f1q67be7Qa10krOQLrGaBMt0QhQpVikNmpu81zu0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-312-darwin.so" + } + }, + { + "key": "QScfdAZsnl5juNJxJ7oFfXwGjwPyziYhM-haDIghvUtI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-312-darwin.so" + } + }, + { + "key": "QsF5nI43pjym142C0pYQXWNUTDKH0bsUp3hytztNVy9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-312-darwin.so" + } + }, + { + "key": "QSmGmD858FLPyRySgjhci8fnFKTWmDrmwG1AETHE64BQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-312-darwin.so" + } + }, + { + "key": "QsRJTXZq12k6o5iv8glo0v7ciAPdfjcxgjoJc6jyEZkA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-312-darwin.so" + } + }, + { + "key": "QsspaH2c9fYVGvkGoxROWPgqZ8rZTFh1BuE15nWmtp18", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-312-darwin.so" + } + }, + { + "key": "QSsUOBqLihKrbyRyUNIwAb0b_rEVw6UkGOuiER13SLLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QsTpRw4z7g2l-L_RicssJdxdmwTfJVwjNsNcy3hVaHn8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-312-darwin.so" + } + }, + { + "key": "QSX5uzVqfFXd8Nj6NX9dNGRugxuwBLPF5viomFQPalBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QsYsZPQoHuX-8YyB96ix5TM4WZ3Fwpasj6PGTFoa4YzQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-312-darwin.so" + } + }, + { + "key": "QT_mLRw3uW1IB1cmmjggJw0pp9sHyLrsdwAJtR0CwsNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-312-darwin.so" + } + }, + { + "key": "Qt9QJiBUhmu1jED_cuKLiXGA822ZI7jLdncc8mcWxAEY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-312-darwin.so" + } + }, + { + "key": "Qtb13OJbis_fDS5mnrqSi-dIFLcYQLDcbOQmnRdJ-tUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QtmZEo8LzH3v9U72gdiNrN1XixNwNYrs5jvwEKTseaWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-312-darwin.so" + } + }, + { + "key": "QtOojg15bgonBfEtLhNGd2yx14EEVaefr3_5bVlDz5Wo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-312-darwin.so" + } + }, + { + "key": "QTsfD-S_knVeUGBQFa5xsgPXYsww6ggyOtzTEOFAJZtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-312-darwin.so" + } + }, + { + "key": "QtWUXl73bFxKTxEGWDN_pjJh3oEFAKPVfY-YWtq2gLq0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-312-darwin.so" + } + }, + { + "key": "QTxj8uq1p7mrDl469nVIJhB0cD6XkZ10gvIK_OJ8-B9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-312-darwin.so" + } + }, + { + "key": "QU0aERXsY87hKYm47IOD8Ay0PoprUMODdK1MMQ8meOVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-312-darwin.so" + } + }, + { + "key": "QuDJPlWWc5DV0Z0eP9asSMqRbSI6UvO7w9IrNX-SfVR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-312-darwin.so" + } + }, + { + "key": "QUI-hxZj9h8OuyPqBjT7Q6hLfL30KTBVKXkjhmgmeNKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QUK7VyBFcvJdBnb4OqokyU0ea33KL7gGDKjobHum1ly4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-312-darwin.so" + } + }, + { + "key": "QuRzkl-BuGdgGTotqA6xEgc6L7qN_LB8-1VQOmYkj-qo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-312-darwin.so" + } + }, + { + "key": "QuSvuTYmL6metX6gbSJkHRoPb9f7TRv6b5qvhUq9VK6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-312-darwin.so" + } + }, + { + "key": "QVcj6LqJ6kyeNfmxoc1WsDTJqTIxzKHjaXFb9OeZyxQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-312-darwin.so" + } + }, + { + "key": "QvTwXhjv4pX28u5gkaT158EUDv5WUXhqZUwU7cpyBP6o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-312-darwin.so" + } + }, + { + "key": "QvVenemBTw6kt2Q0ZYdfgfOPYykVf7XWDJZJoLrt_j84", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-312-darwin.so" + } + }, + { + "key": "QwEq7jUsGBoyDY6PeusuHZ5JsrYWHYcj4o3HCtWYaJSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-312-darwin.so" + } + }, + { + "key": "QWPhkTuV17S5EvhJXY8H2YxMpzT4fAZzKRsqlBZhRhVo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-312-darwin.so" + } + }, + { + "key": "QwszUKBbJUhlXbOybf95DglSmcus46y2VaziuHM4PDF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-312-darwin.so" + } + }, + { + "key": "Qwu50-EgqXSLsK-pFl8mBVTnt6V0Q2aC6Q7RzKFvuvk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-312-darwin.so" + } + }, + { + "key": "QWwzsd7hPOpZScjuULMIJ4rAhkrBO1YOl_5iTvHlvU-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-312-darwin.so" + } + }, + { + "key": "Qx0e87eF58qTeWS_wy-AJitJMosZWZ8vyfnH65VKtIsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-312-darwin.so" + } + }, + { + "key": "QX2L8KqjOlkMF0lZZeQUdYlHbvKuoJlPqu8vAhuAiDik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-312-darwin.so" + } + }, + { + "key": "QxDthau4iJsg5M1lAo7cvoLfdqAtbY4IYqAtvwx6DvJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-312-darwin.so" + } + }, + { + "key": "QXfFOPycsB9q3bRc4Ewkdtq26SWirehXPjRNvLJn7cIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-312-darwin.so" + } + }, + { + "key": "QxHkutnyfDs7c1h_F2snkvt7TqhUTyG_6VYISe-WL1h8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QxRllQa1o0Vc9AJyEqxM-Qt8YWXDX9ccL1hee4sKIGlI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-312-darwin.so" + } + }, + { + "key": "QXvy0R-J5PFpZiuaBNNuljenEC9IRTOtvp9K0ftH-nN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-312-darwin.so" + } + }, + { + "key": "QxZYjPu3F-d0IHQQkKQCjyVSCLqYGP9WY1je2SfWWTcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-312-darwin.so" + } + }, + { + "key": "QY4sbHcDfk71E89TsCswejDaEz5IkyRC2dWAP8mPNF_Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-312-darwin.so" + } + }, + { + "key": "QY4snzsYG9f3y4PNgr2n5YDeU-R-QIwlgzQNYu8GM-sA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-312-darwin.so" + } + }, + { + "key": "QyDbxaBOKTHopqVvXaoQAySPqaNr_tz8Vf2OahWyZhq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-312-darwin.so" + } + }, + { + "key": "QYFuk0sP9vOIW74LHB9Kfe8MiuVH_zlVwgkW97rRi-XQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-312-darwin.so" + } + }, + { + "key": "Qyshb7tGDDGuodqCIUuUQx1rWXL-V5cWOUg80A7XHT_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-312-darwin.so" + } + }, + { + "key": "QYWOSSRumtcsVxQQ6EqnA1g6qnSXlyiRpNEGk6WFmzH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-312-darwin.so" + } + }, + { + "key": "QzblgsZqz8A8KCzSTraNZKmx6X8xBmTVPezHFfn5kxUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-312-darwin.so" + } + }, + { + "key": "Qzcr9_6jynYxtXcujDYuUVA7hWhsLO2jA1YHZ_8yEORI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-312-darwin.so" + } + }, + { + "key": "QZHyl8ssIK6LK0DeZXdKC1RIFsBYfI9ADdWdium_W0Ms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-312-darwin.so" + } + }, + { + "key": "QZLwg85PaK2xPCYtzZAhIbN3hnFSyuIpohzTQMrVAUS0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-312-darwin.so" + } + }, + { + "key": "QZr9ISRFMHaEK9CjA25quqc_rcXLZub5j1HDgZu4sFv8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-312-darwin.so" + } + }, + { + "key": "QzS2C22G3jaFNM9J3_r6euTlbKRLvWIcCpBzWs2i3hfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-312-darwin.so" + } + }, + { + "key": "QzUOKEwPPI7GjeIuQVYhCPib1-AKvdiZyWj7araP9Tyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-312-darwin.so" + } + }, + { + "key": "QzxFVFY46_3oReFyGx-hqnZmk4Vi6t8-KyVx8ZX7zTgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-312-darwin.so" + } + }, + { + "key": "QZYbdw4aH3DBL1v7vtr2AJvIpVNQrPOcr7zdcQAb5lMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-312-darwin.so" + } + }, + { + "key": "QzZBEJsVY6krUoUEXoMJZovQgriSOcCzkf-huSUYc3E8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-312-darwin.so" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QHWj0Jv2akxGBCFU3aMVL1yoFH4tcTbbheXdypbGCdbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qz26TDpi7pbJ3rQ9gLgfWar_JCdPGt4JdVyhwTIP7Zzc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QHWj0Jv2akxGBCFU3aMVL1yoFH4tcTbbheXdypbGCdbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qz26TDpi7pbJ3rQ9gLgfWar_JCdPGt4JdVyhwTIP7Zzc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QHWj0Jv2akxGBCFU3aMVL1yoFH4tcTbbheXdypbGCdbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QHWj0Jv2akxGBCFU3aMVL1yoFH4tcTbbheXdypbGCdbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qz26TDpi7pbJ3rQ9gLgfWar_JCdPGt4JdVyhwTIP7Zzc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QHWj0Jv2akxGBCFU3aMVL1yoFH4tcTbbheXdypbGCdbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QoZKlNkJU6AFKQMPem3UDZPvKPts1pXN2ejI9wtUUYI4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QHWj0Jv2akxGBCFU3aMVL1yoFH4tcTbbheXdypbGCdbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnSVyXc480BP2ICCvJDDa6O2wl8_LzM-7BBPG--ZUIb0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5akFuhNueQPho3CBHbLDBZ6JOSAHIxw3JKQveapPuSQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp312-cp312-macosx-11-0-arm64-whl", + "id": "15904524873", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 46039714, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QQKUTagFxdgPWLpjEM7vWDleqPXpG6bOmBGvxBgpz3iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-312-darwin.so" + } + }, + { + "key": "Qceqq_9LfG3hlnXfNzVJABQVdJjEU4QFw8IMoDVK4mzA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-312-darwin.so" + } + }, + { + "key": "QcdNRl_iHGhrFeQEtd3UBw81VabCbpdsKUG7FG7UnOnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-312-darwin.so" + } + }, + { + "key": "QC5e2EyZ0MyoWFf7WCeMKVEsCmhtgAXkwW2Fjxsk7HTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-312-darwin.so" + } + }, + { + "key": "QBut10GbX_BCuoaMYSTYKqJNKcoZHqkGGP62JHuPFCTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-312-darwin.so" + } + }, + { + "key": "QbusPC3z6Q-Pog2ANAYMiHxV7MctkIpfawO8ZNtbGIg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-312-darwin.so" + } + }, + { + "key": "QbITLt_5UO0x8egz3MLQSbDGOAQ2UQYq4PIfaGQRLNA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-312-darwin.so" + } + }, + { + "key": "Qb55N9Gxy4ybFDy_keCoHYgK4S3Q4VnchBlMSbioiGFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-312-darwin.so" + } + }, + { + "key": "Qb3H9fV5AoEn8HnITkFUIbg0PmAioxsFZCa3-irevZ1o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-312-darwin.so" + } + }, + { + "key": "QAvokcgou4vOYA9aTMclRE_LPvzLvNg2nJuK6xC9hKcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-312-darwin.so" + } + }, + { + "key": "Qapa7w149HeL717BWigH6ozwjsegXAR4Q5OPyl2iBzZo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-312-darwin.so" + } + }, + { + "key": "QAFVY8kMn3aCDoKWerv3kztwt9q8iyxhRM71J4rKESsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-312-darwin.so" + } + }, + { + "key": "QAeHlVzeTGr0eObyWyVtnbhLykn7bRBeHXmKMiUY0F6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-312-darwin.so" + } + }, + { + "key": "QA0kvblrpRH7xlu3HVpssQzd1gmXwDET6Qw85NL02THs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-312-darwin.so" + } + }, + { + "key": "Q9phu570UNny6iTkMpbMfQ7BJ3ghrBo4wj4R8I1pQRFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-312-darwin.so" + } + }, + { + "key": "Q95hs25UKhi3LQuxTYVVJ-kC-FbXHtrd8qW_oqB4tH8Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-312-darwin.so" + } + }, + { + "key": "Q8wNasxGgyxsEkyBFYv582eX1NOTR1j3uMFoTnaIoyWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-312-darwin.so" + } + }, + { + "key": "Q8sXaqYzZq1Bn-uuwblgsSVtvWfEWaMRG2LGVSBkYL1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-312-darwin.so" + } + }, + { + "key": "Q8LGz2Z5KmcO8FY5RJTfUjTgkIzHumpQm2OxWIVbmiF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-312-darwin.so" + } + }, + { + "key": "Q8kYrEevdDNETjCbMNPk4LZT9FNUViyA6J_hCJs0gyGo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-312-darwin.so" + } + }, + { + "key": "Q8iFa8loNYH02cJHCr1QSMPBEfE6BRsuRrL80QMgpOQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-312-darwin.so" + } + }, + { + "key": "Q8efJFzGT-Q3FjJkGgsyxOw6F27pPe8-GMbQFzdqvaFU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-312-darwin.so" + } + }, + { + "key": "Q7viZaIUNfFstSwpkfGjUseQypEZXExkKdcM9YoSYD0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-312-darwin.so" + } + }, + { + "key": "Q7qICB9dKRtGMn2mMrI4T3CYHfWdQzUgCKCSrae19w-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-312-darwin.so" + } + }, + { + "key": "Q7eWb8yGEDXNBTKg7_jliWNhLIQLa2Wwihfuo7c1ObxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-312-darwin.so" + } + }, + { + "key": "Q7AeWPEBSz8O-RPt0-8uxsERBrhLm0mRt9uLQ2ktB6mI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-312-darwin.so" + } + }, + { + "key": "Q71AQ2TOgUHdT3Zm7-3apBJL0Zq6xsmMd1QIoLCrWMzE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-312-darwin.so" + } + }, + { + "key": "Q6lIp7LcbRInZCTJbbQ-fh0i7Mc86Hg-o5NeB_isa9rw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-312-darwin.so" + } + }, + { + "key": "Q6FyWeIl8KDJ1WAxC_K-D5nyF1n13LhkSQ_kE6o5UcmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-312-darwin.so" + } + }, + { + "key": "Q6BSKKbCCQjBxF1ns0JCfWxofTktS-PswW4Lvi1r_Q7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-312-darwin.so" + } + }, + { + "key": "Q5sxqzI5RtQ4ACgMVX0-Wdh1lHAc-obxsEdIC3IaPB2k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-312-darwin.so" + } + }, + { + "key": "Q5fLIfMRUc9MgGwPZuvEEtHsWRLXwdnAlWcRjp9jC5Ug", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q5DhAfPTFqk8xmF-JSaXsvaMxbzlqOPgCP34UNMdPsNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-312-darwin.so" + } + }, + { + "key": "Q5cLoc9hGfcEkUufKoEZi9yCdoUhr26sHHxtn_zn4X3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q53RVE4zlit0hxuRbe7LCJKH9gaEX7RsPvBCOfqzs1TI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-312-darwin.so" + } + }, + { + "key": "Q4MZIkhAeS3KCMCOCeXsWmr8k6k0twQxmhgcp_W5_E6Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-312-darwin.so" + } + }, + { + "key": "Q4FphWpERl5PJ5tfwcQCfbfyeOHAUvxG7e1uJ0x6Xhrs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-312-darwin.so" + } + }, + { + "key": "Q4eyLw6D-dOlJB-q3G8hUrWVK_ncz2UacyONpj6Z2EMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-312-darwin.so" + } + }, + { + "key": "Q4C8lj-voBedl8yO_Xnhok9apPuiXzz99AiQwEA5nFVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-312-darwin.so" + } + }, + { + "key": "Q43OpyU3OteGe5rHJlyXQRzSD_k9WNZAWE7TSnQfNj5I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-312-darwin.so" + } + }, + { + "key": "Q3KyORUTe4yGidokW7lu0_UKbNOQJH2Kh-q0SKyfqRJI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-312-darwin.so" + } + }, + { + "key": "Q3efeG8drwSojD23EFXK12C4BNIW05709NQvho-ZeGgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-312-darwin.so" + } + }, + { + "key": "Q2YS_cqw7XmQgIAKK9E4gEnEljG2iqRxgmjZVO2mbquI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-312-darwin.so" + } + }, + { + "key": "Q1msM90i227t6I9nW0iM2fk9-fuh9RuQUVyJ-UxumsGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-312-darwin.so" + } + }, + { + "key": "Q1-He_Jx3QKG0jEBvKqz9ZABicsADiX1w-Lt1MHw5Gls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-312-darwin.so" + } + }, + { + "key": "Q0V2UHaStdi2SRppAdVOdRCLag79YL1tqj294mKFxZNk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-312-darwin.so" + } + }, + { + "key": "Q0n0eVWTIrkQd3dPkpWh8pWyl76b8_5s3p6S8lMK3Wa4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-312-darwin.so" + } + }, + { + "key": "Q0Kc9fmRiBp7c1YheMgqhCgvxlCmU_-wEjpzo1Vs8oek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-312-darwin.so" + } + }, + { + "key": "Q0ePqV7YFeHp-IMavYEaOrHHGBc71N1-yO1f477gvmzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q05D5-HlreU2gFiz1cOUgQ7qzFh6f5YzP3yN7PKcDgyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-312-darwin.so" + } + }, + { + "key": "Q04X0IRkZGtUqSiu9FAB2AJoWvD-i-TsRaWxPLnKWoo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q032AwGaHX-vuntYp3yk4_qBbugQbFHjeNL_0fjm4iOE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-312-darwin.so" + } + }, + { + "key": "Q-vYhvf79NfH3lmO8fMIQGPgAGho1tmqRrWa1vEWD6PE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-312-darwin.so" + } + }, + { + "key": "QCGJFOUCOTE_cgQG4gr6pbP6chd-Az88jrozwFw0Y2rM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-312-darwin.so" + } + }, + { + "key": "QcgXBp6seEUg5JYGhiQtXjWOA1ugCs-9qbwzaOIgqsVs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-312-darwin.so" + } + }, + { + "key": "Qcvt15CpI9bdDCqxeD0cimjBAmkWmKmk9stkO02mvbPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-312-darwin.so" + } + }, + { + "key": "QD0gCfSdYU8hP-mufm-klpiZchtH1GkATvvpzUMZQbtE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-312-darwin.so" + } + }, + { + "key": "Qd3YoRb1S0jfOA2a0EkOmfO_6EtZlhmL7xuxXzo6TYAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-312-darwin.so" + } + }, + { + "key": "QDCCP32yYL64O1IQzgVSFLRvnzaaI7CxGXxxidDdxvE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-312-darwin.so" + } + }, + { + "key": "QDlQ_9_NSJfYOavhJ6Xgm_5TTCJn9L7c67wmL0sT2470", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-312-darwin.so" + } + }, + { + "key": "QDuwBFS9lOWBcegL0_haixTdQpxga8O2nvVYOL0Qb08Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QEDWgpIdl7-RJ4wQ3LBhb5j-Gbdqemqdcqj4oHKy7XrU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-312-darwin.so" + } + }, + { + "key": "QeM2R_sHl8zqGFW_6AOc_1JT5ukru3MVtp8CUar6Mo2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-312-darwin.so" + } + }, + { + "key": "QEnCyACkwS72C1dXHmlL_F1Z-h10_6NI1-_gyJKBuL10", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-312-darwin.so" + } + }, + { + "key": "QEQsqbYMX9_-T_RnyCcF8cCBwUr9frhD9C1EPS3Tp9bI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-312-darwin.so" + } + }, + { + "key": "Qer1r_59Qf9UA6i9rB8_8pfsuKUhBJbsXSRYA3mB2zA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-312-darwin.so" + } + }, + { + "key": "QeWqAcWj3SUnEfIhqzdoKu67bTx6Ix8IvsCgKa8pt2KA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-312-darwin.so" + } + }, + { + "key": "QF_R2AiZvOX6EZMN_4_uZCghvRLABW20WG8684rHGDZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-312-darwin.so" + } + }, + { + "key": "QfK-mLJN4QpFaknLxFzPEg8kjk9UlKk9KJK5iX2lxe1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-312-darwin.so" + } + }, + { + "key": "Qg211CS1eEiVTmAVo96AVk_238xwxlfVcy4xA2OiyO4Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-312-darwin.so" + } + }, + { + "key": "QGd6HvM5k57tU5UD08hJJGwfBUPQmiHz5J73HU-rKzsc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-312-darwin.so" + } + }, + { + "key": "QGJzr1b_ZR0iND7doffh3969vKDM90nNJSu9tUdj2g6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-312-darwin.so" + } + }, + { + "key": "QGtzUs_ZCYfdzpjsATobABfIdqb3X7zsix9PvoCbFeT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-312-darwin.so" + } + }, + { + "key": "QGWX8XWjkYRW-zTmCGlHUlAlXGSv6dph_HKLZirV2mcI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-312-darwin.so" + } + }, + { + "key": "Qh_eBO7c6GJYU3mvOr-qobqEc9n2EBCzCwmmLNNHeHA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-312-darwin.so" + } + }, + { + "key": "QhCRyH1pExc1gIp18ntWUAoWERiB5hSLz4MuUFw_WMls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-312-darwin.so" + } + }, + { + "key": "QhGJo1GAeKQ61pNWLKt7eRKCYfcE6MebGApoZ3NBP1g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-312-darwin.so" + } + }, + { + "key": "QHglwdFui-Mk54-T68bOOWwqSpEG9SsJRFNKEJ6EPbvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-312-darwin.so" + } + }, + { + "key": "QHgr_bi8QUBZNKIWkwArN6tv5cG0AloGLTtowh8xW4r4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-312-darwin.so" + } + }, + { + "key": "QhhAWYxH-Rvkvnb-kWcQ6dwHdlPQMCdJOlDdAxMhcTaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-312-darwin.so" + } + }, + { + "key": "QhS65fN2LtQQuCGf9Q_qzwWqR_LyKO6xDsvuT9_rC3Z8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-312-darwin.so" + } + }, + { + "key": "QHvung4fNgtyOI9siTGEgttmH-gckmgY0LsCtYvwq9tA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-312-darwin.so" + } + }, + { + "key": "QHWZgTW5ajBZIQJD1eKXJ2yzE-5Mn56e_XxrnUSaz17c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-312-darwin.so" + } + }, + { + "key": "QHYcOdviZgwAq5Dz4YtqNuZiEvh2ZY29f4RuS1Ke6EO0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-312-darwin.so" + } + }, + { + "key": "Qi-cP2HmgusErqEBax16nmT1wKju9gl5YUriE93CvPxQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-312-darwin.so" + } + }, + { + "key": "Qi1lfFAPWd6zKtCF0Yx5v1LTgZOT9R47DJ-mZqJ7R1IM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-312-darwin.so" + } + }, + { + "key": "QicDzF8xohqh3_XPJhE9vbEn961hzEpw_3bjFYskqRTQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QIMP-5ZGph5Jn1VP_MF97twOupRRAZS2AQcCMOFEQGEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-312-darwin.so" + } + }, + { + "key": "QivPmOr-Sv3ti2E3cGap930DcSunNKjWwvEySKTPfzwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-312-darwin.so" + } + }, + { + "key": "QiZYEj-DriX5gbjzQ_nCcE7tDJ_VXy9CeroQxNafqL1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-312-darwin.so" + } + }, + { + "key": "QJ8luyh_zW-4DrWtCLGKGjohe82P69L6yuhXCLSc4F7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-312-darwin.so" + } + }, + { + "key": "QjaVDGggpW7tc95_LBjrPSrr-6iHsVer6NEaBG_T32FM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-312-darwin.so" + } + }, + { + "key": "QjBjPhwN-4zQFycLyfM9CTC4e4f9XctSYKZQ4YPkq2eE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QJE8viTDq14bpn0kcrJjWNxHTYzSpovOMvqWMYK2mYCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-312-darwin.so" + } + }, + { + "key": "QJNAI0fbRqMbcNyAjuXRnbolu5QIEY06qm73fYYl0ri0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-312-darwin.so" + } + }, + { + "key": "QjRPtdgSVCUpriKUEGUyLevMrCJwnf0QJ3Tdz1xCr3-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-312-darwin.so" + } + }, + { + "key": "QKaDCC2hQa_BS46t4mR7qs2wNiH1NwQlaG-kz5uhWzfU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-312-darwin.so" + } + }, + { + "key": "QkeiG-tWrgFNzJfzYLfKjNnB1jpezhPJ0iAo7oJpFlRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-312-darwin.so" + } + }, + { + "key": "QkiJuINqWMAXTMDQr7KEFcflVwc0WCNYZow8dKTXWfzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QKjeY3Z_dxUyBcKPOqppacTfP8Z-i-xzgcH-2vGeUbWA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-312-darwin.so" + } + }, + { + "key": "Qkl-MuTVOvMX6L1HBcCgVEHimGxZ19eX5SkooZ2f_1WA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-312-darwin.so" + } + }, + { + "key": "QkvNAVmH3FkhiT2jbke48uzC8EaEeeviyhNIKHl-ECNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-312-darwin.so" + } + }, + { + "key": "QKwpAAS1TOU4Jv0x0QhdVRRamUYEaIMdG85j9F6Z34xM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-312-darwin.so" + } + }, + { + "key": "Ql12hiRwpqhtyYXKxSfcC5HgGcV5ktnU39EHPQDytFQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-312-darwin.so" + } + }, + { + "key": "QlEbZvUN1wG1Z59IUCbfCevPK6zupLzKmyPAuZFLTl9w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QLOpSqPzU1eITo4gtB972hqNPy6DMFr4UEIoIqqJ2hgc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-312-darwin.so" + } + }, + { + "key": "Qlp0fCE653giSrP4CtEJ7FfpHPIGHuwinhEVtm-N9-lc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-312-darwin.so" + } + }, + { + "key": "QlRGa9gtwBogYDZCc-wU3ugJ2vouqD-2UZ-GQSTEwOKI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-312-darwin.so" + } + }, + { + "key": "QLRW0rOkZmF6uEyhJu78N7L_Fti_d94hB-TrH83xBRXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-312-darwin.so" + } + }, + { + "key": "QlUTR_wbMtVzEge5hfL6OwdfTqOI-1UviuLAswKHUovU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-312-darwin.so" + } + }, + { + "key": "QLZOLG2YS1ko6DqgUZFdlYJvxkwSx6ESj-Tk2nTYvnsA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-312-darwin.so" + } + }, + { + "key": "QM2ilBNGUPOnhKZ1OIz0fedsnxH4Ck9OvyfGEHka_dTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-312-darwin.so" + } + }, + { + "key": "QM2wRyJ0_YpsEZT6ZrTgZ61Dm5Z63Y6ZF00NzcKzjjLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-312-darwin.so" + } + }, + { + "key": "QmaZLIM9l7VnzPMF-Z1xOA4YnZIqETKQDyhOBPS0UmqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-312-darwin.so" + } + }, + { + "key": "QMNA02HZ6lUuZjpE3b1EKu6_sdRnYc2oYMiV9l2Nzc0M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QmofMBu_hySk6xL97EdydzAM3p8aTiNxjlSl1UD5sKM4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-312-darwin.so" + } + }, + { + "key": "QmpHb9K2kGLHm6NSjxmdqqse5D3M6KXVe3d-kMu8BRxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-312-darwin.so" + } + }, + { + "key": "QMPsu3BtIw1Uk2JiaocW-xLm7Ndikh7rZkhksvqpKKqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-312-darwin.so" + } + }, + { + "key": "Qn2vDVndEvqfNTjB696Tf_JvyaveWavHkQzU0HatJUa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-312-darwin.so" + } + }, + { + "key": "QNHNyLp6bm6ZKJP_idcdJGYoRa_ddEwgUdmn-Y6jq9e4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-312-darwin.so" + } + }, + { + "key": "QNUM_iqWSmrV-ftc3Gpi5BZ2nzvFzjzWDIRiV6BhC6vw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-312-darwin.so" + } + }, + { + "key": "QNwaU-P-xRYpGnS1q9f131tBrNkhkjGmXYBt6gPyqcH8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-312-darwin.so" + } + }, + { + "key": "Qo0R9qMj1BCBRrPEZE82driXluWHTemYF2KAAnsFxYqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-312-darwin.so" + } + }, + { + "key": "QO2sAlL1BPFScGqnisv4ONw5zr0ZZzvpd4RqXocbSHkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-312-darwin.so" + } + }, + { + "key": "QODWCXVmK0viloKKl3-LGYh2sQXR0wBeC2zIAiQjq11Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-312-darwin.so" + } + }, + { + "key": "Qoiq947yDL-YxvuYM5ZbLvA_9lkGhE5-A0Tz_S6VL5_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-312-darwin.so" + } + }, + { + "key": "Qon9g4PcDssD36YeSsKCn_IFnVKgETpk01klPZttkOI8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-312-darwin.so" + } + }, + { + "key": "QOoOf6peSTGAIDxyzb38HF9XZir4JaDkSOR01kep2eW8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-312-darwin.so" + } + }, + { + "key": "QOyQ6wy1rDyiSJqwkWGdSieyvDk2aFZvJw6wgxU8ddqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-312-darwin.so" + } + }, + { + "key": "Qp1FWpMo46OlVFBDG7vD5guyWpXJgmqJSgtN9YhnSotM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-312-darwin.so" + } + }, + { + "key": "Qp6zaQMAH4WmWoYYFXc6GonLDh4EFKXbRK2Ci0O2DcK8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-312-darwin.so" + } + }, + { + "key": "QPBtpKXGe1QYlk5ofEpFsQMw3FuCUcIJlS9LB23hNtyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-312-darwin.so" + } + }, + { + "key": "QPFFWapd3vUrkpApxesSIdYaR_HXaSSGYReLfbNl_UcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-312-darwin.so" + } + }, + { + "key": "QPjngUOC6ITLIe047kfoWNfFPQfHdTvPqoQ4iwJOWf9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-312-darwin.so" + } + }, + { + "key": "Qpmir6rrDdXqQM3bqqw67z840UXwAKnufRRE9f1uOho0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-312-darwin.so" + } + }, + { + "key": "QPq_HNyRBiqR9xoTGZQcVTBONrpJH31aUXYzLRui93K8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-312-darwin.so" + } + }, + { + "key": "QpQvTkIJbgWFff0CNuEN_mpXt6bCVObC9sVvcZVJO0e0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-312-darwin.so" + } + }, + { + "key": "QpxkUwvu-azLcuLlVyUAfWP8IYQM1QM4Q9XpveMaLw7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-312-darwin.so" + } + }, + { + "key": "Qq-S4p6O-iwrgg4H9uDLZEMLnU8yJI85l07sJu6PP47g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-312-darwin.so" + } + }, + { + "key": "QQBXxvbVJkqmLCJBoN_4QopJFiXrtZHCtcXJVs5ticr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-312-darwin.so" + } + }, + { + "key": "QqEw2d-N2Ele96ubQjdAxKJLdovq7FMxql3929zLUE-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-312-darwin.so" + } + }, + { + "key": "Qqgo0JY0MFJvt2z85H-fcxvPnuMYWZustQUMb8Od-_LQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-312-darwin.so" + } + }, + { + "key": "QqijznUAISfxusoYgRXIoX_OH9pUdUlkh6Vu-XYZliIw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-312-darwin.so" + } + }, + { + "key": "QqQfDZKPJ9NMlRLuDMGNl17Ia8VNvz-1KO3RfLc7uMuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-312-darwin.so" + } + }, + { + "key": "QQQnTsmbQ0GC0bhmhZc3ppMH_tYKta4-IbnvFYUYPLuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-312-darwin.so" + } + }, + { + "key": "QQTm2AWlvkUVGbBNwNe_MFGRTi5nw3bR-kuOh9-NsQmo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-312-darwin.so" + } + }, + { + "key": "QQV3iWFB2eNPPKBUqebsCfhBNbzBITH_1ZhN0mdtVk8E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-312-darwin.so" + } + }, + { + "key": "QqwHXr3Y9v6nyHgZIY_9tmhEE0hhp8MXT7hL5goBiW_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-312-darwin.so" + } + }, + { + "key": "Qrd1Qkm2wq_1gBSwN8ByS_AwoBTk9PUjiTHCNdjYh2FY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-312-darwin.so" + } + }, + { + "key": "QRGSHyKjVuKTJVkE1xoe84qIiBlnLH7MYj3pbXb21sxo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-312-darwin.so" + } + }, + { + "key": "QrlOvTFi0ZFVq2o_J6BwCysJVU9G31-_y_wmbtqwOchQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-312-darwin.so" + } + }, + { + "key": "QRRhSmNNgVzm0ODjcDJUODsP9oVFNDoYSTpfgHGwkXFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-312-darwin.so" + } + }, + { + "key": "Qs66f1q67be7Qa10krOQLrGaBMt0QhQpVikNmpu81zu0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-312-darwin.so" + } + }, + { + "key": "QScfdAZsnl5juNJxJ7oFfXwGjwPyziYhM-haDIghvUtI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-312-darwin.so" + } + }, + { + "key": "QsF5nI43pjym142C0pYQXWNUTDKH0bsUp3hytztNVy9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-312-darwin.so" + } + }, + { + "key": "QSmGmD858FLPyRySgjhci8fnFKTWmDrmwG1AETHE64BQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-312-darwin.so" + } + }, + { + "key": "QsRJTXZq12k6o5iv8glo0v7ciAPdfjcxgjoJc6jyEZkA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-312-darwin.so" + } + }, + { + "key": "QsspaH2c9fYVGvkGoxROWPgqZ8rZTFh1BuE15nWmtp18", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-312-darwin.so" + } + }, + { + "key": "QSsUOBqLihKrbyRyUNIwAb0b_rEVw6UkGOuiER13SLLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QsTpRw4z7g2l-L_RicssJdxdmwTfJVwjNsNcy3hVaHn8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-312-darwin.so" + } + }, + { + "key": "QSX5uzVqfFXd8Nj6NX9dNGRugxuwBLPF5viomFQPalBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QsYsZPQoHuX-8YyB96ix5TM4WZ3Fwpasj6PGTFoa4YzQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-312-darwin.so" + } + }, + { + "key": "QT_mLRw3uW1IB1cmmjggJw0pp9sHyLrsdwAJtR0CwsNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-312-darwin.so" + } + }, + { + "key": "Qt9QJiBUhmu1jED_cuKLiXGA822ZI7jLdncc8mcWxAEY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-312-darwin.so" + } + }, + { + "key": "Qtb13OJbis_fDS5mnrqSi-dIFLcYQLDcbOQmnRdJ-tUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QtmZEo8LzH3v9U72gdiNrN1XixNwNYrs5jvwEKTseaWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-312-darwin.so" + } + }, + { + "key": "QtOojg15bgonBfEtLhNGd2yx14EEVaefr3_5bVlDz5Wo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-312-darwin.so" + } + }, + { + "key": "QTsfD-S_knVeUGBQFa5xsgPXYsww6ggyOtzTEOFAJZtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-312-darwin.so" + } + }, + { + "key": "QtWUXl73bFxKTxEGWDN_pjJh3oEFAKPVfY-YWtq2gLq0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-312-darwin.so" + } + }, + { + "key": "QTxj8uq1p7mrDl469nVIJhB0cD6XkZ10gvIK_OJ8-B9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-312-darwin.so" + } + }, + { + "key": "QU0aERXsY87hKYm47IOD8Ay0PoprUMODdK1MMQ8meOVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-312-darwin.so" + } + }, + { + "key": "QuDJPlWWc5DV0Z0eP9asSMqRbSI6UvO7w9IrNX-SfVR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-312-darwin.so" + } + }, + { + "key": "QUI-hxZj9h8OuyPqBjT7Q6hLfL30KTBVKXkjhmgmeNKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QUK7VyBFcvJdBnb4OqokyU0ea33KL7gGDKjobHum1ly4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-312-darwin.so" + } + }, + { + "key": "QuRzkl-BuGdgGTotqA6xEgc6L7qN_LB8-1VQOmYkj-qo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-312-darwin.so" + } + }, + { + "key": "QuSvuTYmL6metX6gbSJkHRoPb9f7TRv6b5qvhUq9VK6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-312-darwin.so" + } + }, + { + "key": "QVcj6LqJ6kyeNfmxoc1WsDTJqTIxzKHjaXFb9OeZyxQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-312-darwin.so" + } + }, + { + "key": "QvTwXhjv4pX28u5gkaT158EUDv5WUXhqZUwU7cpyBP6o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-312-darwin.so" + } + }, + { + "key": "QvVenemBTw6kt2Q0ZYdfgfOPYykVf7XWDJZJoLrt_j84", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-312-darwin.so" + } + }, + { + "key": "QwEq7jUsGBoyDY6PeusuHZ5JsrYWHYcj4o3HCtWYaJSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-312-darwin.so" + } + }, + { + "key": "QWPhkTuV17S5EvhJXY8H2YxMpzT4fAZzKRsqlBZhRhVo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-312-darwin.so" + } + }, + { + "key": "QwszUKBbJUhlXbOybf95DglSmcus46y2VaziuHM4PDF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-312-darwin.so" + } + }, + { + "key": "Qwu50-EgqXSLsK-pFl8mBVTnt6V0Q2aC6Q7RzKFvuvk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-312-darwin.so" + } + }, + { + "key": "QWwzsd7hPOpZScjuULMIJ4rAhkrBO1YOl_5iTvHlvU-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-312-darwin.so" + } + }, + { + "key": "Qx0e87eF58qTeWS_wy-AJitJMosZWZ8vyfnH65VKtIsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-312-darwin.so" + } + }, + { + "key": "QX2L8KqjOlkMF0lZZeQUdYlHbvKuoJlPqu8vAhuAiDik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-312-darwin.so" + } + }, + { + "key": "QxDthau4iJsg5M1lAo7cvoLfdqAtbY4IYqAtvwx6DvJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-312-darwin.so" + } + }, + { + "key": "QXfFOPycsB9q3bRc4Ewkdtq26SWirehXPjRNvLJn7cIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-312-darwin.so" + } + }, + { + "key": "QxHkutnyfDs7c1h_F2snkvt7TqhUTyG_6VYISe-WL1h8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-312-darwin.so" + } + }, + { + "key": "QxRllQa1o0Vc9AJyEqxM-Qt8YWXDX9ccL1hee4sKIGlI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-312-darwin.so" + } + }, + { + "key": "QXvy0R-J5PFpZiuaBNNuljenEC9IRTOtvp9K0ftH-nN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-312-darwin.so" + } + }, + { + "key": "QxZYjPu3F-d0IHQQkKQCjyVSCLqYGP9WY1je2SfWWTcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-312-darwin.so" + } + }, + { + "key": "QY4sbHcDfk71E89TsCswejDaEz5IkyRC2dWAP8mPNF_Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-312-darwin.so" + } + }, + { + "key": "QY4snzsYG9f3y4PNgr2n5YDeU-R-QIwlgzQNYu8GM-sA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-312-darwin.so" + } + }, + { + "key": "QyDbxaBOKTHopqVvXaoQAySPqaNr_tz8Vf2OahWyZhq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-312-darwin.so" + } + }, + { + "key": "QYFuk0sP9vOIW74LHB9Kfe8MiuVH_zlVwgkW97rRi-XQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-312-darwin.so" + } + }, + { + "key": "Qyshb7tGDDGuodqCIUuUQx1rWXL-V5cWOUg80A7XHT_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-312-darwin.so" + } + }, + { + "key": "QYWOSSRumtcsVxQQ6EqnA1g6qnSXlyiRpNEGk6WFmzH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-312-darwin.so" + } + }, + { + "key": "QzblgsZqz8A8KCzSTraNZKmx6X8xBmTVPezHFfn5kxUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-312-darwin.so" + } + }, + { + "key": "Qzcr9_6jynYxtXcujDYuUVA7hWhsLO2jA1YHZ_8yEORI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-312-darwin.so" + } + }, + { + "key": "QZHyl8ssIK6LK0DeZXdKC1RIFsBYfI9ADdWdium_W0Ms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-312-darwin.so" + } + }, + { + "key": "QZLwg85PaK2xPCYtzZAhIbN3hnFSyuIpohzTQMrVAUS0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-312-darwin.so" + } + }, + { + "key": "QZr9ISRFMHaEK9CjA25quqc_rcXLZub5j1HDgZu4sFv8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-312-darwin.so" + } + }, + { + "key": "QzS2C22G3jaFNM9J3_r6euTlbKRLvWIcCpBzWs2i3hfQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-312-darwin.so" + } + }, + { + "key": "QzUOKEwPPI7GjeIuQVYhCPib1-AKvdiZyWj7araP9Tyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-312-darwin.so" + } + }, + { + "key": "QzxFVFY46_3oReFyGx-hqnZmk4Vi6t8-KyVx8ZX7zTgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-312-darwin.so" + } + }, + { + "key": "QZYbdw4aH3DBL1v7vtr2AJvIpVNQrPOcr7zdcQAb5lMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-312-darwin.so" + } + }, + { + "key": "QzZBEJsVY6krUoUEXoMJZovQgriSOcCzkf-huSUYc3E8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-312-darwin.so" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QquSlkYoVKDPiNXid103Z85HFyXlF65V_4DVcRutABaU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QrVarm5fsSJgVcbbLq8Jl69pkPH9kqWn1ICiIxubFpoc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QquSlkYoVKDPiNXid103Z85HFyXlF65V_4DVcRutABaU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrVarm5fsSJgVcbbLq8Jl69pkPH9kqWn1ICiIxubFpoc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QquSlkYoVKDPiNXid103Z85HFyXlF65V_4DVcRutABaU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QquSlkYoVKDPiNXid103Z85HFyXlF65V_4DVcRutABaU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QrVarm5fsSJgVcbbLq8Jl69pkPH9kqWn1ICiIxubFpoc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QquSlkYoVKDPiNXid103Z85HFyXlF65V_4DVcRutABaU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QqEaBEYGpX2RkiwxLHYjjGt81VB_rCR5SD3e5JcUrlqI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QquSlkYoVKDPiNXid103Z85HFyXlF65V_4DVcRutABaU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqVm23RIhytBH3_KnGY-0ZqrlmLUYZkZV-J8R_dgk-jo", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgKiclh7N201oDScUEXhKUUtYk8KXOaUBErrgOYFjX9w", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "id": "15904524874", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 43129652, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP0haiKUIRkwss5RFHR9CvuKWCIbX6_sSifnh3OgWNJg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QP0haiKUIRkwss5RFHR9CvuKWCIbX6_sSifnh3OgWNJg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q39UIhF_sOJdsaxMAonzQE_KFCdYnSm2m4Syjlr992NQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3e18W7c7CEUIe0MUgJ4d-Bq07GIRYUnGxOEhIjLiZvU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q35oSH3WGewHwCcz08QynyPSi7I9ZdtaI5_ZUZgk76jY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2wfM4uyo90nHUuh96Eewjr5OF4wk5ToYgc0jjYiSCB4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2J94WOZzBmqIqYTrEXq9Th6OoINjUT5-oJDnrx2tLIQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q29zDMkPMgPq0xnynr-SrRlT7feiiUQe1w3bM3R8Xg5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q24OD3GzXjoJGq6tKt7s4wXGH3xR4f-GvJOC0HxreC0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1U7K3KkB0Oqkb1enzrBmEBbzJbwiDvfBfLPL6Vyr2M0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1aQ6qtN4vR7xtgUYiNMYHyD72nXnlxewtCCXPZ8RiHY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0zGqGi9VeA3NU-snf34ltPHLJBETKd7aTz97fam8g80", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0loYS9yOT1OaOi3zYQZ3uyEmmVuKkzftFGwbTd_dkFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-Qf4yWrRL0BLWKwJxHjzERDOs7qejtPsLAiOduAQrrw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q--qq0vTxNNR3SOs3pjcfTjSJk6nXskV8mpuNhsSViZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_z4s_oDzRNXSpJBWuC9VF3lDhI48J8ENeKAYji2HMCY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_YIr1HICfmwkIUsHGBbUzWIbtE8tRjAAVqSTqeZ-qjM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_uicOOY2VIycZCcGGn-5Kg8MKqjJ2Xfv6obCDakDJSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_TQ5Hub5yKE9Ov2Y-4kD3tnOqWiDTy0GlkBozPY95yo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_sxFCQ2TdZF6n1CIK4mpkeAQKA-I0VqoZ9v17DVPrgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_oxFfzb-ySrgH52LFQI6ukHKU3ze-LahqrE9XrIY3Go", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_mrNfJ7iY63INnSJ0z5ZzwNrcI7G0FXtGi62vCRLt9A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3QdXMnpAO1iJxpCVnYXTQg89TQ6dJxD6hfxE237IMwA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3qhIhh_LX5Nnn0kPrh7l2XI6-1cFBFuRZJfPDIKX8VY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3VK81FcLTXL8BbnE0TOKVRbt7ztH8R-fuD-MBOyxS_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4_a9z2VU4BRH-YcOKVij960QTLDLHexjNxnuVkGVky4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q42lcz4p7x1TUP4IrCIxUQVNR0Qg8B7abrVkfzU69GM0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q45wTXcKj_x28dpo6Oab-e_ajQ5zQfvSzagKFZlcJYN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q56bXgkOEj8TQqFPLlwF0uRRPKfVmC9U1SR4D-ZmR6r4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5CxUqd6ZyLSlAQWnxf0Ixu9vihrtfCPi41opvrcJdy8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5iwDLh8zUwWzaQrWLgoiS06ISYg5dqVL8W5ntd1zBSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5R6uAAc5GR4F2UameA2Zq_5chErhZ04mZ-62OMc2ys4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q64bXL4c-LOR3x24ZNxbDRajar5fVm16OnBhLc2uNhfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6E_kUsRR5wXtu2mFRpZ8T8Ij6ApjoA2otXG2OS7qkC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6fNpW5dGwbUtbZ-yprPBMQlhX4TVMGls7LimoarGSl4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6FtxQIMNfYzYqXWyg9mYWp_JOYXcKxec__m4dAqnn4k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6gxK874DBqjTPKll0CCNCE_hOgA_P6LNT_QniA6Oj_k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6HtYHL2LwJE5I9enP_518PW4__PmjGbpaQw6RGpEPmw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6OcFTB9OcuPPtTRhz5_q3H-eDo8fNRycWHmBlZqu2cM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6TatBUlZzdk-a8Mfim2YydB8-2cpd5eI91Lm_XFvW4A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6XidR9sPVhyYJ3nSgz4-7W_YD6hR4zHpfFE7uP3ZtZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q71CzZO-T1KZQg4ePgJjL-uHCKIPgSTXcBtALgjj9c2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7H5jXJcQp1OjYT5V5fLKMnwCj8QHzI-pEgZnM7CeG6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q84ZlG28tLYfoXXDqDD2WcZGUMeyhz_gQmMwP8PsXkOs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8gagZa-415XUoF6AZvDxJ591mIdrgk-h6QO1WAbZNXw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8yDlmwEHP7H7ONLOCSlKAigTTzcmWw2ja2EdTlzInXo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Q97SHGzcshnxhmyexZ3F6r2NV_dMfdlrtPt6AOjEHgbs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QA16tx0nmoNswDXkjHZvvUihXx4NPM-k8Dnq1xuyfquo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QAITrUrqejv6haFHMZlThATllAfn536YQx7h0Cyc8M6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QAjuLQdLTfhycrXK8S2g3TRxhAGRYmrjz0pPAecRrStE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QAnlCK2I5I_oWDTpV1nbcfeyEYGdRTwIGfndTGUV6O0Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QaodY9PYP6SC7YLEGFNQOsT8ubiYgxxAi5kzEwwdriQ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QaPb2pcE5f5D07rezeOAPzuXSJYex_XnL93z0Wcfn99w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QayTVuBdTPp79iczo5NFNmf92_TwnOB3E5mxo2Gz8u9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb50z3LeUvsArwW-T1hxm5UHdm7BfT3q_GRHGmf5BSkc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QB9_udNEI_aHlkzED3CjVixwI0fYBxmqaTD2CP7tWSvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QBaAu67Z7Tw5mZq4a2zYWNofvkn5wsh5PSU7ygFmmRpQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QBMTpwvUlkshAhQZLQuU5ifB3f1ZBYDsIwERsvonuwQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QBpR6yMcI1dIRT12kiACdITcWu5UBtTkLoSvz6SjavNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QbskBZSD7WVnLrNVBn5z7SCyGwy4g0gIICwZG9p2r5wU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbu3HACDkn0hN-w0AXhZqgzd63pXxAv6NS5Fk1qQLKzA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QbYdCRXkvr_ZiFymyNJMtdEVNjx4sX2LmRYibSS2APXo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QcAyZ0_EQKpiPm8OKYwUpgWs9Os7n4U_t6oKFsKtqqHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QCxZDA7KmuwnvRo1jHfz9PPuBuZ576XGIP0cac4-D8bc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd2dGrBBiD1si-zQZ9MgdWyMr9o8_W1dbawrmNijLFU4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qdb0dbUftbgaVHu2woM73jR-GNFi5nEv4okmfZkQXYp0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QDqDj6LUwj13eTjfpxTqrFgbQkBSrKkuzPvNZ7BM7yrk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QDrMgyU1D5F36bfamWo2E2FdHECPNNl3LzVhcbpjkW6o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QeCGb4EillucW-5DA0KhA35LqWd8q99d7CUrzxCDlqcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qee30k2muNhIUAMSDm1-Gwxu0_sM82eYriy-T1JQ4y5s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qeex7C7Ch0ATiUEUeASYnlggkxZ-BH1khATMEDIxce2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QeIjbj-Zk2xV0Kz5ZK_vK80dr4kZhlidyLQV8mfX2cYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QEO3bbIoex9P2b0BEr4zDo3ppWqYFFGTaAhFIdh-sv9o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QEuafPFLMdgV83jfTozYWkGXpwkwK98nIQ7S7GdHFeuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QfBxXQQrmAodx_TzfpXJIt9X2bm4cD1Ry-w3PSKhuQQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QFHmpgkeFb1F8N3kqW1o-rKmsGoNWGejFI3z7YIFdesc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QfPnFxQS5osl4Fo2pY0sg_2TeaXQ2oIDDHL0jYU_fgCM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QfqC_Y0Xdr27uMQCizESzxfdvh1x2iY4tjeeTZmIEW-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qfqlzf1nqNkWixCfiQXJoGdiyflIqxRdfsicGhxW5z6Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QFTcHOskhFGvntp_Mo9Dk77ZZ2MvUIMjGs5KZqHmRonI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QgE3l_Ecve5iQIB2BWpNikUHgquygUX5G0D5eJt9UWEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QGgXliXT8dKdM1gkTRqMbzr6CiEJ-lB3Iyj_AzW9m0LU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QghTmKT8wb8N7TSlv68b9qYxF7HoyrcsSUbtFhXzX1OI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QgL2kEHQePzqF2BMXHbQyQDV_-LwgvrmIiQw0x68VzpA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QGmwytujLGreNY29zVveWK1lbweDsu239knUfci-oBKQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QgRxtHrURmyc50-z8U1QGzqD_t0KgCQdiBxXDP_Q0d6Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QGXuzOqrWjWql_MqFeqbI6ajvzR7HkGBCuY1EMT19H1s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QHQ24BXN8UIFwD8SGvWdHd1jSCute8_KdNkDrLbm5Y3A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QhXpo5tJ2biUDTz8fbZFbe83XsnshFekHAR4Dv7Nz3iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QimAUjpF2-q2oYD8bHyk9n1Ao1TZXg9XhJGFOkCDaKSE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QiPuDgKisX4O4eyIsLopp2eiiL-G9RdC5GxqJuf05PRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QIR1giFCQXi5_XoLQ1ut8xeOKYGn1o-dhIqElgktWCNU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QiTQst0jExXXAqfGw-_jsEU98LbU5JaQWYaDkasa-w6k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QIxbKsfTAxlEsyBY8lns7qkYFtRu8SAr3OAfvEU98fdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QiXUcP-kZu5iaR7JhNulkNujP4-fY_YSaNLlz2-ddzE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj8d98kyOBjWMh3j4J9lV5bzyiFqBIaHhaR4D_UVzAbs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QJaU8L7PwTxS1tRLjLs3p9A1KlVlGfFRX1gjCXECJSeE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qjb60WZaHhD7GiiIaUPqWGB4JF2wR1dAyINBv4Jd4TpQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QJitEkgeoImWLSGJGtRvIuSMTF1Xfu1ufiatFYIL_RQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QjNMJqpLG01iQpuSJUnGDQ04tD8zJx1Nw4icst8qJ9gw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QJs-QKl1Hsyk2Jb1KLZaQVRjwN_oOIsCDTHX58AD6dAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QjuMIMnEiG6hhPx2idbbbv87YEBWfRxlFFtfVst5odkM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QKacBuoCdO7nKxY5cjY-mFVy9BckUH1BMuvIh4w5leXM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QKcFyMMyLdAdGsL8T7RUWoDnolDJzYYTVEC6t1CcdVNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QKCRb-j9WoFDY_ezEEHb9I8JYiTDjyGj-Kn_fVcUywMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QKi2dBMWunydMgpQdjQzS88NkhMRKIhd33Dq4uYR52Q0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qkk-Q3tR6NnhPFLmcxr6OHEBmQmNhJDmWQrO4bxgh-Vk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QksclUxa3IjYRm38YGNrNGLdBJi_uHkAWfOhXSNgoFjI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qkt-pefbhf_vy9vYpKUbdWBNGERrW8WYHrz9UG1K82lI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QKxXxPwiP659QyWQcQc9h4w9h6dCAF2CA1MSIu2n3pKU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QlaUaq1NW7Y3HfnH1B6-Wau5IBLGZXUuemkxPVpLXb5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QLFoIraUW6Zmm8_lf8wvXfB1_TTt3MayH_gN6Ko4bw48", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QLMv9bC5ooIqVOCSPKxrm4AX-T8kkG91r4kLRIsm9roo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QLpS23FreDT83le6BqmsY8eRUTnKFEPJH81ASkczfJ1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qm3p7HdcFmGmcM8_0iOfRkjfiLckBVzumhL_UJBlt6Sk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QmaEBacfyJPdf2VSabSmSE4KEN6Wr8T-xed6QVSyNP7g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QMDhRZ-ZfVgUqjthvp2CxlgfoZzPk_YDS_PYiHNLJk6g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QMnAizijnnlPqfs0e8qxBtYerG7I--qxQ6EVotXDOaNk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QMWxVgH8k7mPDmdk1osHjmZYVKHI4022qO6XVYtYSce4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QMx__7wNMSBCQcayMVHpfASY2JCK6V6ukpyhrSqH-sIo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn3QvTOPKN1oUGskTjxlo5-j8omOV2J9AX5B56YUFmH8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn52cdcOZ2f05il5nSj_oxb31tLjWq50PK1BkZzEpLGg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn6BP2ZWgbxyVu1I8x_ql99DQXlLS0yJugGjVNGbzUSk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QnAlCQEpPGv0qG2uFk14Vp52K9JD1CFTc91jo6NpGFwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnk7kMCKGh0i4ba2g8axPqFCMgvdpbLt9_1cJacdArP4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QNuQ2a2GcKmsUoBuaVd4bVC0WvBXoD1Nin-yEYu7lBl8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnw3HNfWz4PimwXH8sRAXDqRQDoY3yqpuPGvf_B5RnRA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QNXHMnYt1S6JrXE-J-ywNLUcUffiTs5jXX3qlR7MiNfc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QnYQaXzgXR_Z-p8pGtxRXO0fJMbiqKHnjzkCnRVnSrBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QoHvPbE1YuCAvhYkwuK8OklYac50QHm-olPMkcFDBm1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QoJYefF-G9U7O8s5_myHguZbAkO7F98Saea-6qRUpYbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QoM8XTUwgvROsLertGjer19GWykuOD4YT4ojqFCSKnhs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QoOwAD41BvS7kgd5dADZ6gWkOEQRC8dXCLOHPe4E61H8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QPiJ-aeqQwKPIOmy6twKYG5bGL-eCbK-fk4bptfj_1PU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qplz_8vQXkZ2DXH0V87Sp6RAuqhZ8rs5qoA7qh4KPP2c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpNY05JaK0l9YqS08dXF-2BPutYcdeVFbnFrz-1Dymo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpROYbrnsSvnRG810sLi9cCIS6x3RktECsbNKTUl8L8A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QPs-QzqU8v6kZgtK-XbMzaj4l0rWfeyZebKJM-WrE8m8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QPsA3Ms6xpcEfARvcq4mhTJnAS-U_LXmJeGbtkZXzuSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QpxexehZiliLO4RFKf1Qa2Hxtwv23xQbOG9BIaMwk5Dk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QPxM8qjt-n5yyWH2HKfqUhoTZ0E3RSMBuiymPD8CgHVs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QPz5gTip3aDVG-00hW_fq1wkDYSJu2UTvj3rXAEevZIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QQagMfEN9vcNu9tv2MmKSwusPzK61m8aXKsKuC7VBxZA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQhX5PzcJEsSjueUJ2Y-63b2B1tU9OYHZvnnFhjly9QQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qqwmf3969xFwVIhwt9NevRDUzK0-Uc5_r_YtIXsxyRyg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QQYeRYlhnM5r1nNJJPMy023HQlmL8ZZyMUbEKEvrH8x8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QR1CF4S2stO-LHflc5yOtZidpR0rHTIxjqMqwgbSrLWk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QrAsMVUBmCnrQ0m5SUAmPpQXHaOH794J2IxK5mxnNd1E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QRbwEuokMdyZlph7bYPYTUrLgk1KO8B9HYFeeEbWnnyU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QRFiIVDPSaFyUHedkergCGrsyGnP2BzZb0YZGIJ1VfC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QrLTZwPkZuRX9k6F1gvOEtwyRsaydv46FskJuKRTVOZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QRs8P4IsHNQK2zcYHlXDfZzPBplS0GsO0av8pRtK0Erg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs12r0Gl5wkcbUmqnbqH7OSnfB8w2JquK70k3DGtmXLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs9fiNR8Wha_O2GSpCGA0u9FuY79sWxV5UwJyOrxss10", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qsagg-QATr8ArJmtH3vpvaANTXZfKbtxmTI60zsQUjAA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qsc3wFjBKSLY8jh8QhYRR7S0qLhaDMd68ntZpLWThE-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QSccGH6y9epALCqh2H-R0bT14HLF14RH7UUYhsAc1cq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QSCSeI4UgpOS8pJQ1chgtCOiyrllU9CqF6pj3eGgGXBY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QsdEBJEYr9mt94iLUeZJcWyLYMN9i8lt6jBA6k7GPfCA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QSRkcOxiGUK8zev5y3mWsrVFfOfl8F7tLm9Phvfo8WrE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QSTicTcM85WCip-qZEZvU3CdBmvBddv7Ss14uAolk0Uo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QSVV7h9F48Zk0RyEytnkq7Z5NU2tE5hmtLWTHxqrS58E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QT0TuTPUIbyVWqisWQzp8N-xNVC-PEYpydogL9Gt8ODs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QT2KvRL9Usd1b-RxRMQdUxmTHUMrEfXsfJYbi3FQwIq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QTEjChEBuZqOUJSitFVP9OyKk7P_gpDorLlBuWWWIo9w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QTfG6jsd-fywBxGVo0P0D5l6ci1URzKq37D-u0bvR_w8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qtfh3iQHYr9FIdUYUJcTuaGOFqDpHhlX1CdBc3xd4t08", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QTHGDqnlaFKSbBgn0ha_dHxsc7vZr17dOAiouPjjHXeY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QTkRrIed51OcPRnI9TF_aEjJ9mor-qF3rFOK0s7KI4oo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QtvWRiKh5HxVCuy-LVoxvd50DdriIfrvxRSOQLEhAhJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu-SigT2Hrs3-v1x4mHEDiEa4gjm5QuoGzU891sA7FQI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QuA3dn8UaGlPQcN68_Ps8vF0N_BQSzaMdlbgcW6Engcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QUEOMuRDYzmSXyvDBaGhDdSEAabBbQZJ9olRdUG5kQ2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QUNJpnBFW5RUsPGDeH_c4pvYtjCr1BXfcSEmXSmltAYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QUpGKQTedARKb-D3fJ67_M5WXwV_vW9HVfdZjVEfuJ2Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QUsao4JtP0qFQh4BzBaamlorI0KpTtVbny-95Oo6lWB8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QUU8xkGqeBMNtxv7tSj930W1v272r8LQTtesHbuVbpSI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QUxABFZkxhBlvnYatwzVmqS134LTKMzpnUnJ_ODmzWa8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QVhtBbhkpP3P0FUAH2VN1FHyhhmG-ZwTXQuU485LVD-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QvPRDVsuXIC1CcLuPvbek1UnvzmqA96ZsFIp0ADOu9RQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QvU5DcMxAsgpddW4SqNvGsz8MF925CWmqlPFgArZlxgg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QVX2TKorzsprRemD92OjQkqZMu9y8CoOjNU2eoEBceCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QVX5Vi-CyHixY5XgAUGKXE7xZ4EWY03S3P0L7R8i3xiw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QwbhfFRikQQD7vX0rXXvNAiCz4g2XWvPI2R3GnEAWImc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QWiyzex8rLXgrt-d0deDymEMOMBsU028ObgqCMPEcjXA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QWtwvYd4sd3CRVs2hzsWeKK1Tl2NmqEhAxnUNLae7uuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QwvoYUhwmhrIqd2V6UL9SF4cMjyRlP_sVFsHF3Hu6JRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QX_ppArvqazNE4HaG9-pRtt_LejoW0NMc4x5CEn0gPYA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QxdjUR_vLw2F6XPYpTcvje2lgB1oje46dQNtDallx0cs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QXM-X0_2Olz3Id9Ssiu2asJlQ6kIKfFc7pKrJLqfomLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QXpyesLfAQW2FYk1hIREFDckD0uVMVYJYWzsRD344QuY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QxS5bBYhGzOhX0LQul_zdnFXA_nGs8vZ_qJXB_CDlf6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QY7KpdY7gNWQ8hb3coBavuzwrtKgPaAZAIOlgjlxmJm8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QydEr94dE0s6lqXflVIVPuqjdWTI9T2pYE-IIG2wRaqU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QyEqSI4xBnOucCGttL8bfpDxEuxeffpQLevMz_qYIVfI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QyfC_-uSdPjsgrAcw1pHnWvsTx80e3HbGsSxNbO9u_sU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QyJDXWB9M1bh7cGGAbT6AepsXPiwwCVsKEJUOlowBZ6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QYkA9oIClPiqp7U2kMB0TmZcOroUeQOT5wdrRuiFpAus", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QymPdyOwkn7bKn0tgrhHM2Vj399RxcjFiqgS_IYicgWM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QYoyZ6rS-0eZL9_oEZTIQOwmyByEJo4Z87qFpgT8JgQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QYWEAzEEf-0sYW6eOjL_0yh11wfIHl8MDAOQm5qqXRQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ-_RpWh3zZJQdHUYbMPQYvfI4wKqj22aq-Q7koyVDTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ-tawc5_zxLqczMn-Nty3Mv_0YGsecVA-RczOVIpXv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ0aaqeap8-ijB_xy3wFsP7_RzU_BFpdFg1mYS9mFNZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz49aSnEydJ7xVw7pOLs2_wXvLh62iC7HrFmjzMwZgVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QZAANkItJEqG9HwXOrpnCLasi-UOIn0Jx2MYu8z4dZqU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QZeG3GvDrHv6iiDZ7SNb8pgcQLYB0AEy35jy19zo-L6g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QzLLfXN1_FdamNMRMrS2SD2jc8_KLtFxINGXW17Qz3zk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QZt6i8ZY5dBGwVSBwzBqYsPrzL9oNpk_MHdzhQ-BNwN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QzVpsewjLcX5vo9DNFRo_CQ14D0wXRxZw1ral4pCVmIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QP0haiKUIRkwss5RFHR9CvuKWCIbX6_sSifnh3OgWNJg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QiosLfKJ3PLboQf5JQQwE2Zq0eQp54Qm4DDPLZXNBG7s", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QP0haiKUIRkwss5RFHR9CvuKWCIbX6_sSifnh3OgWNJg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QiosLfKJ3PLboQf5JQQwE2Zq0eQp54Qm4DDPLZXNBG7s", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QP0haiKUIRkwss5RFHR9CvuKWCIbX6_sSifnh3OgWNJg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QP0haiKUIRkwss5RFHR9CvuKWCIbX6_sSifnh3OgWNJg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QiosLfKJ3PLboQf5JQQwE2Zq0eQp54Qm4DDPLZXNBG7s", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Qzma1-2RsBUvKCKhAdhTL-KF3136FAmTQeyMQdJabJSw", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QmRUhY30yn1pvP_qvuFf_opGTnmDir5dWtnvjml6P_VM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQaUF-qTxUaFwn5wZSRkAzF2IU4Lr8FFweHrF_Ln0WXo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp312-cp312-musllinux-1-1-x86-64-whl", + "id": "15904524875", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 46175869, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QlurzVzDrhDw_lMfmLgVj7VV1OTIjBVwEM6bw2BXy5kQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qlpxj92RzJwR0valp9BCnwKvdRzuBjTBnVTzZsJJaBzM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q_cAyFbXMGiWWe8yDNHpCbqMODqC-akzax3iPjg2KxN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q_r0Q-v3xvrqQwkA1SPineiW0nh3niVbTUnjKIV4V6O4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q_Va8XV3BFHbPYwBIBcjiiEEVaAncjEIGp06UTdZX4EI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q-D_jOcnoa0BsKPprr62x9vLRuE6A7TMD_bLItN8z03c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q-EyI1uLpEki9ayM0LmsZqc9dzoxyniJemJ_u3oW-q6Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q-jD2XjX1CGg1XteBI6VEegUt-t6pW81tPqmIw3oh3m8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q-PXnW3TvYZkB802Xryn3o-WKz9lBrt2wWcbVg6C5uvo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q-ucfoYFrW03yZRxrFH_7lYIQNN9LOkVOT4Dve838k6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q00SkQZow-rBkXJTks1Dn_knUYXkK7NnWlHIXwC5pTkA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q1Cirw8gkromQakG7_L1tsfAexA4t4_BhohovwmMWN1c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q1e04h-ZV5gDcJBs6q8n3cVDLiSpnrNiNPkFXYWPpqGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q1Rhvcp4bXre75X83jvir_U6gS-SonmDIYcDO7IAW70c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q1WdCpa9CA9rZF1PTZ3nCl8VB2FVPyiN4Sqd0HXBRTy8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q2MQ1fZKxYgROPOfTHuVSMcky3w2MAD2D4I1RqVm5fXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q2xRZwJKTYvLYzxMEhhlb9ErQJaB729y1hrro2kKchds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qppla_p0xvmlUqL8jyfb28bUMmHGxxuV_VQH4nqOUnoE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qppla_p0xvmlUqL8jyfb28bUMmHGxxuV_VQH4nqOUnoE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2yW-gDCHhNYOuC4e8f_ER2YX-2sCm7x5pR1G8q6y6z0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q32ELW8D1lIspABIXopgxhQ-eTm3XhExVjrjRM6DmIYk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q4-jvWAWzm6mRNwkDNOpN2IgaRPFRUfVfMkc4cxS-P44", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q41LwW6W_ZFOGiyeJKCKaiPB4LVOA260HA8u6Va4aFRA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q47UvL13yXnssYEceXXHKB8bBwFW15HzyO-TDVleD6Us", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q4BwQ8xzrBU98TSE5dYeMzDzDYP_FrpRAPK0FBB1WEA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q4fmtDmQzStL9uudJKt-I0T50lSXNjqqtUHE1ctEyNnE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q4jWwiGsFUqQQrj_CsH0p70T6Bh33wTp3qWMkglGFncU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q5mkS-VWOwwaAuIPoadPQAGiJZ-UEXrhOwUQcottmZjE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q6agtT4kVITez9ECpCRrZSwKz6apYOWPJrnQf4YHjkak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q6bNBZFdozpeBTsskQWfwgwG8OVDPFtJwVS_YmU8AZsc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q6iLiPFLb9hCMNaIc1Eb4-qCS9LcVR8gyVyNbrNyfGqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q6kKc30zyGxSuCVaSC_fG7IweQfyjPHz2sWVGUaC9KOo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q6sQBnMs7qAMgudzXmePZ-vLubrfExtx8x6AOJn_Qg9M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q6t6ejtHVdIFco8fJlK1WeNCmWv3YrNpDIMRmGv03dPc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q734zP3AQmW-f5yACHFRAGiHZloTw8JSpwN_q86cMupw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q7b3WeAXhMpyhb77GtLvv7JRsNDCK7LTtBm0hXhFQlos", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q7BMivFcW3ogksaFOLvkLDauaKf4I1ewx1Av_cPWNddM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q7KvkwmQM_lArOt_FBhEYrmCx45ia98oJYgG2Y2I3cG8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q867fYs_az0XfTRV916kfLYlSxVlva8BRh3_bLg7A2FU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8EMe33tUE1Um_JZ0Y8cyuPFUaO8gbUyNiXwUMPtA6T8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8iqCSGk-7NbNAe_q27k3tE8f8JffsUlR6mjr0XSLOtY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q9dIpQD4zUzdVo48Hp6WUEkC324YyVLn9tMxN2oEiMIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q9k4hMuMYQCCHfaVXoRCn0p5I4kqBxxd4ts_SHhZnVC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q9SX3_hSrkI2C9jEwACYuTS03ebO8MPxTLgIMLueAJZw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q9VGNI-RSzPThTMJQbpDCiPIAaBELcg6WRcwVbcBl9Co", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q9wlVpMcFg3-i6s2cY73DggG1WDhEzxr4leDJujYojvk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qa3Ogrogv3oCYnAA4ds8UrjxI9tpyHaiItYiKd3syLvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QA6yRQthx6DEC6Paq64OuLNegr1fzxA0-ZNg3HUkKfXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QaP9_TGa-po97gmtC6iwaEREFPPRG258dIM0Z_DCRp28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Q22EsGDSr-Pj9-_xIAZcHwAwwpb-RFC3RgkV_g71mUqY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qppla_p0xvmlUqL8jyfb28bUMmHGxxuV_VQH4nqOUnoE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qb4o2o7X17kokKajloxXYifx-fGfagwRPrSjoHCEeUeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qb9E4OL2GSJpJGtGRURF0GFddboLlFv2rKNj8JVbvCow", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qbb_VgHlO5mREg2jwa3Yon-HAlkHPE03pJpWsnNaJfLY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qbgztw8dQ4Y9zVR_-KRsKCHrtobca-yP7NZda2aMBne4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QBjlJLqQy7dPBLIwGoqzNGDuPqlYKY6z0xup38EOvj4A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QBT6R9LND3zbroEbQEcb-loHEuN18DLZGs2kRIG_nHFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QBVu8XsKlP6p9MJaMgwBfGnccguYJVPWsx7v433XLr8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QBX7Tu30kdnjZjpXUHleqSo6vo6vnyIE4vI95MMOycrA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qc2qdAsL4amJExZ6WVzTzmltJsEO-xkY0W-sf8lEeevM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Qc66LydzNKGVBjzbiXRbWe-zja9m_g65P1RBX5ZoMDmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QcBC1tPZTfODiUDWMMsRwK0NRJitqV_3fKsqG9tABWSk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QcbK8puRl6mmoqv0EssJwZWVshwt4EJbXLgXZqu6YJr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QcfQs5BDK4FZmkhjgF12sZ6eKY7YLpKTvzfIOTn_bg8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QChLY6tc_taPQfjirWWW6zznZ2ANr6JlQajR4lm1a40c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QcQ_rM3X5YwVi-NJxazMZB-1VZBGHt-_wvW_N9j-yhX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QCwbv2NHL2DEBTR8j6Exq_80FptujsIc9LNWLxdJ5ekU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QD1VNmjR_tEGwhm4ejz_wfJZMO-8qZChJpH_McfzeRjM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qd3JxUwHXrFQWdqizH9hR44Cq_XBU8vlD6KMH40CPt24", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QDpzJsS_OAbWXa60CK940kP9IwyG46G4Jmnw-x32qHqc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qdsda64ItitOW68h6egkDVz7STlMQxkJvoh6zGW3LqFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QeGaVeeAHulRwDoY6JXtNTD25K8ppiMrZnPtUt1b7yoI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QeGRDvQk_Fw7Y362W1XgNYVdu88KmYXPZiD9AVyZtrv4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QEHOILh_dAyPyJBno4I7xH3WZ8V79V7c4pbKuPVcnolM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qppla_p0xvmlUqL8jyfb28bUMmHGxxuV_VQH4nqOUnoE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q22EsGDSr-Pj9-_xIAZcHwAwwpb-RFC3RgkV_g71mUqY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeP6X9TiDbowslmhtAXXtUAGdHNauiSlyToXDtWLXzHE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qf34zLQ1avn8qg2JSKKGRZOlMH5FTXY0qgXoAPbjUij0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qf4_qEezoSMBFTOWYAwKkKZDnIjtWPRBY4shXDc3pzN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QfC9ujSFs2MKOaIUriHhb2h5Rh9QtWETtyVsM7hrOZE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QfdebF8NyeRtPBoxnl7OAwkxnsDNWpBM3VGpIG7UVz4g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QfF5HaMfJ6ZZ7OSuny6Q8Ibbh3-ACgiEKrl2DmEZvu14", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QfMrQpnUdWjDGsAmI2gdEjb37-lUqg-gL8xmZU-1fiUg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QfRIXzrmXE0fuU5ApctceZirJZJu6qM6e-8YF7Ni556A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QG6UZmwhr0OAG57MoQoicXH7M6rEEadghllhtF8uEuag", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QgddsQfWKFcsCHF38btDwKKxZokoBHvl9NLSmBwQP0iA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QgFBlcdVv0nN2v3R6A667Z095vjdji4Ie9o_Z3_kcDMY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QghnJkcqxsXq_4qG35W4LT83ze9cnjUtc_Iu3mQa4QKw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QgJybIfd7donCxQIqK321gwMnIV5oUCS4U11lQ4LxEjA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QGNzgcqfuP6_Qyb4WAVbKIIt2kBVQlE3YSUy_bhh2k2Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QgPeADtQMfIV3v9ZTOO5XmZnbifh4WZazLeBD5vkomnQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QGS0U5X5dW-lRqK3odTsaPuTqaZBwjHPzJ3vovoRY-i8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QGwIZHq8bsrmMIOo7dL2WehLQWtl33SYMCoWBf_fsx94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qppla_p0xvmlUqL8jyfb28bUMmHGxxuV_VQH4nqOUnoE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q22EsGDSr-Pj9-_xIAZcHwAwwpb-RFC3RgkV_g71mUqY", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qppla_p0xvmlUqL8jyfb28bUMmHGxxuV_VQH4nqOUnoE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QpD3yZRJpQBtIhmKl4lGY7MFsbzfhq5kUFdBj5CpMH2U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q8KjQhELotKL4UXhRlKxQoSSG2ySJbdd8OS1q5BOUrMA", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QH5A1KpZ3G87S8QMqYh6fFvfyRIZe5A72YqLusPd0QNg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzTJd8uQBaP83hN6bSu1Nq-Vl2KT2pJ4EFTY5oyF81us", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QZoH76lntl1uv1ful2aGaJto8DIh68J4TpTSzDNR1v6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QZi7wdOWfN0gNy1f9JNNdrzD5JyOJEqRedqZdlzRUjNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QZ6zmnKl6Sp7fQxx9ggSdWy3Eg24IudzCp6Jx3VMyVHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QYySzEZwi1OXVz5bPvlYiCsTTw-zsJEESPirx3rxWK88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QyOXWnvc9uJMCgsoNXqhv1S9PC16RRBncmAXnU_TlXco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QYmQExQUO5RRrdJqycF6DUR94HIgcr4kez8Zx-_3tgXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QyKSKKTjcxJqQNK7FOWsHaW_FpO8AwprlGKe5SfLZblQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QYIV6PufbnP4agrdaSg3qGnqSklT1RK-c9ApXL6Wq-Q4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QYD-Im8v4EqMNV5ER6v0IMsjGR1ridvIcBZrWFUWUiw0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QyAvjc34tSJyzxac283QEJeB6C8Br7M-mGpaIgY0HEaM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QYaSS4E0UMaA35XF6biM4t2MgDtDCB4IEEwiLfcy7nr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qy8dl25bU7iGRuo5_XzJooc4Pgw1fyUex_0JIEbgHHVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qy_jpw47mzJu5jiE3F5slQhvSQxVyzRk-ETn4ngHBz_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qxz7H_9VtyBQDdRTBgxpxc7_v7ONr5B_bsPUkKwlQkCA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QXtSz0KV9n_pCowc6ZCO6MsHfG73ZfdQefOZporwu2JI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QxObN4_HXZ08qt-qqoT3yzu0og-jcpYq991Jh-MeXjJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qxk03YLruiN7v3Eyl7_pXe0Lj4VmX0Njf_K5omSso6A4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QXj4Xx9wbeJVM8F8gJBXO-0-lXW5z-8FKuGIQqULUikY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QxGd9kWU-QDPfoJt0CP-ge2NDqXUeHjzuNDl36a0P87c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qxf8aMdeBT5N31MxWRILpTx63WCrK3PdXruUMxjb8Z7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QxekWLlsVUo22_KZVfLVnC-bCzobNQ5TIfA6ukQb2Tlw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QxE8VhnfN5rW9n_Bh_AICI1TO7dXpglivww3vx8kziSs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QxdhdCg9LX5zuYpABIg5GZ_DJ2wEJWHutO9Rn6touxcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QX6pMUitG83H9rWFqhAxCBbjSInUj1zbTL1WsBZJTdWs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qx4XTES717yhjFp12bKi-TWZXb_XftxZ7YjUU-r3bNFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QH-6P3bQ3WfYHFobz9uVCCPUU2awkfQs59Hq9Lf-A_II", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QH02XLF-wRjbAxOYckc3OPNBUfAXYF_cAIqOyTYu5gUc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QhkQJW7zRj_VC8zBPzltQxB0JLvYh2mnBDCeYnNZAKCo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QI0ULvsb01FNgH-_UIYENisVv0IIGBnvx7TbBYcFerT8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QiCB0pGDd_a8ubAjHQLfIV8Kz0MxFAX473C9EZ3alW5U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qid6vvJh82qGGELSKztIdMHnErF448q80GGd_k7s3e5s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QiK4SuwnliekNwBtI_egL7ZNislOyMJwiw80POPq0I94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QIlMSntFr78DJjQm4tojgZP_wiqy86UvUQzGqnEhXywg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QINDI9Ge2cMcVMUb8goYWiXfMnmhNkafZ47BzUpEbY4o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QISuJA9qCUnyHoIftfVJsLxDdGEFqD6Mf8xLcsfuKQ3w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QiVKx7SH0voVly9Z8UNZD0nknIpVjGLJdWYy9GfQeb40", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QJ0cCqY5Dn8AqpPsajQcC1x5g1AGCh9Xnzxr02FrJHh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qjat6QeuXV-pqJTXS8AxYrhsfnhMVd-E8SGxf-Bl-c48", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QJBtJRnWrGXwbsRq17m82A1NKpVF6IEbL3bA9uyzsZzg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QJGcmwoqXrxrawJlJPD1Nl0nzL7IbCmfVyNJrpnVQCbk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QX0x6j7a8vGVC9ArNTsRQ_5b30N7t4F9zoabUB0_mJRA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QwYv0K2RFLnR_3QqzmzHgRkkkq4U0IetKl2qV3Evwr8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QwRTxJ-KciuVAfVIzX11u3qr3cjrx-lUmqW-HFGWCC7w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QwGaEZrfzrHnF0vDfxSWMmvgGpZ4N5Qlaq_rTsoAmN_k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QVX0Go1kLJY86C86EO0Q4ucBu4nWyuipFsrR5Xj9jnrk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QVVl1SYQsncpLOnzx0mAIeDDNsnqDQ7dxX2pLgAiaDZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QVuhPaRdz3YfqkpsLpQn_cj14dt1rfxS9mqTqGamZMl4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qve1N4i9wK_3eg9e1v7u2IQEXFwF_n65SpBjNW3hfNDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qv8YUBDpuRZMhwzxrbY17fUqVignK2oTIFwdHtdA4AZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qv0EcRED0MNtSrNqC2Yo0aNhyj8LXiOHAhQEulSzUotw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QUUb2YXbUXy8KGGHCqta9aTDEvRGEnI_qqhirTRvqqD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QUTRTOFDViRjbwz0kCAH-oFlhVh7dkMK_17gSAk-MroI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QUozCBRFOCX0JCM8hJmNTyDRI0tg-EfgqzUz1WLs1Vew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QUjlaoy3PBHQAs_lgd2VK1GVMkhqNQoEJxKDhwFQ9esc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QUaSCJ4hqcC5dXbbtBpcdxjTXIzBLw9KvCjAe37nl-5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QTVxrTwSOb4YKbUzdEXHqxMmNX6FF-8arJMg5tC3vpD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qthmj4H1FPkiIvCJmbwCVIHATtl8UFVQbeUAyMbPOGs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QtE7d5nzlrhRLJyRqjijkFXkRpsxI1wg66mgOD-MPdAo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QJHT4cF67zFk5GS7VFIwiYcDbstdu_v_j1IpKUnUTnWg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QjjDT_mwDEzsMqH2jXqJ3CrNbHWPEFzfrnYse-NcEtyI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QJKrGz-VlhtbSr-1Iqoypv3l6otdOALusXrooWAuPMLY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QjyhLcsG8cyYizbyYl_GVAlc4RgZuIVpybjVx_WzTdwM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qk1PZz8WHmp4mWNacdACKFzx4x8caerzkfmJQQf8-SC8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qk4IL7ykogpuaxpoTQ99CRQIAlQ4KFs-HsgE-EF8JIjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QKHicnFJqUeakAXZp9CW8njzWCQtalVnoeATv-LxJXyU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QTdMLoXrHH-A0BNm9jSJJ9jQ-PZoq3y96wdu9-GWI1GE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QtaXfSCgGSkKd1LPUG5MHHjsnbLJCv4i5tRGZm_LgmVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qt4j7KDJDzzMyExmB_obGF6yeZq1gnaSfp2KJjFZCyC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QT35gQpuyHlCtr7pF9DGTeQD6CxVKr7uKHhCRyno0kf4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QSnARbGNlTu2V0qOdni82ZUJYDAJMpvVcUvTpI94ehJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QSlt7J_y9hwQegqjqgtupFQTBoNwbJAXAVWl2J3Y24Q0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QSFN-GE7GvosXfsrBRl-yqaIMAtHdB0n_mBapdhwDSrU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qs8gG4pCEfE97SdARn6tAv_wLhbWAePlS89hhrfs_vpY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QRXDp6qOwlOVZ1FbQkyKRBk452VLcQav-P6X4TQy62Vc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QrVrkLQtJS_qjBXhvcmr5iHNSZxs7p0Gk5JCEKHTx1Tk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QrtWDvlzOTDDERMNVamZts-NtQFHOxw4oOOt2NllBAm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QRRWXi9DSXHAmjCObhV-gV2OJqhKAH5sEk8FkEJuvGIY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QRLOjKq3KYsCTM6eaEfsN5hHI79skxqjjZhvYwyy-S68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QRKOpk8iU6ftPL2HQ7q3C7UrTlZFGUikV_4qeRi4lMpk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QrITjZcBcwWoBrPKfz8lN_RvQWubgAwkZZvprE2DeZVM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QRdE33UyaAaTGI4uwjc9DXGpWrOmkNV9_Iso0dQR60Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qr5Vv-Ktgv4ryZzKNVEj_p_yU17vwqOk_0pyriWVt3kM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qr2lmh7B4239oCtVx2UPBMJ37ivyvtpgJB8aHFPZoIFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QR-D2MGx3r6vwssZi8IiTuIehnHkzU8f5hUN9wfVKvDs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QqTtSnOFX9B2XQNwO8k4ZRl9zBetw_OKGPSmOs0GWtbE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QQiQvtfaCImrMTiCSAFzjoqMjSzJHYvOsRGSmtviBnO4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QqimUMDs3q1svtezWHLGq3o_vo9PW1js5vDZmfxjUYyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QkkLwMrR9ltAh2GqPj8xoFKW5n0BWGeMPr5BWEnL8mPU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QkQxlFi0zaSSmWr9AY6fuYIojsNn2-z7kPCJoCjlZbE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QL-T5fTN4iV39hQUkBqqkQh7Vl1i8F9IN4Gk_b4tK1iM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QL4fZ5DgHr6TJI9Xnx04jkP3o3QiLBEO51oZa-872k8k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QlDcLKGNHgxS6x2kho7b7oQkdpzcRVC1qXnNnZ8bSAHQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QLFamVp3UWE-sVrqgePaj2xnXaqR31xlN7JhX517T_Ag", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QljcpDjhl9RAw1DaIyhhlkYj6XhY4a0J5xZ2tCLrdL8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QLO7u0EzX_GTYmnWzPKoZZ-2tDfTaxkxpY1sg9NmNTQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qq7bW9idFI2lx5nn9wcvi6VDjlzd7ciaHQbJ3NEOK380", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qq0EFs8juyquxcbjre0wYS7yWD0kCUTGlCi1EJrwB8Cs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QPZOLD2voG493IXclwJApmholUVEFVzQSjLjlaDoIDxc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QpYU2OYkEcCJQ6cCob7vDojd2vIclxm4pNCZw1_xSASE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QpsGntXjmgKRM6BE6P_GVzSz9I5MzCDG1Uga1cVnWMUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QPFeyeooPJCUFjHqaevxmRWa1eBzcvU6SgScscQBpaYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QP5eq0Y6RzMp-B_6WE-Bx4OMDzjwBIAaTC6rtLWJImmI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qp0_U7v3PuL8cMSrlnK7S78oBE7N7cdcpu3fJmXLGgJQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "Qov6WMxW5gqmjo6RoxkZe8Q0uPJoUR0MXgDLc1TDcZNI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QOOtFjAZmXCvSFvqw-TzUWFytIVIgDucx-yoWjkTi3SM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QONBmZ2KNoZ098EaqTKlAofOsSnVtK_wjkB4SGSZ9fv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QOn7G08G7ZYibfJ7rGpuuxpV9TxlsGF9MnhuIXKbHsKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QOfOw473HUn00NO2V6fYpqkZWEwfzRXJpk7O9PR_xwUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QOCWkmxuIXRYmvJbaVmV_DVZgJa3La6vQ_KqcFw86M7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QNzX6C4lEWWSUJ9qd5-F523qHM9rFg2WDtnAZjvzpEII", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QNyABC-JM3-iK0N4DMJp6yWsMamMgZJfYKKI-ymXIWTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QNhODdK-0noTMQQZW3cnKyty2WFVQxTkzckveHIIa9Co", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QnF42EkYGCp6ZBALuqvANrcOBOTzrC92l_LlzTPRrWuA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QNDjQL2jH6Co7a4oiYoaTyoQw0V4p-Wx7lstal02WuBM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QnaJT6CmFkTrlTpyqQi8gVLQrXk4KEGqPWy1MIpIPerI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QMLK5r8cR38Ec2LHg5rO571ser6-3tT6kGl-BhaIdXKw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QMAMRT_XE_kvgLhUQH8hJ-XNWSNsIv0JxEfNwhz7e6MY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QLXs-PsbTaxriR6cRgrOTG6QPMsk2OCk-xAv7F1P93h4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QLvAVewTagQLqztD4WULzXEGq47OonJrkhld3S4BC-vA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QlrAdpqbgH0lC77Isk1tbNz9vV6CH5oRjE-q2OXd3AyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-312-x86_64-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp312-cp312-win-amd64-whl", + "id": "15904524876", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 29467694, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QS6kySKR8nn68nLAc_GonBAbO6rIHuIkHPnO3jhsz50o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cp312-win_amd64.pyd" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeXLpQVnnHqkVkXCwXR6SBpmttLhuiHTJwufKDs5Uoqc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qsclj9zm_hmEz09jBReIJBa_qka-GaB84BZBH2IYMlBQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeXLpQVnnHqkVkXCwXR6SBpmttLhuiHTJwufKDs5Uoqc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qsclj9zm_hmEz09jBReIJBa_qka-GaB84BZBH2IYMlBQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeXLpQVnnHqkVkXCwXR6SBpmttLhuiHTJwufKDs5Uoqc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzZ_q_oMNvGE_7Fq_k2mugIZ77hqLsehy8fFLbt9iigo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cp312-win_amd64.pyd" + } + }, + { + "key": "QZR8a6rpudB4fX9Dw3P0mC_eKd2auNKGHIhMwEpqayK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cp312-win_amd64.pyd" + } + }, + { + "key": "Qz8aM76JqvvlvtvUNDanBlsWkXXw4gjWyMadnrh53Eig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cp312-win_amd64.pyd" + } + }, + { + "key": "QZ6psOH3zK-lK5LRPfJISBa-ZqjAb63Qkri1EDbpxPQU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cp312-win_amd64.pyd" + } + }, + { + "key": "QyRX9F6MXjE4rstR053kp4680aXSAevOe2zLNrzhYsDE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cp312-win_amd64.pyd" + } + }, + { + "key": "QYRIfNneUkC2T7WY3Jn9k8NWRX92n7_H5vTQ4SVPDNoo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cp312-win_amd64.pyd" + } + }, + { + "key": "QYREvuTyRLuoS14UrOATHVAWabmGQx6vqMFy_bOr9u-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cp312-win_amd64.pyd" + } + }, + { + "key": "QYqVYo7pMbdDRkRlBRBxtXQ8oeRo9SXcmLK7q20eEWfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cp312-win_amd64.pyd" + } + }, + { + "key": "QyQ9uzv--xY-Bwb7IuBuydRrsEGcidiORsMs6W3sIykA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cp312-win_amd64.pyd" + } + }, + { + "key": "QYg9lngWxRuATnb_Lea_1MJQlDXGZHG7g-nGsW5XH1xo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cp312-win_amd64.pyd" + } + }, + { + "key": "QXXmGwOB3d6tDyv086r-ZGKhPtIeR6LIRZS_V25D07Kg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QXvlZt6QuGplS0TAns5hnI4N828WYGBpJZU5ojdE01S4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cp312-win_amd64.pyd" + } + }, + { + "key": "QXGe-FYG-gzNulzBdE_Zw0YJkYOrzL9D-ftpM2-asooc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cp312-win_amd64.pyd" + } + }, + { + "key": "QX4Rhbnqin32lmswOpzNeMOscnI0sbxKyOqsa_fFZDJg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cp312-win_amd64.pyd" + } + }, + { + "key": "QWZJDBxUjE8w7H9jcA2e6RKxYQ4hA6Q6cwtBkSPpKlhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QwXBSWcWt6RJf8KqXHRAvWJa7vZd-alurzJ7fKV-wVxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cp312-win_amd64.pyd" + } + }, + { + "key": "QWVCctq3goKJwhuhrWVn3Cj7MiVtX9Tnv2gw-NKDg0XQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cp312-win_amd64.pyd" + } + }, + { + "key": "QWrxeUd-EJQbc6jDfGgC3FCA0ElkZjYp7TJ2TEe0oM50", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cp312-win_amd64.pyd" + } + }, + { + "key": "QWOy2OEuWPSnX3OEMfS4bYSfIHU4PAPoJnfoNSYx-O7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cp312-win_amd64.pyd" + } + }, + { + "key": "QwOmqUmPGc8zUh6zdzhReC5X2izQorkxgonWgCsWXle0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cp312-win_amd64.pyd" + } + }, + { + "key": "QwNsLk9kZ2EhB4Gq-7X84W0ycPLPS5HqfAlYHeCE2Hec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cp312-win_amd64.pyd" + } + }, + { + "key": "QWF9q6_7t2DeUbXATia3QxkhFgUdNwLohgXS6Yp6B2xU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cp312-win_amd64.pyd" + } + }, + { + "key": "QW_OOITYBGsbZ8x1llaNCGFVWhepTBFg6aBiA89-Wl7g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cp312-win_amd64.pyd" + } + }, + { + "key": "QVzFNJk6FJyg9nV8q6x7oNZMsFccNb67H3sARkshoT7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cp312-win_amd64.pyd" + } + }, + { + "key": "QvuyuhYbevcrmXnoSwsvXuh8n70qchbh0-S9z3wz2bOs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cp312-win_amd64.pyd" + } + }, + { + "key": "QVj7hCabe-wEC2Oe0AAYVWpXcfof0zD1BwAz60147oJY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cp312-win_amd64.pyd" + } + }, + { + "key": "QVGtTzty0kLMOA1_eH1e4qjCm7hJHa1j2HtQzFiQFxsQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cp312-win_amd64.pyd" + } + }, + { + "key": "QvcGupyZAceqx0XLgHp1XfG2mGJmPCaXfKGAkd_-FiQU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QVApRZ_lg01ea_g85m6sXpkXhuiNO8wfjlV4HZWUJGpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cp312-win_amd64.pyd" + } + }, + { + "key": "Quxe1EKp58WTkdFOKKSdlbe6cFvnx1Qsbl-ZO7bm9LUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cp312-win_amd64.pyd" + } + }, + { + "key": "QtzwRGInsPP4Xnw7k7ItS-y9LyZ_pGa5emRpfxzBxoBY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cp312-win_amd64.pyd" + } + }, + { + "key": "QTpS0sn_6HEJ1YQ88j_LAoMt08R3Rvv9JyNL01eo7Oco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cp312-win_amd64.pyd" + } + }, + { + "key": "QTkMDUvCJ96mphN_hI5ZHBRv_QVze99OLX53HonYUU7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cp312-win_amd64.pyd" + } + }, + { + "key": "QT8XrHdE-e8agEoBavF9tIbLkPONYRtOxJgQK2Mozz0k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cp312-win_amd64.pyd" + } + }, + { + "key": "Qt_N75jaPWgnlstiLNUcn4Csbu1WurhppK22jXIo152Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cp312-win_amd64.pyd" + } + }, + { + "key": "QsyaEjCO22spcvaOgukxF8LeH3ZndKw1i3tXeklqfCTY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cp312-win_amd64.pyd" + } + }, + { + "key": "QsxvKqk69OJE6RwKaz8G57HHi3zG5UCX1jTo86R6yIp4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cp312-win_amd64.pyd" + } + }, + { + "key": "QSRyH3hSNy6Xihoyf3nUg-dOZf263NeDxcuA6ymD7ufk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cp312-win_amd64.pyd" + } + }, + { + "key": "QSrnIvw71q3SabmPF4Sc8fGtt68dGQPgMceLBYCA0LbM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cp312-win_amd64.pyd" + } + }, + { + "key": "QsNJp4sTD7MPHxYgbJDa8vYtd1Pvtx72v-ZSiUyvliA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cp312-win_amd64.pyd" + } + }, + { + "key": "QSlbhr_q7UR0CA1s7-Bz0W3JBK_Q6NF_97-YocF7q2ew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cp312-win_amd64.pyd" + } + }, + { + "key": "QsJc_5dh2y4Vd9zNUUKCDoiDQrhmFSKezCubcbFEBjSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cp312-win_amd64.pyd" + } + }, + { + "key": "Qs2PAIyzgMB007g30edZ8zsS3togAewdTtj33tyZ7EjI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cp312-win_amd64.pyd" + } + }, + { + "key": "QRY_2JlAHLVW-Dq1p_nIowplS74OLBoUvztI0U6Ko_aU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QrwCxbXgwTt4QhLLcbUNc0q22wXTMapQ1WuqGXy_MzpI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cp312-win_amd64.pyd" + } + }, + { + "key": "Q_0JTJfYSMM9Tuw9z8SMA9EK9sft4GIoa2uWXdez99PQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cp312-win_amd64.pyd" + } + }, + { + "key": "Q_q1vpZCCQN_1SnZ7RG46WZ8n0DpmMe2v5t9XgQRoTjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cp312-win_amd64.pyd" + } + }, + { + "key": "Q-4gPBlEzUX04EQkUXpQO6pU9fgoCBX9tjjRjDX7UXdQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Q-dy133f0e-5FW-ETAY_nzl33nlglZfrIyPwUAUHiXf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cp312-win_amd64.pyd" + } + }, + { + "key": "Q-ouhX-qNCBa2AsSwNDM-Y2__8KJmUKUqMWBIbaNitw0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cp312-win_amd64.pyd" + } + }, + { + "key": "Q-TbjyymnXnmHMLwgH2DkxOMmaTNdOuhSiJvdiD2strs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cp312-win_amd64.pyd" + } + }, + { + "key": "Q-xrhgM2OJni-tF5Af6ao7c92nhkGfx5AAIqCVex7UyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cp312-win_amd64.pyd" + } + }, + { + "key": "Q0FZqfPAUNZRu9jNJd0L-_KaZ1I1GtTZiYldglVbGzw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cp312-win_amd64.pyd" + } + }, + { + "key": "Q0K7hg_rAR7M5XrhlYymb6gElf2c0HUYrIv8t024UTjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Q0Q9JBCAj0RLSHZUXeClR91uvTOtUtv9eReCHaNxOsa4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cp312-win_amd64.pyd" + } + }, + { + "key": "Q0qhaWnyG6MZOUqJjuzhn_Vn5KZT06CO7_eJCXuwBWLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cp312-win_amd64.pyd" + } + }, + { + "key": "Q0QlQ-3jJfxkkusuaNX4VmOzOtwpN1lzUjqLr_WbFxzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "Q1C6SaiL38Kj9A4bU4E1Hu7gAsMt8vvG0llOm8oqA_B4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cp312-win_amd64.pyd" + } + }, + { + "key": "Q1JukPBsRszkzTyr7ZCUxn7ghWx-y6r3n-U4ljgEq66c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cp312-win_amd64.pyd" + } + }, + { + "key": "Q1V-DfQSpiBQCCdrSvFguTi3Xa0YtEYDc1O1dzBE2Lws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cp312-win_amd64.pyd" + } + }, + { + "key": "Q1wHVayglmbJEB4XhogwC1ZzHGnxATW4VXHqL9cr-bMI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cp312-win_amd64.pyd" + } + }, + { + "key": "Q26GVWJ638udcZfbxCC99P_KrpVXJJsDY3qTO-ooMazI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cp312-win_amd64.pyd" + } + }, + { + "key": "Q2gA0ValoQ1BcWioBxzvFhNGDEHy8exKk9gbL1d4z76I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cp312-win_amd64.pyd" + } + }, + { + "key": "Q2gFMEdgc1_Eu85JUXEDD70Kd_FvQS8xJg838Gi4LujI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Q2r0FW2hIQb9YQwZ_KnUiiUfu4GRorzrTzJhShsyuXRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cp312-win_amd64.pyd" + } + }, + { + "key": "Q2r2xNvOHMH_C_TI6FTC6TejaXovFQJV6NpOFXEFmhZg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cp312-win_amd64.pyd" + } + }, + { + "key": "Q2rS2OtkYQKYV98uGwKiqanaqyEORb5jQKKOcvk0ZSwI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cp312-win_amd64.pyd" + } + }, + { + "key": "Q2xsRuP283lbVXhCJBqjvw1ePjy1Pvhvq8mRA8969c5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cp312-win_amd64.pyd" + } + }, + { + "key": "Q3hm6fczZPZ1VoEcU7A_WK_L4JGCOSGHxlJsEKUCuU7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cp312-win_amd64.pyd" + } + }, + { + "key": "Q3N39Vhmdvh4Wpk5PevQo7d9GrvWB9El8kJRj6aPuUqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cp312-win_amd64.pyd" + } + }, + { + "key": "Q478DxwqpQxmT311Un3FwlmpN6Uz9A2C3ZF9LXt6FZ20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cp312-win_amd64.pyd" + } + }, + { + "key": "Q4W3pvN2lh3mOxsrHtIAVPTIz-Vx5H4ZqEhJjl4p7XAo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cp312-win_amd64.pyd" + } + }, + { + "key": "Q4xP0_kSDNcXvhB4PyevWfCfqTA7XDyEJEi4T2b4ovig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cp312-win_amd64.pyd" + } + }, + { + "key": "Q5-iqKeFRHt6rNfrHSid-dwgddJpfzGo9esf6tfDPTwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "Q5jMCoTcqOKoBu5wsCSCHiwukRkflKkVt7FJVt0hieCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cp312-win_amd64.pyd" + } + }, + { + "key": "Q5MvIwn49mkoMo2cwOTPwyocK06LLsMwZBgdPb6Qotbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cp312-win_amd64.pyd" + } + }, + { + "key": "Q5wIKrSbTJB-Mj4MfnnCRjN1ANH32_ovsA4VxDaHzO0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cp312-win_amd64.pyd" + } + }, + { + "key": "Q67a79_q_ge_9h31MU-h6Yl84DJG2wM-qvI5uFIGnDO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cp312-win_amd64.pyd" + } + }, + { + "key": "Q6KNsyM3tw7zrnlO-wv2Mdoikkr_jDAgU37AL8g43Z_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cp312-win_amd64.pyd" + } + }, + { + "key": "Q75vB82orGps-Gxoj-PsD90mXLrSY7F5H_rTuQR8gNR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cp312-win_amd64.pyd" + } + }, + { + "key": "Q7K_HzLMIKJD67woc_1umDyWoLbvp8UBjDwGcq2z0ucQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cp312-win_amd64.pyd" + } + }, + { + "key": "Q7kYAQ4Bsq7pPPvgKv82v544AxfTnWXok57Z5GrvT7w8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cp312-win_amd64.pyd" + } + }, + { + "key": "Q7tKr5a1rHGt0fyEAPFF4BZQ3X7lSt9GVp6-HnPyScNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Q7WeiS4hV0UQYsrw069F7fFNNz06NAAfgEhpZurcEpzU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cp312-win_amd64.pyd" + } + }, + { + "key": "Q88djPzzlcz1DI4zQ653dtoEpEAF4oe02BnUP90h0kKc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cp312-win_amd64.pyd" + } + }, + { + "key": "Q96e64TQhIjrE-T3IAiJDRno-Li7uDRoPdo8iOi1G2qU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cp312-win_amd64.pyd" + } + }, + { + "key": "Q97TJLMx6T86cZ2BzkenCn34NenhACInxMSdTbwne9Cg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cp312-win_amd64.pyd" + } + }, + { + "key": "Q9BAijv_0lhnLjWtBo-m57KI2wcIi03VXf88vLXE0Ur4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cp312-win_amd64.pyd" + } + }, + { + "key": "Q9D5UcCQs12Cbfm70X3Q53x05G0b537fNKWN0jMOB2VA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cp312-win_amd64.pyd" + } + }, + { + "key": "Q9GGp9TwgzU31j5PtS3XIMlQezMxZe_-9qT4v9scAp60", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Qa_IoTRYk7g_yBSUaBJxW1sK5EW4v9w73LY5e1mHopUA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cp312-win_amd64.pyd" + } + }, + { + "key": "QA-uZEqRru732crygGlQBHVUlkePZj18ZUeEb0jSw9oo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cp312-win_amd64.pyd" + } + }, + { + "key": "QA2NMP6nYgUkXgVHt8ESo02hmoSozvqn2msu9Ttd9ZWg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cp312-win_amd64.pyd" + } + }, + { + "key": "QaC3GkUhJM3N0rMO_KQLDgkCXpLMcCWJiJMdbEuWK9jw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QaEX721n9uj_tU2kw5RscbrHEw7IJsoPoYzOrqBb2Mh0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "Qak8-VLO2csLAON6P8QzuivAsUEWA5DFQqipTG8rj0Q8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cp312-win_amd64.pyd" + } + }, + { + "key": "QaozIxUqAy_varf5cTAPoT4Dj_DN0d1kbpg1Vn0nNuVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cp312-win_amd64.pyd" + } + }, + { + "key": "Qat1xccIgeDfeIcx7ojppDavsXHoszN-74qlscUAJlH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cp312-win_amd64.pyd" + } + }, + { + "key": "QaZ0RuFAB5YKo2x4gydTgoYsaLocDUjnaZHNLWo5FkHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Qb5lfbp18gVCEjK1zkRsfmpDSYhY_lP35xlFksbekehM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "Qb9fZUTZI5RA1L620uxFcokauJdDtmO08qQVt8O5J7N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cp312-win_amd64.pyd" + } + }, + { + "key": "QbCHWIjjK9Vvi5sOcAYQYV7tbyhFTBgwL6sLhqZpZhcY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cp312-win_amd64.pyd" + } + }, + { + "key": "Qbhj4m7PPTY_z6fgJXvCO0cs_CXUW2syH7aoflBLZ__Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cp312-win_amd64.pyd" + } + }, + { + "key": "Qbqtyr_18BY5191YfNCRud2lFyy1HssimdIQFDtnv-Tg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cp312-win_amd64.pyd" + } + }, + { + "key": "Qc1joA06r4I9LD7GTi2XcQ5pwxPNfyH7mrWB_f6KmLbo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cp312-win_amd64.pyd" + } + }, + { + "key": "QCbltrf9YbBcevtEkcOY-ssFTPsWcQ-MwQ0skeNWMqYY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cp312-win_amd64.pyd" + } + }, + { + "key": "QCDiJQQN_SOnjfEtNpkDriZV1hT2FUNbXrJrGG69SX2k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cp312-win_amd64.pyd" + } + }, + { + "key": "QCLfid3kyyD6av-7WCWtg984sUrAFjAGpmVSYpnh71Vs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QCtukW53N3n73vkHUYzf41ylOPdnuxMfmKUCtlRdOU4Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cp312-win_amd64.pyd" + } + }, + { + "key": "QcYxz-SCYkDLA9tX8RPTAi94iUy6bhKeIiUEdFvBLCSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cp312-win_amd64.pyd" + } + }, + { + "key": "Qd2YLJiDBo3TJwGq78dGO1R2n7jdGiZw8rd3WWRm8i_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cp312-win_amd64.pyd" + } + }, + { + "key": "QdiEeUlJyay2js0kQSxET8ZYLukzvLpQFcZMPDFU2Hho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cp312-win_amd64.pyd" + } + }, + { + "key": "QDmNB7Vo3Ubx6cXm887NIcXYiUdizRI9Rl29VvelrAXw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cp312-win_amd64.pyd" + } + }, + { + "key": "QdO755lTjxSVjhotxosWHpbLaiFq7JJEau4zp6ZlVdno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QDttBDHNDfhPFVSmhtdBqZDTeZQzzaNAoG-FOiMy-WHM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cp312-win_amd64.pyd" + } + }, + { + "key": "QDUjvyphfjXa6Rysrp0tR4tWDrL-iNRyLM9_wlle4KJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cp312-win_amd64.pyd" + } + }, + { + "key": "QDUSPU8MNkkJmnaikcHMaH_sB1qmMCi3UeZVUfRAEyoQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cp312-win_amd64.pyd" + } + }, + { + "key": "QDvxcbkBdXQejyByDwtX-QhkVkx2n6J5buCYDD4VdjPI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cp312-win_amd64.pyd" + } + }, + { + "key": "QdyXEfdR5VG58-FoCvcwekgMaKkmTU8AD6a712QCIXAU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cp312-win_amd64.pyd" + } + }, + { + "key": "QEDLllvX4FHqThlgFajjMOAMpfefPISuZjgC4rWLzsWs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QEeq2Gq3626d6H4BE66d5S_TXgGBayR0ZVRCGUuooRzA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cp312-win_amd64.pyd" + } + }, + { + "key": "QEm8S7eZOeaffvjNfBt9hUpFPJJS9iM3LUa21cHsyfb8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cp312-win_amd64.pyd" + } + }, + { + "key": "QEm9vkY907RIpQ9E-ttqcAXGOwdVH1VN4ezHvqkx3taQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cp312-win_amd64.pyd" + } + }, + { + "key": "QEO7oxwqfyQ3MuF5iTtaLDZHRg7JV1bd7HjSIWa4VqNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cp312-win_amd64.pyd" + } + }, + { + "key": "QEQZvRakz62Ci14Te-l8WXi3Ry_kKdYIx_i8eoxzc7rY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cp312-win_amd64.pyd" + } + }, + { + "key": "QeuFs76nPLo6RDefH1QbFBP4QtHsTlyrJd0aFtJeNbgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cp312-win_amd64.pyd" + } + }, + { + "key": "QeXdZXN0wxQQjrfD216IMLdY8HoyReoIn2-IbGJ5vXdo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cp312-win_amd64.pyd" + } + }, + { + "key": "QF14QmTw5QyJSKGVP-exiVCi92G6a1TrIGzYhedjlg5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cp312-win_amd64.pyd" + } + }, + { + "key": "QFEuUav6sGDhpxfl_0qD6tyrUADbNSjMFXXRPGXLfFmY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cp312-win_amd64.pyd" + } + }, + { + "key": "QFqUuHAv8PFYfxqv0CaUTSi8MBg8GAf7JNey56gxLEo0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cp312-win_amd64.pyd" + } + }, + { + "key": "Qfw9GgpJpe7sGdfEAjaC4aH-yZicSMyau61cPCes7wc8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cp312-win_amd64.pyd" + } + }, + { + "key": "Qg0t4wrOsgrxJeoYFZ36vznW8i0hRO8KFJlZC-9bxmjE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cp312-win_amd64.pyd" + } + }, + { + "key": "QG1usVDQS79S4UO3Gj4lHgkkCQHEg9eO7Gmhu4nj8wY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cp312-win_amd64.pyd" + } + }, + { + "key": "Qg5QM4SxY7tGrqDdIRSIgLf-X0VPWvR_PREuNHsOPXz8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cp312-win_amd64.pyd" + } + }, + { + "key": "QgIGgoDFrCstNBMd3OK8l7MSM0TJD6cD3lPp-joQb4GU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cp312-win_amd64.pyd" + } + }, + { + "key": "QHXB6ryn1HOPmXjSPvEURm8YYL6C8qZ1TEFB0t6NMd9Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cp312-win_amd64.pyd" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QI2LRv7U_kXT5C9tKVfggM9a_mb_qNDsMX-dhSf-PUeY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cp312-win_amd64.pyd" + } + }, + { + "key": "QI3mYmqaILIOit1vpHN-iPuDYLnyfMBHWEaJJNQagGc8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cp312-win_amd64.pyd" + } + }, + { + "key": "QIEVt9lOjT9Fgx66bbaBb9QwKB6lCzyEkLLV9lHI2NzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cp312-win_amd64.pyd" + } + }, + { + "key": "QilF67yOAg5QZ5NUZqOjqAxxQ0twzmZFCQSOMf_G7hS8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cp312-win_amd64.pyd" + } + }, + { + "key": "QiO7KFj-jJDKlkoPood231Dy9d4XiW0ZxYGUhCXpB9t0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cp312-win_amd64.pyd" + } + }, + { + "key": "QIR9v68k9tnUSQHu1U2EcqY7lr8-tHaVL55TH2wiSAJQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cp312-win_amd64.pyd" + } + }, + { + "key": "QirXe1123pAZply4SFmFM_VG4Indo7C-_laaXbBEHBg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cp312-win_amd64.pyd" + } + }, + { + "key": "QJ9W1p9PXuaQWz7HnT02napvTAsM6LAn5nWmHwyNqeg4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cp312-win_amd64.pyd" + } + }, + { + "key": "QjA7E974EtkXs5Bv9siC7GUI8vekkfcAQ3b8uWEv46sM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cp312-win_amd64.pyd" + } + }, + { + "key": "Qjc3g0d_Ga3DT1Ml2OZZ6YS9tpa2Ul1upmvDiq10rKbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cp312-win_amd64.pyd" + } + }, + { + "key": "QJE-DMZ-lAmDr9XLJ5XaX_gtIgaEea4L97M8uWEJ_Yyg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cp312-win_amd64.pyd" + } + }, + { + "key": "QjFNxDEiCZittN4Uc9S3sr9bMDhHzAkVMyllsPJEMp1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cp312-win_amd64.pyd" + } + }, + { + "key": "QJIYdguzazHVAw4fZkiYIa6h5goCoZYXv3DYvrecyK_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QJQWNSzeOjNBcmnBP3aw_pZfjefaOl_pH60XwRWyuRkY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cp312-win_amd64.pyd" + } + }, + { + "key": "QKMvrtfs8YhqrTGNnjUvnAXll9DzdHCd7oLez4W5ayFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cp312-win_amd64.pyd" + } + }, + { + "key": "QkOFAGuh67VssOqnHWkwxAnvCsSLJH2qMjweQQOGsuG4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QkTtScRqXni9OEN6OQgaNyz4NKqF60CJ5iWjbKECsfWA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cp312-win_amd64.pyd" + } + }, + { + "key": "QrRZFFFSWK6aNadmh_RH0lELiW9OqVGOQtoTdlg94dhU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cp312-win_amd64.pyd" + } + }, + { + "key": "QKWd2lKzkUfGAcKPIhqXhx3ggWuuaWrxymzR17Xobl3s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cp312-win_amd64.pyd" + } + }, + { + "key": "Qln_Qhemha5_lYBDn8WvntgYqY3rVCjhBeAoqj8CKGvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cp312-win_amd64.pyd" + } + }, + { + "key": "QLoiNHm0qmvtNKPVqIPu2QJ0iDh9IGBTjRpucbHN1K2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cp312-win_amd64.pyd" + } + }, + { + "key": "QLT9-JsddQ2Sw8iUS_krZ6OLmZnZEq76R0_ApokU22KQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QmbptTZtvHhUcH5lz9gFH-eh4SIKeXjAxbLrSAMtErJw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cp312-win_amd64.pyd" + } + }, + { + "key": "QmcB5gh_LCllRFVeM9MaAkQJG5J_BmqBUCPVY8qBNDOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cp312-win_amd64.pyd" + } + }, + { + "key": "QMe6WzvqLq0qbBvRjO234EAHT8XgnYDhxOG9sEoe-yI0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cp312-win_amd64.pyd" + } + }, + { + "key": "QMFPuI0ix6bGs7OiUDWzkLUTSdXxqGE4KWsLgjJes3Gw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QmLthN3-B7bsOLoODBC8ALY7DUZjKIcCzJPg96FDcAP4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cp312-win_amd64.pyd" + } + }, + { + "key": "QmLyEQrfEQEfMcjMsz9i1zYOCRq7fSdXbMLZCpTs6E_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cp312-win_amd64.pyd" + } + }, + { + "key": "QmMotjvWm-UoZyIA0MBWauDx8EfqyqJXNOX2vZKxH13k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cp312-win_amd64.pyd" + } + }, + { + "key": "Qmsqo3szWtqqlEi98BwRB7sRVmC9pCHhI8Y8nZgBMtJQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cp312-win_amd64.pyd" + } + }, + { + "key": "Qmt06Ebx8uvYJLEbYc-II8g01S3ehn6gqcXj7qVF_qlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cp312-win_amd64.pyd" + } + }, + { + "key": "QMvt7meRwFeM0wwxoM6KEfsLbGlvcNGR9mdCVzrtKP2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cp312-win_amd64.pyd" + } + }, + { + "key": "QN1HUtnrZusVIlBDgpnMENNsMiEDiAUShF6AXbhvYXAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cp312-win_amd64.pyd" + } + }, + { + "key": "Qn27FUS78csF2ShUeWjpc1qQSgFvlne2xQHk4oHlsGos", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cp312-win_amd64.pyd" + } + }, + { + "key": "Qn40DtQwZQxqQEcbOgfyJzv8dMzfGPaN-klW_Jxh-PHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QN69Sh-BwpWglesjhTx_PQX-IOHfb-oW1JiiYlkuwOJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cp312-win_amd64.pyd" + } + }, + { + "key": "QN6GzDmogklkNTe39CCnZJhSTmHP__uCKgsjsmTqxTF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cp312-win_amd64.pyd" + } + }, + { + "key": "QnGVFzUFg3SgQTDDzGleW1ZLPOtbmuyDu6glPaFuB7R0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cp312-win_amd64.pyd" + } + }, + { + "key": "QnhLFvBlUyMcGQK6FOKM809SFHjgxUldzPMH3SvVzMh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cp312-win_amd64.pyd" + } + }, + { + "key": "QnOfLu0IdmGlHyolxy771-2h_6gNt7Ar1CGHdsmcUkgQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cp312-win_amd64.pyd" + } + }, + { + "key": "QNQIFbMZeyZ8vs_a1pd0wB-h-E_5Nm4qd2PNkvbIRxqU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cp312-win_amd64.pyd" + } + }, + { + "key": "Qnv8-zNP1W7f9YtXgfGCLAogD5gfp-LkaZ9UkKU1ak6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cp312-win_amd64.pyd" + } + }, + { + "key": "QnxKg6Fl8_-IDJ0IdOMBMZd9YAR6g3ZifKOcyIm_IbXY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cp312-win_amd64.pyd" + } + }, + { + "key": "QOBW6G65NoNMcPsGQN3d5lgR6D0syXcUBo4Nglp9wHn0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cp312-win_amd64.pyd" + } + }, + { + "key": "QoIdTUTIYifVuFCbAcA4Jtx_8KCiU2D4RfrzoVW7pZ8g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cp312-win_amd64.pyd" + } + }, + { + "key": "QomIF9Snd08_a01Pf463j7IQEbDIQIO8V0HFEmOoO3zg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cp312-win_amd64.pyd" + } + }, + { + "key": "QOo-SqDjne7J4xHTFGCxzqak7auuWbVHJfsgoSyPVReM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cp312-win_amd64.pyd" + } + }, + { + "key": "QOOrARdlzKfgBogMdtFLyVHQJKIlNdyLccgCA33fJbh0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cp312-win_amd64.pyd" + } + }, + { + "key": "QoorMQTQLJte6d5fSkBbNpNwevapTcadh8FXcPnxFiSs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cp312-win_amd64.pyd" + } + }, + { + "key": "QoOXQPjoN215vB9IUNb7VMFV5AZT4RGIxUaDFsUGH428", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cp312-win_amd64.pyd" + } + }, + { + "key": "QOQD02OqRr8ZCsWA6wiO0AHDEPXIqvbdR_nRg9caAQrg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cp312-win_amd64.pyd" + } + }, + { + "key": "QoToQG6MtmrOrU-1D9BVpRPzkaMjLW0tTyeUbUAAYUY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cp312-win_amd64.pyd" + } + }, + { + "key": "Qp2m0PUNbl0SPIhjpS9W9R2FOLOZ52uHpHWTqY_kK-10", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cp312-win_amd64.pyd" + } + }, + { + "key": "QP3voxCnNl55R1R4AmEcaoxx5Di6I9B0fbzbye01N7KM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cp312-win_amd64.pyd" + } + }, + { + "key": "Qp5UuTDSIIbDrrHLYB6xNWJvuR8Tfgwp_iwjlgrZhMxk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cp312-win_amd64.pyd" + } + }, + { + "key": "QP5wtaafhqKY36V_f_YjKl0GOYIXOMANwiY4h2EQ9P2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cp312-win_amd64.pyd" + } + }, + { + "key": "QPJtnP18NxTb2Kk2eUlqAjSuwGU1TRrL4q_zGcmaVWz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QPZ5nWs1dROwfrJpxs-_8TJxcY3hA6PRa07d7m2_if_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cp312-win_amd64.pyd" + } + }, + { + "key": "QqBsRam87f5zAiqirw5ALP_8w0nRGW3a0yTo2vnuRrIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cp312-win_amd64.pyd" + } + }, + { + "key": "QQCqtqMQsH7a0-XozrP-j2BnQHXdWHP1Ehf--JvoQhmU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cp312-win_amd64.pyd" + } + }, + { + "key": "QQe0Mk7LqnQrWrYFkI06tDZmKMpAzA2C3GdVyizkAF8o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cp312-win_amd64.pyd" + } + }, + { + "key": "QqhQWMJyvWYupMk6AY7xznnqm60mTGMILPs5iU97PbNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "Qquv6rI_lrdiqBJKk3yd3vbh_Cbr-cxqIRrXn1CntdQU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cp312-win_amd64.pyd" + } + }, + { + "key": "Qr1S-WNmpc1hJ4Hwd_mBFyZYeFqhAXbHvJYUeVwTcZP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cp312-win_amd64.pyd" + } + }, + { + "key": "QrEVhOxEST0z1-7hIoItmIioKxhSzvonUXs60kTptRZk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cp312-win_amd64.pyd" + } + }, + { + "key": "QrG8LE-qTeN9Ou6bhWv4QF57ZPGyt5G-whRPgXnpQCC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cp312-win_amd64.pyd" + } + }, + { + "key": "QrihzE6gYXS2r7_SH0SwKh00EG-UpqfGNR6ZRL5phftw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cp312-win_amd64.pyd" + } + }, + { + "key": "QRjfkpUzJQ8bsXsPzGnW8oIL-xP3OPsvUk4dXSa7I74g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cp312-win_amd64.pyd" + } + }, + { + "key": "QrM10ru7jF4DiNX5hBrPA1F1z-qaeEof7d-lAgBcwuiU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cp312-win_amd64.pyd" + } + }, + { + "key": "QRqpFcFBKZG581HXElk8tsqrtNe8wArz8SCRNPUiXHuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cp312-win_amd64.pyd" + } + }, + { + "key": "QeXLpQVnnHqkVkXCwXR6SBpmttLhuiHTJwufKDs5Uoqc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeXLpQVnnHqkVkXCwXR6SBpmttLhuiHTJwufKDs5Uoqc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qsclj9zm_hmEz09jBReIJBa_qka-GaB84BZBH2IYMlBQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QeXLpQVnnHqkVkXCwXR6SBpmttLhuiHTJwufKDs5Uoqc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfinegrained.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QkWNNDDk7Y7b-e6Ihj0CQ5KZ5mR7Z5JGuFOW4yk_PtCQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QrvaOJhUF_-zg3VaK2CR9Yl-q0HNQqgVyHy0EbPHAHkY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cp312-win_amd64.pyd" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qchp6G4c16cLteW-wWgRd5Xk9MYSwgd17Uw0pnY6g4yU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qgp04F48scQtraomCkYlT2rz2UJXyC7oY-wf96YIv314", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp313-cp313-macosx-10-13-x86-64-whl", + "id": "15904524877", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 37038309, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QF_gRixs-vgoJmgoBabho6teUHT6K_ZBqMPjgELHxM6g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QexBTTuHZdDAg-OlJZHR3xlD2-KqjDBbEd8aYiEs18S8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-313-darwin.so" + } + }, + { + "key": "QeWRGdTG3n8pIwBVmHHBHlv9Pg_Cn2-afSZ4k8so-xzk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-313-darwin.so" + } + }, + { + "key": "QeVOzNfjHWH5eDZb2AH2eetm_2VSLEkE5VSgVs8AjzAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-313-darwin.so" + } + }, + { + "key": "QesG4AFFXsTXNJ4UPxXGPT5rYPdunS6vpuRHQUSXe_-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-313-darwin.so" + } + }, + { + "key": "QeM-pDH5Yrj_GJ3P5wj1QQl3wUeKigXklnKC00TN1JAc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QEBvTTS4k83VyLo3ltuK2-MMuFRSXkQmJD3lDF7aSMqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-313-darwin.so" + } + }, + { + "key": "QEadyeUOpa7KOmMykUdQWWCTJ_0JUDV3AtF8NX9B3AwI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-313-darwin.so" + } + }, + { + "key": "QE8OLmOBAKpxXHRNfzFVMSllUfc_FpBjoYur12Y0iIQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-313-darwin.so" + } + }, + { + "key": "QE8CMaatjcnbgnMBverG0F4q9wltecTUtdAQaSzoM4cc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-313-darwin.so" + } + }, + { + "key": "Qe7dpYVC15P7lxrCqJFBzrfiskZjXpa_n7tNkzaGQAFQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-313-darwin.so" + } + }, + { + "key": "QE0EXNTOr0dW8_UD9lMtdK7-7biX_LRSvs-o6glymM7o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-313-darwin.so" + } + }, + { + "key": "Qe_tVSZLgDJPvkT4Y7bRzDpIjtGkp9gQMT9KZ3uR5HvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-313-darwin.so" + } + }, + { + "key": "QdSYXVPXFGj7AtbbSpSnLLuZRH_K8JOUkND3NVXkw-P4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-313-darwin.so" + } + }, + { + "key": "QDmQXU2kHtlZQZ6Ia8SxpxsHEcNjl2L75_oXLEJewV2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-313-darwin.so" + } + }, + { + "key": "QD-SWH8PErgUJ4p7_GCvBpcS5BfMnmOQiBvMVaDDqbfI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-313-darwin.so" + } + }, + { + "key": "QCtAnBlUNlOuZ18ciVkSNBXPpoyL-gJIoB6ug7GQL4cw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-313-darwin.so" + } + }, + { + "key": "QcreaSKxi8jPvzYeb_tfS69rrM4xPt7lzSFHich_EooA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-313-darwin.so" + } + }, + { + "key": "QCMxl_DM0yAVEGXuidHytGQfQWJGy-xwfuqnQ9wt8EUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-313-darwin.so" + } + }, + { + "key": "QcMCW_AJLUkqXLgjxw-fENXkAq9j53OUWYBl1dlma1O8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-313-darwin.so" + } + }, + { + "key": "QcgrgeFRCN5egMm_FukN0oJwQXX0HBWPPL2e6Y0AfBMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-313-darwin.so" + } + }, + { + "key": "QccIOfap1JWQ0uiBEy7O9otBcenNVWJ9ZYI-ZenBFZyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-313-darwin.so" + } + }, + { + "key": "Qc9Ue_eLu3NcpiBkL2pntNQ87Vo7QjJhauabPOlRQWhI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QC-OxfY2yzYngABt9S1k8nk4UjQPQiBxPyPezhgsoH1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-313-darwin.so" + } + }, + { + "key": "QBzwvEz0hFd5iP3UTt9i_Hy0mRoaaOmyRBvF4E5zJ0H4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-313-darwin.so" + } + }, + { + "key": "QbYpkRkyM5nITj7OlVcwhh_ddq5_Uipff-kdzqYiJIQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-313-darwin.so" + } + }, + { + "key": "QBUJtf5Hv-lMglmuRdA2BPNiQRSWyNOVo_GjOI4hNleQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-313-darwin.so" + } + }, + { + "key": "QBMIbDOKbO7e1YtiGsymP3WJHwHRp4K8NqExyZyKTUU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-313-darwin.so" + } + }, + { + "key": "QBKvRikBGZ_257kE9NAJcrjuH1Z_Ymm52_nD7wetSnLk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-313-darwin.so" + } + }, + { + "key": "QAxhBXn0xWAmid50lnp9za7nRcGbndeya5ErZMl-Bcts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-313-darwin.so" + } + }, + { + "key": "Qat8hO_Y1hQpvx_vvLq1fdItaoBnxQVCnKHebsQMclXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QAsNijOF9ObT-uzmawxAuFt6uw2mKs9nV3cD12zEZR6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-313-darwin.so" + } + }, + { + "key": "QaP7JZn54BARdIODy_XVwPRrVNbLlDYcILmY7-F5aVF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-313-darwin.so" + } + }, + { + "key": "QAkGzd2qFtQwWck_xWz7l41dZ5KgYmfrgfyJMQe-omFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-313-darwin.so" + } + }, + { + "key": "QajSl2L9iSJAWinWegJG9E-rlGOciXFmzYFkM1vNff-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-313-darwin.so" + } + }, + { + "key": "QAIKELskHN0VyGaQrncw1HZl3_1cMAzqbxWjZ-FyvzWs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-313-darwin.so" + } + }, + { + "key": "Qa8ga_Rc_5ATHQTZdau5YRDsXHK1mG37YQz31xHQ29TY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-313-darwin.so" + } + }, + { + "key": "QA10myv27TEvLc8oLL5IhURIpROkP_aoc1fTsP4fYwg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-313-darwin.so" + } + }, + { + "key": "Q9SUZwHioDZAVpPIZ1CkTWMWUunuSWMWxfhyHZPiexxE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-313-darwin.so" + } + }, + { + "key": "Q9pdhk55140Sq0mWGAolp2MapJgXKCIUpenW5Aea_ZbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q9MhicjB8QEH0pgZzIvyg2sJKR5Tgs76vlvj8uB1_j9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-313-darwin.so" + } + }, + { + "key": "Q9HXg9Y5QRyvB8jFh718TGn6IFwPx_1WRhjvxmlJZ-Qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-313-darwin.so" + } + }, + { + "key": "Q9g7AUxCP86DtmM0DLHL4xVGMsOMm23ZRb_5nrqtAguA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-313-darwin.so" + } + }, + { + "key": "Q9azL9MmFkD5Smw2tg2V6f5uiUICzbUtAZXegDdcTydQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-313-darwin.so" + } + }, + { + "key": "Q9ammUIOTf4zRHf--aW7mtx4ORnx-fa8NBgkIZ8p0oaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q96Bqms_gaSyOW1WRH4Fa9N3b5fC-FZbrhWJtlYvkuhM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-313-darwin.so" + } + }, + { + "key": "Q8ZFGDMWcDvygyxZgPjrI_Cc2fxYTJB6lhC3BL8vPkM8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-313-darwin.so" + } + }, + { + "key": "Q8YJ1Dn3tXtRHmbUSdGGld4vrvhXobcc-l9gpulqrUi0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-313-darwin.so" + } + }, + { + "key": "Q8M7IG7Iw6HdcysBUgY_QpCM18JIDU5LeugjCx-GTorA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-313-darwin.so" + } + }, + { + "key": "Q8_q3KN4Fh0LIVCU9l1AXqxQQBeL_hhfVsV6eMi1hmzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-313-darwin.so" + } + }, + { + "key": "Q7yNBe3Er_DvhIg0al-ky-iHg3RY4iR9oDeMoncFtQVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q7IqTf88YRF-UDy0p-G6xmiBc13YeaXENY6iTNr2nRC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-313-darwin.so" + } + }, + { + "key": "Q7aM4W4yzDQJSa5sXtboRYW59OOUY8o8-St_bH-uqRZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-313-darwin.so" + } + }, + { + "key": "Q68JhFnJDziP_0WnRSvAA-MRqKhIVnuA8iXirB3SdS-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-313-darwin.so" + } + }, + { + "key": "Q60koAPTVEox5TCPDiPTahE3R5idB9jPQ_thSjrY-Dp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-313-darwin.so" + } + }, + { + "key": "Q5UmgR9oH4Kwppclx0h0Vn2xuprYnHaqsnPLo-ai4jTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-313-darwin.so" + } + }, + { + "key": "Q5c5WOUJ4tGzz-At_ivofNw_S_my9epkNPZYcAM6Vw0g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Q4ESQWgOMXASHWUBGKsLQJT6vJH9QDbPYQn2pG1GXveU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-313-darwin.so" + } + }, + { + "key": "Q426333pu9ft4QWe_ibq62LLgwX7VA1Y9T7h4vLVfvBE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-313-darwin.so" + } + }, + { + "key": "Q2NYkESiZmNPq5yDH_IB9ntRpv-HPxnN6ACbvFDh40FY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-313-darwin.so" + } + }, + { + "key": "Q2kuqP7WXR_h0gGp-IUjUlSO6akzVWOCd2YeABFFcV-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-313-darwin.so" + } + }, + { + "key": "Q2DSdBe-Sm6FKSe1O6ZFDVygyYptlDQRlcDnFqLIawyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-313-darwin.so" + } + }, + { + "key": "Q1D48pTLaZ3kj9tksEB0ycp9PvGmCbk376cwmiWfsqj4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q1-KmuF23VM5PUYDr0MLxhLCLPsUA6yN0lNQIidYAHZ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-313-darwin.so" + } + }, + { + "key": "Q0xkK0EIPBgTKWv9IWWfRQ9UpnReqK6Z1-xVlKfFbjyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-313-darwin.so" + } + }, + { + "key": "Q0o9wy-I3caDkcy3HxjFX97gxC1fywJiwwjOtchMkXRk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-313-darwin.so" + } + }, + { + "key": "Q0H8pPvtkrAXSZp-q3he8kWu8QZ0AuZzd1ZS2v4g7cIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-313-darwin.so" + } + }, + { + "key": "Q0adRS78kaz_co1IZYFWUGcR7CF6GQSKNnlxZsajt8pY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-313-darwin.so" + } + }, + { + "key": "Q-Vlbj7gWRNpvf9Pj5GB0lnM43fsykX52AY2YB_JXvak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-313-darwin.so" + } + }, + { + "key": "Q-QZBbFe1m3fD80wBGzyInjHaTp1MZvJ7dzOjL3UrCKk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-313-darwin.so" + } + }, + { + "key": "Q-ep4op7OxxkK1f08QP5rA89J_mmabDvypjPyKkqqhg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q-1ar-OQo_cMH-k_g3iMcpsXmfIHN3OO1dxZCD4fB6y8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-313-darwin.so" + } + }, + { + "key": "Q_HZSWB5p9wXXkZZqXFwrC8mqCR1C_WzJTX8-7vyetVc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-313-darwin.so" + } + }, + { + "key": "Q_eQ3dCMgk-72tK3A-MTNJYRboOzkP0xcUUQ3lMjJA_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-313-darwin.so" + } + }, + { + "key": "Qs3XJo5QoNNqO7m1e7wzSyAjDjAntyREeKc5FfCMNkDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-313-darwin.so" + } + }, + { + "key": "QrZgYyQCQHu7Yijr_HsKXHyE8nA6cKmsLmiliq0X2Nkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-313-darwin.so" + } + }, + { + "key": "QRwNKbXxTCuhcXxmlQGc6FiRzGSljcT5g-vfNDAdWaB4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-313-darwin.so" + } + }, + { + "key": "QrSZ9H2-N359HItdC8JLNTHNi9wLc_2WGvqAmhAz499k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-313-darwin.so" + } + }, + { + "key": "QRQjFpDn1RzgFnA_683B7Ua_HodbLWUOi9nIDTESHLl8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-313-darwin.so" + } + }, + { + "key": "Qrpv5m0eB92AotfbDHaHY7kH5uO3fhtnFtmEVYzynJtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-313-darwin.so" + } + }, + { + "key": "QRPq2kriXlG80QNTYuNzHSQkbdjJw8nDExx9xFgm5LsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-313-darwin.so" + } + }, + { + "key": "QRIXaEd5_IOckAuhnWUaQ1sCOYEmX6u7Zo-Q3nj_U4MU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-313-darwin.so" + } + }, + { + "key": "QrFcMFz265Su6Hvwpi0E-zmeQJK_ybOP3a6-BuoVH9i0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-313-darwin.so" + } + }, + { + "key": "QRA7scqTSTNmJ8zlB1kzTuQnddm1ylDu9YzjPDUwDv80", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-313-darwin.so" + } + }, + { + "key": "Qr9bxLitmPCJEXzK6LNAcd0PhD73FRFTsENhUU0i_mAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-313-darwin.so" + } + }, + { + "key": "QQVq_fHXB5VTWwWIEEgpYZntCq-s_GnXQ8lZFZFLf2OA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-313-darwin.so" + } + }, + { + "key": "QQqikl_DPuj1JY6dZ_-k3VaaBLTHp3E5eCDjpW6piGGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-313-darwin.so" + } + }, + { + "key": "QqMRdgqObbD6q-okuMLOs-VJNeOOk8lxPp2rxXONfPcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-313-darwin.so" + } + }, + { + "key": "QQDTCi8C1lPqjAXhcVasuWk7d0mftDAnNbQ-r_ePM-_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-313-darwin.so" + } + }, + { + "key": "Qq8orkOZg_DiwjLF8QjQtiReQ3Rtrydbq60x8OrsyqxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-313-darwin.so" + } + }, + { + "key": "Qq677yC_4AAkJF9QSDk4VbYtQw3M4VeZ0tbNf0crem_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-313-darwin.so" + } + }, + { + "key": "QpuzTZxShDwHxABL4NxcE77H7XKRjZ43BaQWJ-qeafJg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-313-darwin.so" + } + }, + { + "key": "QPuHa_dsENus_uhcQfcYFDPKyty9AMH9hLOErpeQiBvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QpUeRoKPp7GDOBx86w_UxB6927guH3QGyFR8-rtd1_zI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-313-darwin.so" + } + }, + { + "key": "QpoUdeXlGyJ-9WJGNFLo3Q4Xp0T5dJ3i01RC3lgHxl9E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-313-darwin.so" + } + }, + { + "key": "QPmqdpVI4oD1qyIkVo9-QXY9REeIWzCi8yKokJ3wzGKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-313-darwin.so" + } + }, + { + "key": "QPH38ksxjDbTWblDpfJdAJH9W6jqsRIBjtT2yH2HWN_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Qoyt9bpHKr1LYq2-IyOtjsXGmq3Ogut29EmzHYqL5Yu0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-313-darwin.so" + } + }, + { + "key": "Qom7LYQBu4c7CMR7-zR9pMiKlazEHMATB9M-TExM4lkM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-313-darwin.so" + } + }, + { + "key": "QOG3W1OTPFKKY2OSVmtvfU0Ktrf-hJERWATAGbYPzodg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-313-darwin.so" + } + }, + { + "key": "QO7CDz2yBzPKnqD0W0P53kcXPv1prJhpSlbpB2iLjUyg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-313-darwin.so" + } + }, + { + "key": "QnypLkEYJrQt9vXk4brsPFG7TZjMDSnf3Qie5lSFlmvU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-313-darwin.so" + } + }, + { + "key": "Qntxv5UUf5DGiwe9jB8J4ScD3odVD8JPOF0sHBwlLCAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-313-darwin.so" + } + }, + { + "key": "QnSQX7uf1gFd51kx41GMmdgyLznKbfJnkTuzgsnSpczw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-313-darwin.so" + } + }, + { + "key": "QN4ATqN3o1MCSJc7f2dKq5RfiV-cE4QJCrZoAUsx5-xk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Qn3UnH9qKVL3Gr5DE7GDHzokl-dR5Xr_bQlO5D-T2_N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-313-darwin.so" + } + }, + { + "key": "QmtKEeHo4LMIrKWdUzOq52S__7vn9bivwZ3kqmHGlmko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-313-darwin.so" + } + }, + { + "key": "Qmt-pWuCmTVl8spKJciEMadZGxJZ40N7RKng-zgfrZsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-313-darwin.so" + } + }, + { + "key": "QMfGdo9sQTHly6Tun2EJgu3FO6-l16SRMZ1Vku5K7sgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-313-darwin.so" + } + }, + { + "key": "QLxF91sqRTXu-XS5trkR0VY4rhAg3Yk6E0_HP_hNzkJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-313-darwin.so" + } + }, + { + "key": "QLSkJJS_lyh9XqoFZ5chVLwnwSYAM7HyNrycgAy0jrJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-313-darwin.so" + } + }, + { + "key": "QloTiwV5q7VIH_UWt8h46e-PvuR7NtUG1yjI7-SE87Xk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-313-darwin.so" + } + }, + { + "key": "QLNzYu-RU5ENmghsrskQBnrGtm2M0gBwumw-F01S75Eo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-313-darwin.so" + } + }, + { + "key": "QLMBVXayeSdmqgPVgNrnv95MZciaNzVlH5J7dupAu5g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-313-darwin.so" + } + }, + { + "key": "QlJPQoAmUSneJzxO6lejudYU5_JJxZzTVVACynqMLE8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-313-darwin.so" + } + }, + { + "key": "QLG_7hx0OcDGO2OHp1YXVk-TQs5ThM5hr0C2gwAHE3G0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-313-darwin.so" + } + }, + { + "key": "QLAsyXDZA8IncTXZFJTahe6P3fLd69l0jphE62W4gp8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-313-darwin.so" + } + }, + { + "key": "QLAQ7xJw-TItDrxjAJy3siFuLrNz5UN2EVopFG-worPI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-313-darwin.so" + } + }, + { + "key": "QL7Y8SqdkJaiXylmXcNtWsMsb_9uNRmiKlhNTXJNxdsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-313-darwin.so" + } + }, + { + "key": "QkxfhJAQWM2r1Zcgg_PVvYzZW8sIfFDejgplsL4USPps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-313-darwin.so" + } + }, + { + "key": "Qks1jFlB7sge2mwH_uEbm2XsyB8AeIcE6LeY0UZ8smJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-313-darwin.so" + } + }, + { + "key": "Qkr39mKi_QQieu31EAeU4Ey72Y87BhEDNWTItB_3pYIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-313-darwin.so" + } + }, + { + "key": "QkKSM9UpqS53PHTtTpULPhpHcefv0gbjsFmXjYe2NLzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-313-darwin.so" + } + }, + { + "key": "QKkRLf_vMXLyOO1aCZ4nq-is8UT6YyywGXdg3nGcfx4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-313-darwin.so" + } + }, + { + "key": "QkJDB6urbjpjSbgRnXcWjg1nh9K9g1KfNjGcQRK9KhCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-313-darwin.so" + } + }, + { + "key": "QKhs6m2DNMXao2tui9c8DLlmufzXtOmDkrIjc0k2D5uA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-313-darwin.so" + } + }, + { + "key": "QJftq0pZtMHL_5o7CEYZW0FRhf7KbaVzz2ydCdlPXbz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-313-darwin.so" + } + }, + { + "key": "QjCo40kfCfJszJ8xXyA5GTIDlyHZO-U33P2u1kpbhH-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-313-darwin.so" + } + }, + { + "key": "QJ8O1mtK8zr2QoVBGFv-lNbnEkAfpMLn8eqUXQsiVvW0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-313-darwin.so" + } + }, + { + "key": "QJ_-iQaJabff2FJ61BdfzmX3TTVQSW9CXAdecyIiwj6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-313-darwin.so" + } + }, + { + "key": "QImSdWdoax22FnsjJ00KCPwRuU7S1_TvCRriPLT4V7nM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-313-darwin.so" + } + }, + { + "key": "QiIC-MVLGewuLLV_SVy124Q2e5sVAIQJ_T-tqWZcU-zY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-313-darwin.so" + } + }, + { + "key": "QieS2rFbaWS-II4p4fzPumh5wVFC4wXktQcw7NJmVk3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-313-darwin.so" + } + }, + { + "key": "QfFOLmPfu12HlagGwFuqE5mvFjG87R1pnvnGvO-Truk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-313-darwin.so" + } + }, + { + "key": "QI7pUkDi3v4ao9AtkmVOLyw1p_j-4xfg7BOn4PnlXfNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-313-darwin.so" + } + }, + { + "key": "QhzcXs_FTlu5BgbX92WlMSWg65qB83lQTq0366Z2lLnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-313-darwin.so" + } + }, + { + "key": "QHrecrRTZywOrxM8rblNdV9IrixOzeLUcUWJW1LbLhOE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-313-darwin.so" + } + }, + { + "key": "QHgFfF03K4uzAxeJe822BRoHWdeSeV2QrW2imgNEG-5Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-313-darwin.so" + } + }, + { + "key": "Qhd9MoQThCnXs6uFiMOBv4HWpji5g0dpCiih_B3AhFt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-313-darwin.so" + } + }, + { + "key": "QH9uU95D_eZ7088gF3JIl2t8_yqjh4cP-kfV44bVHB1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Qh7FBuOIQzQFM6Wsi9r9M_ay6UOJZ4aUS0HrKzkVZQI8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-313-darwin.so" + } + }, + { + "key": "Qgu7zywzRLcBQD8qCcPUDotcQl8651_ViekfLOyvIBag", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-313-darwin.so" + } + }, + { + "key": "QgTkZczomepJJwvHKiRaW7ZI0FwSgUhfYJaFbu2kPQFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-313-darwin.so" + } + }, + { + "key": "QgsjlBgU4f8fEekIEN3OrhNMSlU59itWz7ewc39fokN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-313-darwin.so" + } + }, + { + "key": "QgFKrMJPVA_UXbUX5yvg7BoGudVhqflC36siBhG7mfnM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-313-darwin.so" + } + }, + { + "key": "QGFCMqoFIrxyl2KAYpb6zCxXcqNpgP04xin1sd3QQzH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-313-darwin.so" + } + }, + { + "key": "QFv12FPkSDX75eDbgyM7ev7WEHE7LX83EKbvkk9hx7k8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QF5rETwV05WOZ50drPcFftXAJdpVaavZ2q8rQEzuiJoU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-313-darwin.so" + } + }, + { + "key": "QfNwxVFgxpysi1F7kCckfpxxfymgmFazpXiGAhI7jvqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-313-darwin.so" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqzU7_vREpy9dlVTCGk6e8TzP7Zir5odS4EFqOUUFcdk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf39NQccI0BF8dIphgmARhH71dLUirFZiOSXE44G7lpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-313-darwin.so" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqzU7_vREpy9dlVTCGk6e8TzP7Zir5odS4EFqOUUFcdk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Q1r1xAxcsQ01-6y6hw2ur_FKs0jXHGwyU0sDTnu9GhVM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QqzU7_vREpy9dlVTCGk6e8TzP7Zir5odS4EFqOUUFcdk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqzU7_vREpy9dlVTCGk6e8TzP7Zir5odS4EFqOUUFcdk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q1r1xAxcsQ01-6y6hw2ur_FKs0jXHGwyU0sDTnu9GhVM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqzU7_vREpy9dlVTCGk6e8TzP7Zir5odS4EFqOUUFcdk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q1r1xAxcsQ01-6y6hw2ur_FKs0jXHGwyU0sDTnu9GhVM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QqzU7_vREpy9dlVTCGk6e8TzP7Zir5odS4EFqOUUFcdk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q_jeCGeU78xLgdweKG25HIWFGrGncLb20f2jCDgFlRuE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVST5NXnV5sKOGKEsJYW1RCCoQO1CUnS7ebu0ZdALDaI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qmc7LR3Bo7E7P-Ip9y39rhGSSUO1grrkjAMUQSCmOdTU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzzSGs-KesxQkZlvrt1uR175op9_F6-Yh8UqPYXH6Or8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-313-darwin.so" + } + }, + { + "key": "QZYixFr45ldLSPrpFVGJvEwPTkjyUGO9wpiDP-t--G5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-313-darwin.so" + } + }, + { + "key": "QZxWOX_YkjYDO1qz2Kt0YCMhz7ttcnxcm8mH9wBHI2OU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-313-darwin.so" + } + }, + { + "key": "QZUHhfar21n_bl2G_nnxe4ak73BKX4-sL4bREiTEYj9U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-313-darwin.so" + } + }, + { + "key": "Qzoq_wZjX-9c6yOXdVQDYLbcEee451fue-ybpvkTvnrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-313-darwin.so" + } + }, + { + "key": "QzK9Dj8RjfF6DA5mC4EPy_atzhC6-tPlhbPoTP0EUpRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-313-darwin.so" + } + }, + { + "key": "QZk27yI44OcpWjAf1GXXMRfb8IkmI82Bp53W-C548S4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-313-darwin.so" + } + }, + { + "key": "QZhbI_ynPvsX51jIYQnFYYgBkGpVFcDcpSSOybFWYwlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-313-darwin.so" + } + }, + { + "key": "Qzg3D_aME5600TZWzqyfM-7yYQvljFnj6Gr8MTtBi6S4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-313-darwin.so" + } + }, + { + "key": "QZ5EmD7nvWOI0o7QUdrZE7UnzZDAGnwhunEbKPc7WJAM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-313-darwin.so" + } + }, + { + "key": "Qz1M1V2Putj0xWPOy1bLpzkY-cq3owrdLGzx5hWFtXOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-313-darwin.so" + } + }, + { + "key": "QYzTgooOubvoVHsvfef31daj2U_AOGQJ_bYD6zZ-TBpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-313-darwin.so" + } + }, + { + "key": "QyzCDlZKMuKh4smtO8FH_Q0XwFDxzh7rei3WrCggqGxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-313-darwin.so" + } + }, + { + "key": "QYlzyypK2vB2ZjDobIb_9_SVQkLEgqutwm_zr2i3bs1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-313-darwin.so" + } + }, + { + "key": "QYen01w3LnK2WFVXkw0sh2bS_xGElp45UR9ERDPBVuFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-313-darwin.so" + } + }, + { + "key": "QYe-RXkgfEtZKIOBh9KZByiXDfD5NILZdo9x_s8YauTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-313-darwin.so" + } + }, + { + "key": "QYCumadOm0-HreeFAVQ4pNbtS6hAMU97oZee-WeOg6MM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-313-darwin.so" + } + }, + { + "key": "QyB0McNhP4yh_KAdqIIoMAmlNmAiCT_Mp1DNeIHeW7vY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-313-darwin.so" + } + }, + { + "key": "Qy3uQwAjvuffsJJqDSkJk5PplW5NQisW4AQa8Nvd4j_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-313-darwin.so" + } + }, + { + "key": "QxWtgt-N2_XUzCavw0UXBv0G9rF_JjxhwGVM3eA_HdkQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-313-darwin.so" + } + }, + { + "key": "Qxu6KCuPLshAbyEjYNIZRI6FRmsSfO4tZtt_i4Vobw5g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QxRQa7P4eVG4EtpaJ4xgbLVAjslOfU8n3uI5f9WkfsEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-313-darwin.so" + } + }, + { + "key": "QXlXLZlge31LncARKkbrhuW3hTHBGiXgvLwrAKYW6cOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QwpHHCWq-FbgR-tDxhiiFvocFBMhtDLZICni-B9otpxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-313-darwin.so" + } + }, + { + "key": "Qwp9mamepMA8WqcKwiPSuCMVCaccf7HEvNdPQp82t2iY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-313-darwin.so" + } + }, + { + "key": "QwJC78t1FIlg3Opdtez8lHlpng3wp4Wh5JXLfliIpgY0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-313-darwin.so" + } + }, + { + "key": "QwitYcwNzV-RApXPIUZocfoXwbUnQW6_AM_cJlPfISE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-313-darwin.so" + } + }, + { + "key": "QWGjcVJaqfUxsyFgoC3k9zZKbpWULECl6xPjcvviqDaI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-313-darwin.so" + } + }, + { + "key": "QwEVulJh-il9nvaMNbHn3futNQH4q5nsbevDYt56uQPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-313-darwin.so" + } + }, + { + "key": "QvZwYqTejwRF5Adx2s2za3Oy87ZCO1srnarGOjDAOLi0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-313-darwin.so" + } + }, + { + "key": "QvRxQ4V1UhhReQx7hhBn4MHVJab_U7_LRV2SpjhPZQGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-313-darwin.so" + } + }, + { + "key": "QvQESgjJvMo-aBYXwo0BLq1STi2ffgJtZA8irtQP5TBc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-313-darwin.so" + } + }, + { + "key": "QVQE1fRtLxt_5TMbKAOX3Yf7QAAMdFgL0FoeEwvU2kGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-313-darwin.so" + } + }, + { + "key": "QvPqsRrT-EfOuutZdwdGI5ifZjkVPb2FK_SOKl7F0Pdw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-313-darwin.so" + } + }, + { + "key": "QVK3-isZEqh897yxDtzFQ450nGKJgVdsaOuFFxbMH9ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-313-darwin.so" + } + }, + { + "key": "Qv9ITz6i0Y8dBqJPq2yho7t7SOJqlF_OPUo2UnZE_kS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-313-darwin.so" + } + }, + { + "key": "QUztg3pu8Oa7JYPtUsnVujlNsuXhTCdTorbqVDXw7u1o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-313-darwin.so" + } + }, + { + "key": "QUyt9J9GYKTZKANDzrkfPc9XIpJzWzgPPTU0lgKigPO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-313-darwin.so" + } + }, + { + "key": "QUtMewelO9esxl7AXR1QnM2yuelhMoYo3MEfthqnBHus", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-313-darwin.so" + } + }, + { + "key": "QuMabQVUMqz3ZUQecYn-1AOlllLfWXGkSng7z_bgtFxQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-313-darwin.so" + } + }, + { + "key": "QuDsl64ityaPpMa4WZnZlYiqoJpk_qE22rfeVfYBM8BU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-313-darwin.so" + } + }, + { + "key": "QTrwZ1vGgr_h_DFrUcJhR9fFF6kOxdT0qDnx4IgCNPuY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-313-darwin.so" + } + }, + { + "key": "QtOo8e2iYo4MsK72uggTWaB_J0P9woRtkWCr-PjGV9TI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-313-darwin.so" + } + }, + { + "key": "Qtoix1JRCOziebDo09T0I2YstGQFeVcSsUhRBpkJjjvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-313-darwin.so" + } + }, + { + "key": "QtKLtezWzGHp2NTs3nPluzlQx6MKFcbrYTOq9Z2wikR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-313-darwin.so" + } + }, + { + "key": "QTjwEbtUJ57cr60wK3VCacqZpS7I1KzdnSc2CYu2cf1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-313-darwin.so" + } + }, + { + "key": "QtitjLKcTsmrOTWljWOxrvXRwR0j9eqZ2pxwg4SSuBQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-313-darwin.so" + } + }, + { + "key": "QTFkY2fsc1eRAyhSMusycRvIIBdE--3j4rO2fg9v-koo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-313-darwin.so" + } + }, + { + "key": "QT4O_7ZRCea7pKmuZgItWJZt8jht0XzJgBT6TB2W2sME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-313-darwin.so" + } + }, + { + "key": "Qt2Gf0IGIrFAawVrPC-RhG0qbSSsHfkIVm5UhiJ3DFMc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-313-darwin.so" + } + }, + { + "key": "QSSUKp-7MybXyxEElVqX4eadDhAAKBvjJu5xoTStUpUc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-313-darwin.so" + } + }, + { + "key": "QSmAXH5W4kzqYFXtqMS7B_GdlbF2X3nVEKLO6zXdv7Xg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-313-darwin.so" + } + }, + { + "key": "QSkgbId_6ws-E7GumrXOjGdYi3l9551sBxkMlpMZK-UI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-313-darwin.so" + } + }, + { + "key": "QsIuEUJsOKLypyClS8OQjeLpIhnnIjFIdsky7V6mAvWU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-313-darwin.so" + } + }, + { + "key": "QsiehwRyoWFUH0TcLaA7R9Fovg6v6rXZuG8UA2PEcsRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-313-darwin.so" + } + }, + { + "key": "QSckPrMMe8Qav7ALJkNRhAsNfELkEmm0zzu0gH6mqDjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-313-darwin.so" + } + }, + { + "key": "QsbCPvOlqDZpWlBCQQON_XETmqrzy2vuWtZONLwEkQuQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-313-darwin.so" + } + }, + { + "key": "QS70asSK00Et-knSOyjSegNSI5JBBrh5NJvu5fShwKQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-313-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp313-cp313-macosx-11-0-arm64-whl", + "id": "15904524878", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 46040114, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QjCo40kfCfJszJ8xXyA5GTIDlyHZO-U33P2u1kpbhH-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-313-darwin.so" + } + }, + { + "key": "Qt2Gf0IGIrFAawVrPC-RhG0qbSSsHfkIVm5UhiJ3DFMc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-313-darwin.so" + } + }, + { + "key": "QC-OxfY2yzYngABt9S1k8nk4UjQPQiBxPyPezhgsoH1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-313-darwin.so" + } + }, + { + "key": "QBzwvEz0hFd5iP3UTt9i_Hy0mRoaaOmyRBvF4E5zJ0H4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-313-darwin.so" + } + }, + { + "key": "QbYpkRkyM5nITj7OlVcwhh_ddq5_Uipff-kdzqYiJIQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-313-darwin.so" + } + }, + { + "key": "QBUJtf5Hv-lMglmuRdA2BPNiQRSWyNOVo_GjOI4hNleQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-313-darwin.so" + } + }, + { + "key": "QBMIbDOKbO7e1YtiGsymP3WJHwHRp4K8NqExyZyKTUU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-313-darwin.so" + } + }, + { + "key": "QBKvRikBGZ_257kE9NAJcrjuH1Z_Ymm52_nD7wetSnLk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-313-darwin.so" + } + }, + { + "key": "QAxhBXn0xWAmid50lnp9za7nRcGbndeya5ErZMl-Bcts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-313-darwin.so" + } + }, + { + "key": "Qat8hO_Y1hQpvx_vvLq1fdItaoBnxQVCnKHebsQMclXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QAsNijOF9ObT-uzmawxAuFt6uw2mKs9nV3cD12zEZR6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-313-darwin.so" + } + }, + { + "key": "QaP7JZn54BARdIODy_XVwPRrVNbLlDYcILmY7-F5aVF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-313-darwin.so" + } + }, + { + "key": "QAkGzd2qFtQwWck_xWz7l41dZ5KgYmfrgfyJMQe-omFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-313-darwin.so" + } + }, + { + "key": "QajSl2L9iSJAWinWegJG9E-rlGOciXFmzYFkM1vNff-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-313-darwin.so" + } + }, + { + "key": "QAIKELskHN0VyGaQrncw1HZl3_1cMAzqbxWjZ-FyvzWs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-313-darwin.so" + } + }, + { + "key": "Qa8ga_Rc_5ATHQTZdau5YRDsXHK1mG37YQz31xHQ29TY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-313-darwin.so" + } + }, + { + "key": "QA10myv27TEvLc8oLL5IhURIpROkP_aoc1fTsP4fYwg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-313-darwin.so" + } + }, + { + "key": "Q9SUZwHioDZAVpPIZ1CkTWMWUunuSWMWxfhyHZPiexxE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-313-darwin.so" + } + }, + { + "key": "Q9pdhk55140Sq0mWGAolp2MapJgXKCIUpenW5Aea_ZbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q9MhicjB8QEH0pgZzIvyg2sJKR5Tgs76vlvj8uB1_j9g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-313-darwin.so" + } + }, + { + "key": "Q9HXg9Y5QRyvB8jFh718TGn6IFwPx_1WRhjvxmlJZ-Qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-313-darwin.so" + } + }, + { + "key": "Q9g7AUxCP86DtmM0DLHL4xVGMsOMm23ZRb_5nrqtAguA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-313-darwin.so" + } + }, + { + "key": "Q9azL9MmFkD5Smw2tg2V6f5uiUICzbUtAZXegDdcTydQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-313-darwin.so" + } + }, + { + "key": "Q9ammUIOTf4zRHf--aW7mtx4ORnx-fa8NBgkIZ8p0oaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q96Bqms_gaSyOW1WRH4Fa9N3b5fC-FZbrhWJtlYvkuhM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-313-darwin.so" + } + }, + { + "key": "Q8ZFGDMWcDvygyxZgPjrI_Cc2fxYTJB6lhC3BL8vPkM8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-313-darwin.so" + } + }, + { + "key": "Q8YJ1Dn3tXtRHmbUSdGGld4vrvhXobcc-l9gpulqrUi0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-313-darwin.so" + } + }, + { + "key": "Q8M7IG7Iw6HdcysBUgY_QpCM18JIDU5LeugjCx-GTorA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-313-darwin.so" + } + }, + { + "key": "Q8_q3KN4Fh0LIVCU9l1AXqxQQBeL_hhfVsV6eMi1hmzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-313-darwin.so" + } + }, + { + "key": "Q7yNBe3Er_DvhIg0al-ky-iHg3RY4iR9oDeMoncFtQVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q7IqTf88YRF-UDy0p-G6xmiBc13YeaXENY6iTNr2nRC4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-313-darwin.so" + } + }, + { + "key": "Q7aM4W4yzDQJSa5sXtboRYW59OOUY8o8-St_bH-uqRZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-313-darwin.so" + } + }, + { + "key": "Q68JhFnJDziP_0WnRSvAA-MRqKhIVnuA8iXirB3SdS-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-313-darwin.so" + } + }, + { + "key": "Q60koAPTVEox5TCPDiPTahE3R5idB9jPQ_thSjrY-Dp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-313-darwin.so" + } + }, + { + "key": "Q5UmgR9oH4Kwppclx0h0Vn2xuprYnHaqsnPLo-ai4jTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-313-darwin.so" + } + }, + { + "key": "Q5c5WOUJ4tGzz-At_ivofNw_S_my9epkNPZYcAM6Vw0g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Q4ESQWgOMXASHWUBGKsLQJT6vJH9QDbPYQn2pG1GXveU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-313-darwin.so" + } + }, + { + "key": "Q426333pu9ft4QWe_ibq62LLgwX7VA1Y9T7h4vLVfvBE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-313-darwin.so" + } + }, + { + "key": "Q2NYkESiZmNPq5yDH_IB9ntRpv-HPxnN6ACbvFDh40FY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-313-darwin.so" + } + }, + { + "key": "Q2kuqP7WXR_h0gGp-IUjUlSO6akzVWOCd2YeABFFcV-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-313-darwin.so" + } + }, + { + "key": "Q2DSdBe-Sm6FKSe1O6ZFDVygyYptlDQRlcDnFqLIawyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-313-darwin.so" + } + }, + { + "key": "Q1D48pTLaZ3kj9tksEB0ycp9PvGmCbk376cwmiWfsqj4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q1-KmuF23VM5PUYDr0MLxhLCLPsUA6yN0lNQIidYAHZ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-313-darwin.so" + } + }, + { + "key": "Q0xkK0EIPBgTKWv9IWWfRQ9UpnReqK6Z1-xVlKfFbjyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-313-darwin.so" + } + }, + { + "key": "Q0o9wy-I3caDkcy3HxjFX97gxC1fywJiwwjOtchMkXRk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-313-darwin.so" + } + }, + { + "key": "Q0H8pPvtkrAXSZp-q3he8kWu8QZ0AuZzd1ZS2v4g7cIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-313-darwin.so" + } + }, + { + "key": "Q0adRS78kaz_co1IZYFWUGcR7CF6GQSKNnlxZsajt8pY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-313-darwin.so" + } + }, + { + "key": "Q-Vlbj7gWRNpvf9Pj5GB0lnM43fsykX52AY2YB_JXvak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-313-darwin.so" + } + }, + { + "key": "Q-QZBbFe1m3fD80wBGzyInjHaTp1MZvJ7dzOjL3UrCKk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-313-darwin.so" + } + }, + { + "key": "Q-ep4op7OxxkK1f08QP5rA89J_mmabDvypjPyKkqqhg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-313-darwin.so" + } + }, + { + "key": "Q-1ar-OQo_cMH-k_g3iMcpsXmfIHN3OO1dxZCD4fB6y8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-313-darwin.so" + } + }, + { + "key": "Q_HZSWB5p9wXXkZZqXFwrC8mqCR1C_WzJTX8-7vyetVc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-313-darwin.so" + } + }, + { + "key": "Q_eQ3dCMgk-72tK3A-MTNJYRboOzkP0xcUUQ3lMjJA_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-313-darwin.so" + } + }, + { + "key": "Qc9Ue_eLu3NcpiBkL2pntNQ87Vo7QjJhauabPOlRQWhI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QccIOfap1JWQ0uiBEy7O9otBcenNVWJ9ZYI-ZenBFZyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-313-darwin.so" + } + }, + { + "key": "QcgrgeFRCN5egMm_FukN0oJwQXX0HBWPPL2e6Y0AfBMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-313-darwin.so" + } + }, + { + "key": "QcMCW_AJLUkqXLgjxw-fENXkAq9j53OUWYBl1dlma1O8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-313-darwin.so" + } + }, + { + "key": "QCMxl_DM0yAVEGXuidHytGQfQWJGy-xwfuqnQ9wt8EUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-313-darwin.so" + } + }, + { + "key": "QcreaSKxi8jPvzYeb_tfS69rrM4xPt7lzSFHich_EooA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-313-darwin.so" + } + }, + { + "key": "QCtAnBlUNlOuZ18ciVkSNBXPpoyL-gJIoB6ug7GQL4cw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-313-darwin.so" + } + }, + { + "key": "QD-SWH8PErgUJ4p7_GCvBpcS5BfMnmOQiBvMVaDDqbfI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-313-darwin.so" + } + }, + { + "key": "QDmQXU2kHtlZQZ6Ia8SxpxsHEcNjl2L75_oXLEJewV2M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-313-darwin.so" + } + }, + { + "key": "QdSYXVPXFGj7AtbbSpSnLLuZRH_K8JOUkND3NVXkw-P4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-313-darwin.so" + } + }, + { + "key": "Qe_tVSZLgDJPvkT4Y7bRzDpIjtGkp9gQMT9KZ3uR5HvM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-313-darwin.so" + } + }, + { + "key": "QE0EXNTOr0dW8_UD9lMtdK7-7biX_LRSvs-o6glymM7o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-313-darwin.so" + } + }, + { + "key": "Qe7dpYVC15P7lxrCqJFBzrfiskZjXpa_n7tNkzaGQAFQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-313-darwin.so" + } + }, + { + "key": "QE8CMaatjcnbgnMBverG0F4q9wltecTUtdAQaSzoM4cc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-313-darwin.so" + } + }, + { + "key": "QE8OLmOBAKpxXHRNfzFVMSllUfc_FpBjoYur12Y0iIQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-313-darwin.so" + } + }, + { + "key": "QEadyeUOpa7KOmMykUdQWWCTJ_0JUDV3AtF8NX9B3AwI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-313-darwin.so" + } + }, + { + "key": "QEBvTTS4k83VyLo3ltuK2-MMuFRSXkQmJD3lDF7aSMqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-313-darwin.so" + } + }, + { + "key": "QeM-pDH5Yrj_GJ3P5wj1QQl3wUeKigXklnKC00TN1JAc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QesG4AFFXsTXNJ4UPxXGPT5rYPdunS6vpuRHQUSXe_-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-313-darwin.so" + } + }, + { + "key": "QeVOzNfjHWH5eDZb2AH2eetm_2VSLEkE5VSgVs8AjzAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-313-darwin.so" + } + }, + { + "key": "QeWRGdTG3n8pIwBVmHHBHlv9Pg_Cn2-afSZ4k8so-xzk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-313-darwin.so" + } + }, + { + "key": "QexBTTuHZdDAg-OlJZHR3xlD2-KqjDBbEd8aYiEs18S8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-313-darwin.so" + } + }, + { + "key": "QF_gRixs-vgoJmgoBabho6teUHT6K_ZBqMPjgELHxM6g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Qf39NQccI0BF8dIphgmARhH71dLUirFZiOSXE44G7lpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-313-darwin.so" + } + }, + { + "key": "QF5rETwV05WOZ50drPcFftXAJdpVaavZ2q8rQEzuiJoU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-313-darwin.so" + } + }, + { + "key": "QfFOLmPfu12HlagGwFuqE5mvFjG87R1pnvnGvO-Truk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-313-darwin.so" + } + }, + { + "key": "QfNwxVFgxpysi1F7kCckfpxxfymgmFazpXiGAhI7jvqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-313-darwin.so" + } + }, + { + "key": "QFv12FPkSDX75eDbgyM7ev7WEHE7LX83EKbvkk9hx7k8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QGFCMqoFIrxyl2KAYpb6zCxXcqNpgP04xin1sd3QQzH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-313-darwin.so" + } + }, + { + "key": "QgFKrMJPVA_UXbUX5yvg7BoGudVhqflC36siBhG7mfnM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-313-darwin.so" + } + }, + { + "key": "QgsjlBgU4f8fEekIEN3OrhNMSlU59itWz7ewc39fokN0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-313-darwin.so" + } + }, + { + "key": "QgTkZczomepJJwvHKiRaW7ZI0FwSgUhfYJaFbu2kPQFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-313-darwin.so" + } + }, + { + "key": "Qgu7zywzRLcBQD8qCcPUDotcQl8651_ViekfLOyvIBag", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-313-darwin.so" + } + }, + { + "key": "Qh7FBuOIQzQFM6Wsi9r9M_ay6UOJZ4aUS0HrKzkVZQI8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-313-darwin.so" + } + }, + { + "key": "QH9uU95D_eZ7088gF3JIl2t8_yqjh4cP-kfV44bVHB1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-313-darwin.so" + } + }, + { + "key": "Qhd9MoQThCnXs6uFiMOBv4HWpji5g0dpCiih_B3AhFt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-313-darwin.so" + } + }, + { + "key": "QHgFfF03K4uzAxeJe822BRoHWdeSeV2QrW2imgNEG-5Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-313-darwin.so" + } + }, + { + "key": "QHrecrRTZywOrxM8rblNdV9IrixOzeLUcUWJW1LbLhOE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-313-darwin.so" + } + }, + { + "key": "QhzcXs_FTlu5BgbX92WlMSWg65qB83lQTq0366Z2lLnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-313-darwin.so" + } + }, + { + "key": "QI7pUkDi3v4ao9AtkmVOLyw1p_j-4xfg7BOn4PnlXfNc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-313-darwin.so" + } + }, + { + "key": "QieS2rFbaWS-II4p4fzPumh5wVFC4wXktQcw7NJmVk3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-313-darwin.so" + } + }, + { + "key": "QiIC-MVLGewuLLV_SVy124Q2e5sVAIQJ_T-tqWZcU-zY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-313-darwin.so" + } + }, + { + "key": "QImSdWdoax22FnsjJ00KCPwRuU7S1_TvCRriPLT4V7nM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-313-darwin.so" + } + }, + { + "key": "QJ_-iQaJabff2FJ61BdfzmX3TTVQSW9CXAdecyIiwj6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-313-darwin.so" + } + }, + { + "key": "QJ8O1mtK8zr2QoVBGFv-lNbnEkAfpMLn8eqUXQsiVvW0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-313-darwin.so" + } + }, + { + "key": "QJftq0pZtMHL_5o7CEYZW0FRhf7KbaVzz2ydCdlPXbz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-313-darwin.so" + } + }, + { + "key": "QKhs6m2DNMXao2tui9c8DLlmufzXtOmDkrIjc0k2D5uA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-313-darwin.so" + } + }, + { + "key": "QkJDB6urbjpjSbgRnXcWjg1nh9K9g1KfNjGcQRK9KhCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-313-darwin.so" + } + }, + { + "key": "QKkRLf_vMXLyOO1aCZ4nq-is8UT6YyywGXdg3nGcfx4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-313-darwin.so" + } + }, + { + "key": "QkKSM9UpqS53PHTtTpULPhpHcefv0gbjsFmXjYe2NLzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-313-darwin.so" + } + }, + { + "key": "Qkr39mKi_QQieu31EAeU4Ey72Y87BhEDNWTItB_3pYIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-313-darwin.so" + } + }, + { + "key": "Qks1jFlB7sge2mwH_uEbm2XsyB8AeIcE6LeY0UZ8smJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-313-darwin.so" + } + }, + { + "key": "QkxfhJAQWM2r1Zcgg_PVvYzZW8sIfFDejgplsL4USPps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-313-darwin.so" + } + }, + { + "key": "QL7Y8SqdkJaiXylmXcNtWsMsb_9uNRmiKlhNTXJNxdsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-313-darwin.so" + } + }, + { + "key": "QLAQ7xJw-TItDrxjAJy3siFuLrNz5UN2EVopFG-worPI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-313-darwin.so" + } + }, + { + "key": "QLAsyXDZA8IncTXZFJTahe6P3fLd69l0jphE62W4gp8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-313-darwin.so" + } + }, + { + "key": "QLG_7hx0OcDGO2OHp1YXVk-TQs5ThM5hr0C2gwAHE3G0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-313-darwin.so" + } + }, + { + "key": "QlJPQoAmUSneJzxO6lejudYU5_JJxZzTVVACynqMLE8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-313-darwin.so" + } + }, + { + "key": "QLMBVXayeSdmqgPVgNrnv95MZciaNzVlH5J7dupAu5g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-313-darwin.so" + } + }, + { + "key": "QLNzYu-RU5ENmghsrskQBnrGtm2M0gBwumw-F01S75Eo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-313-darwin.so" + } + }, + { + "key": "QloTiwV5q7VIH_UWt8h46e-PvuR7NtUG1yjI7-SE87Xk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-313-darwin.so" + } + }, + { + "key": "QLSkJJS_lyh9XqoFZ5chVLwnwSYAM7HyNrycgAy0jrJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-313-darwin.so" + } + }, + { + "key": "QLxF91sqRTXu-XS5trkR0VY4rhAg3Yk6E0_HP_hNzkJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-313-darwin.so" + } + }, + { + "key": "QMfGdo9sQTHly6Tun2EJgu3FO6-l16SRMZ1Vku5K7sgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-313-darwin.so" + } + }, + { + "key": "Qmt-pWuCmTVl8spKJciEMadZGxJZ40N7RKng-zgfrZsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-313-darwin.so" + } + }, + { + "key": "QmtKEeHo4LMIrKWdUzOq52S__7vn9bivwZ3kqmHGlmko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-313-darwin.so" + } + }, + { + "key": "Qn3UnH9qKVL3Gr5DE7GDHzokl-dR5Xr_bQlO5D-T2_N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-313-darwin.so" + } + }, + { + "key": "QN4ATqN3o1MCSJc7f2dKq5RfiV-cE4QJCrZoAUsx5-xk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QnSQX7uf1gFd51kx41GMmdgyLznKbfJnkTuzgsnSpczw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-313-darwin.so" + } + }, + { + "key": "Qntxv5UUf5DGiwe9jB8J4ScD3odVD8JPOF0sHBwlLCAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-313-darwin.so" + } + }, + { + "key": "QnypLkEYJrQt9vXk4brsPFG7TZjMDSnf3Qie5lSFlmvU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-313-darwin.so" + } + }, + { + "key": "QO7CDz2yBzPKnqD0W0P53kcXPv1prJhpSlbpB2iLjUyg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-313-darwin.so" + } + }, + { + "key": "QOG3W1OTPFKKY2OSVmtvfU0Ktrf-hJERWATAGbYPzodg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-313-darwin.so" + } + }, + { + "key": "Qom7LYQBu4c7CMR7-zR9pMiKlazEHMATB9M-TExM4lkM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-313-darwin.so" + } + }, + { + "key": "Qoyt9bpHKr1LYq2-IyOtjsXGmq3Ogut29EmzHYqL5Yu0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-313-darwin.so" + } + }, + { + "key": "QPH38ksxjDbTWblDpfJdAJH9W6jqsRIBjtT2yH2HWN_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QPmqdpVI4oD1qyIkVo9-QXY9REeIWzCi8yKokJ3wzGKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-313-darwin.so" + } + }, + { + "key": "QpoUdeXlGyJ-9WJGNFLo3Q4Xp0T5dJ3i01RC3lgHxl9E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-313-darwin.so" + } + }, + { + "key": "QpUeRoKPp7GDOBx86w_UxB6927guH3QGyFR8-rtd1_zI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-313-darwin.so" + } + }, + { + "key": "QPuHa_dsENus_uhcQfcYFDPKyty9AMH9hLOErpeQiBvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QpuzTZxShDwHxABL4NxcE77H7XKRjZ43BaQWJ-qeafJg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-313-darwin.so" + } + }, + { + "key": "Qq677yC_4AAkJF9QSDk4VbYtQw3M4VeZ0tbNf0crem_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-313-darwin.so" + } + }, + { + "key": "Qq8orkOZg_DiwjLF8QjQtiReQ3Rtrydbq60x8OrsyqxM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-313-darwin.so" + } + }, + { + "key": "QQDTCi8C1lPqjAXhcVasuWk7d0mftDAnNbQ-r_ePM-_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-313-darwin.so" + } + }, + { + "key": "QqMRdgqObbD6q-okuMLOs-VJNeOOk8lxPp2rxXONfPcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-313-darwin.so" + } + }, + { + "key": "QQqikl_DPuj1JY6dZ_-k3VaaBLTHp3E5eCDjpW6piGGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-313-darwin.so" + } + }, + { + "key": "QQVq_fHXB5VTWwWIEEgpYZntCq-s_GnXQ8lZFZFLf2OA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-313-darwin.so" + } + }, + { + "key": "Qr9bxLitmPCJEXzK6LNAcd0PhD73FRFTsENhUU0i_mAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-313-darwin.so" + } + }, + { + "key": "QRA7scqTSTNmJ8zlB1kzTuQnddm1ylDu9YzjPDUwDv80", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-313-darwin.so" + } + }, + { + "key": "QrFcMFz265Su6Hvwpi0E-zmeQJK_ybOP3a6-BuoVH9i0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-313-darwin.so" + } + }, + { + "key": "QRIXaEd5_IOckAuhnWUaQ1sCOYEmX6u7Zo-Q3nj_U4MU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-313-darwin.so" + } + }, + { + "key": "QRPq2kriXlG80QNTYuNzHSQkbdjJw8nDExx9xFgm5LsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-313-darwin.so" + } + }, + { + "key": "Qrpv5m0eB92AotfbDHaHY7kH5uO3fhtnFtmEVYzynJtg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-313-darwin.so" + } + }, + { + "key": "QRQjFpDn1RzgFnA_683B7Ua_HodbLWUOi9nIDTESHLl8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-313-darwin.so" + } + }, + { + "key": "QrSZ9H2-N359HItdC8JLNTHNi9wLc_2WGvqAmhAz499k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-313-darwin.so" + } + }, + { + "key": "QRwNKbXxTCuhcXxmlQGc6FiRzGSljcT5g-vfNDAdWaB4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-313-darwin.so" + } + }, + { + "key": "QrZgYyQCQHu7Yijr_HsKXHyE8nA6cKmsLmiliq0X2Nkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-313-darwin.so" + } + }, + { + "key": "Qs3XJo5QoNNqO7m1e7wzSyAjDjAntyREeKc5FfCMNkDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-313-darwin.so" + } + }, + { + "key": "QS70asSK00Et-knSOyjSegNSI5JBBrh5NJvu5fShwKQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-313-darwin.so" + } + }, + { + "key": "QsbCPvOlqDZpWlBCQQON_XETmqrzy2vuWtZONLwEkQuQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-313-darwin.so" + } + }, + { + "key": "QSckPrMMe8Qav7ALJkNRhAsNfELkEmm0zzu0gH6mqDjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-313-darwin.so" + } + }, + { + "key": "QsiehwRyoWFUH0TcLaA7R9Fovg6v6rXZuG8UA2PEcsRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-313-darwin.so" + } + }, + { + "key": "QsIuEUJsOKLypyClS8OQjeLpIhnnIjFIdsky7V6mAvWU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-313-darwin.so" + } + }, + { + "key": "QSkgbId_6ws-E7GumrXOjGdYi3l9551sBxkMlpMZK-UI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-313-darwin.so" + } + }, + { + "key": "QSmAXH5W4kzqYFXtqMS7B_GdlbF2X3nVEKLO6zXdv7Xg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-313-darwin.so" + } + }, + { + "key": "QSSUKp-7MybXyxEElVqX4eadDhAAKBvjJu5xoTStUpUc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-313-darwin.so" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QAQyy64R8qh9j0KzyvLqh-f__Peh60-Ju7ZYBzfp60a0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QAQyy64R8qh9j0KzyvLqh-f__Peh60-Ju7ZYBzfp60a0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QEFjvrtXZ7f-9PLPUfuXMcUhWZ4CRblCUUVk6dF9O05I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QAQyy64R8qh9j0KzyvLqh-f__Peh60-Ju7ZYBzfp60a0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QAQyy64R8qh9j0KzyvLqh-f__Peh60-Ju7ZYBzfp60a0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QEFjvrtXZ7f-9PLPUfuXMcUhWZ4CRblCUUVk6dF9O05I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QAQyy64R8qh9j0KzyvLqh-f__Peh60-Ju7ZYBzfp60a0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QEFjvrtXZ7f-9PLPUfuXMcUhWZ4CRblCUUVk6dF9O05I", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QAQyy64R8qh9j0KzyvLqh-f__Peh60-Ju7ZYBzfp60a0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QywI9G2hwoEhXGBGmQchL3AeuEUYfPQ6hUPgQtD6Y1_s", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QOVfL8ERgif3zcj9KNPLcec9wJdl4_2P7BHOc5x3iHxw", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QdVh59-maXR77CCcEuC58FHEGFHpv3SiD_MBfG4o7S_Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzzSGs-KesxQkZlvrt1uR175op9_F6-Yh8UqPYXH6Or8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-313-darwin.so" + } + }, + { + "key": "QZYixFr45ldLSPrpFVGJvEwPTkjyUGO9wpiDP-t--G5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-313-darwin.so" + } + }, + { + "key": "QZxWOX_YkjYDO1qz2Kt0YCMhz7ttcnxcm8mH9wBHI2OU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-313-darwin.so" + } + }, + { + "key": "QZUHhfar21n_bl2G_nnxe4ak73BKX4-sL4bREiTEYj9U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-313-darwin.so" + } + }, + { + "key": "Qzoq_wZjX-9c6yOXdVQDYLbcEee451fue-ybpvkTvnrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-313-darwin.so" + } + }, + { + "key": "QzK9Dj8RjfF6DA5mC4EPy_atzhC6-tPlhbPoTP0EUpRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-313-darwin.so" + } + }, + { + "key": "QZk27yI44OcpWjAf1GXXMRfb8IkmI82Bp53W-C548S4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-313-darwin.so" + } + }, + { + "key": "QZhbI_ynPvsX51jIYQnFYYgBkGpVFcDcpSSOybFWYwlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-313-darwin.so" + } + }, + { + "key": "Qzg3D_aME5600TZWzqyfM-7yYQvljFnj6Gr8MTtBi6S4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-313-darwin.so" + } + }, + { + "key": "QZ5EmD7nvWOI0o7QUdrZE7UnzZDAGnwhunEbKPc7WJAM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-313-darwin.so" + } + }, + { + "key": "Qz1M1V2Putj0xWPOy1bLpzkY-cq3owrdLGzx5hWFtXOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-313-darwin.so" + } + }, + { + "key": "QYzTgooOubvoVHsvfef31daj2U_AOGQJ_bYD6zZ-TBpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-313-darwin.so" + } + }, + { + "key": "QyzCDlZKMuKh4smtO8FH_Q0XwFDxzh7rei3WrCggqGxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-313-darwin.so" + } + }, + { + "key": "QYlzyypK2vB2ZjDobIb_9_SVQkLEgqutwm_zr2i3bs1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-313-darwin.so" + } + }, + { + "key": "QYen01w3LnK2WFVXkw0sh2bS_xGElp45UR9ERDPBVuFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-313-darwin.so" + } + }, + { + "key": "QYe-RXkgfEtZKIOBh9KZByiXDfD5NILZdo9x_s8YauTg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-313-darwin.so" + } + }, + { + "key": "QYCumadOm0-HreeFAVQ4pNbtS6hAMU97oZee-WeOg6MM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-313-darwin.so" + } + }, + { + "key": "QyB0McNhP4yh_KAdqIIoMAmlNmAiCT_Mp1DNeIHeW7vY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-313-darwin.so" + } + }, + { + "key": "Qy3uQwAjvuffsJJqDSkJk5PplW5NQisW4AQa8Nvd4j_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-313-darwin.so" + } + }, + { + "key": "QxWtgt-N2_XUzCavw0UXBv0G9rF_JjxhwGVM3eA_HdkQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-313-darwin.so" + } + }, + { + "key": "Qxu6KCuPLshAbyEjYNIZRI6FRmsSfO4tZtt_i4Vobw5g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QxRQa7P4eVG4EtpaJ4xgbLVAjslOfU8n3uI5f9WkfsEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-313-darwin.so" + } + }, + { + "key": "QXlXLZlge31LncARKkbrhuW3hTHBGiXgvLwrAKYW6cOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-313-darwin.so" + } + }, + { + "key": "QwpHHCWq-FbgR-tDxhiiFvocFBMhtDLZICni-B9otpxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-313-darwin.so" + } + }, + { + "key": "Qwp9mamepMA8WqcKwiPSuCMVCaccf7HEvNdPQp82t2iY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-313-darwin.so" + } + }, + { + "key": "QwJC78t1FIlg3Opdtez8lHlpng3wp4Wh5JXLfliIpgY0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-313-darwin.so" + } + }, + { + "key": "QwitYcwNzV-RApXPIUZocfoXwbUnQW6_AM_cJlPfISE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-313-darwin.so" + } + }, + { + "key": "QWGjcVJaqfUxsyFgoC3k9zZKbpWULECl6xPjcvviqDaI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-313-darwin.so" + } + }, + { + "key": "QwEVulJh-il9nvaMNbHn3futNQH4q5nsbevDYt56uQPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-313-darwin.so" + } + }, + { + "key": "QvZwYqTejwRF5Adx2s2za3Oy87ZCO1srnarGOjDAOLi0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-313-darwin.so" + } + }, + { + "key": "QvRxQ4V1UhhReQx7hhBn4MHVJab_U7_LRV2SpjhPZQGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-313-darwin.so" + } + }, + { + "key": "QvQESgjJvMo-aBYXwo0BLq1STi2ffgJtZA8irtQP5TBc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-313-darwin.so" + } + }, + { + "key": "QVQE1fRtLxt_5TMbKAOX3Yf7QAAMdFgL0FoeEwvU2kGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-313-darwin.so" + } + }, + { + "key": "QvPqsRrT-EfOuutZdwdGI5ifZjkVPb2FK_SOKl7F0Pdw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-313-darwin.so" + } + }, + { + "key": "QVK3-isZEqh897yxDtzFQ450nGKJgVdsaOuFFxbMH9ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-313-darwin.so" + } + }, + { + "key": "Qv9ITz6i0Y8dBqJPq2yho7t7SOJqlF_OPUo2UnZE_kS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-313-darwin.so" + } + }, + { + "key": "QUztg3pu8Oa7JYPtUsnVujlNsuXhTCdTorbqVDXw7u1o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-313-darwin.so" + } + }, + { + "key": "QUyt9J9GYKTZKANDzrkfPc9XIpJzWzgPPTU0lgKigPO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-313-darwin.so" + } + }, + { + "key": "QUtMewelO9esxl7AXR1QnM2yuelhMoYo3MEfthqnBHus", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-313-darwin.so" + } + }, + { + "key": "QuMabQVUMqz3ZUQecYn-1AOlllLfWXGkSng7z_bgtFxQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-313-darwin.so" + } + }, + { + "key": "QuDsl64ityaPpMa4WZnZlYiqoJpk_qE22rfeVfYBM8BU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-313-darwin.so" + } + }, + { + "key": "QTrwZ1vGgr_h_DFrUcJhR9fFF6kOxdT0qDnx4IgCNPuY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-313-darwin.so" + } + }, + { + "key": "QtOo8e2iYo4MsK72uggTWaB_J0P9woRtkWCr-PjGV9TI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-313-darwin.so" + } + }, + { + "key": "Qtoix1JRCOziebDo09T0I2YstGQFeVcSsUhRBpkJjjvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-313-darwin.so" + } + }, + { + "key": "QtKLtezWzGHp2NTs3nPluzlQx6MKFcbrYTOq9Z2wikR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-313-darwin.so" + } + }, + { + "key": "QTjwEbtUJ57cr60wK3VCacqZpS7I1KzdnSc2CYu2cf1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-313-darwin.so" + } + }, + { + "key": "QtitjLKcTsmrOTWljWOxrvXRwR0j9eqZ2pxwg4SSuBQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-313-darwin.so" + } + }, + { + "key": "QTFkY2fsc1eRAyhSMusycRvIIBdE--3j4rO2fg9v-koo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-313-darwin.so" + } + }, + { + "key": "QT4O_7ZRCea7pKmuZgItWJZt8jht0XzJgBT6TB2W2sME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-313-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "id": "15904524879", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 43129820, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QZYPvlPSHEA3rRdq1rO361fyjfJ7qHSMpOOj1-plUpJI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QZOMMk-0mybvfvvPlMpPX63Dekl-Y9EXcyPOyWr38rts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QZmmqnP631fWLEJE0EEMKCUTiVLn6oj_3pp41e7usIiM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QZkx430XJ23cjwzU6_0w6893dwJjVMnPmPyaFddgAaI0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QZJOi6beLqVeak7zX6cQVIDec-zqZDOwC3cb6aF_kA88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QZe_zmXlAP6VghySY4nbM13v2q99_XNN1C6Th3Iz0q9w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QzapMQ8dnxautEyvJWnluaXXqjcChEMu7jzHsqZaM4rU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QyWkc2mXrWLyviejTs1ju4tAIGfpkqYWb3jA42Vory8Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QyOv2IPC9XM3GhDBOt2KggUu_PRQsD_Tre2iVUsiiA2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QYFFB8-Z7eS0fRZMj8vid-ZqL_fZWkRpXh8h2Op4CE_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QBXjbhc2GBWEqixjEPFdTpQyWCOi3EWq0LhLThJ8WL1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QC0zDN3P3vQfBGevGdN1957_IEOgi_JQTzUHxHU7XyWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QbsvoJjCG26GY9gafAEXqmk-x7PAQRQ1lowpvVwdzxCk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QBNpZoGzO8lCcpMYide47SzkttihAEOeSWuWsEfwOTig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbkip-5sr_eIprtYqzqjb76YXks8rT9ZrkI3tVGnNlfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QbhpeYAQ0UJVw5LsOVZi_bPIGqnlrsyKgF8ZodmrsZFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QbfdlW2AIBMoIV2j7c7ZfPqsKtROTaoS59kiv4RhFm_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QBdsdfqoTbW5Gm7sLeTDAKdRlIb15paJlHRT3tCDKZww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QB5ZzGuuGl8RK5RmLTa31CTxuBi1F6Z0aKpvAeujGOd4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAXTif5ZczpZish3fNrKUn0cL-iMp_uvD9DJt2zfSgNM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAqOXJO4VyFLbnGUu5FdId6DOWgPwhPQou5cpgNLDHXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QaOZPw_S17QMkVTCCnm7XtWbvtZObIw9r6zH5-kFMtBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qaok8fhqIlY_mrjOJxNaFYeoiKUJo9dTWuTZ2udboLew", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QamVjBO1YYCH7Q-tzTEFVBwaQG3dGYHJY3BhvQd3bD4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAjn9eoExqoTLCuWX5Pnj-O3HHImWp_9YntKN46Q_vUE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAiqyhLUL_FSXhYCueJVf8Krkp8dsxmPGAwN3g7MrL0Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QACnM_JLtdiHMQCmyVWEr7lAXu-7HkJbuYqPs_QQIj0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QaBWMRWsQuwP57B6E_af2eOILNKLgccyyhJNZ0m39O7A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QAADe1XkmggSVzJ5hAXBd4rvlmtmhu12ch7w6cTHc0N4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9OwqxpI-Ud1bURicSDl8APJkJawnMlFba2StANPV3e0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9m1J4n1y-ydS3RRx0GJFuaLOf2tLzLXWmQLTNJgDymc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QcJXw5MmtRoYOmzzaexwaND70_sJHn0ISVDw7mU7Zmkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QCq5n1w4pNNG8JcJ1poNqwh78ft9oNxuG1jiGdCIgOtA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcxthpjj-bIjX81Hr2-lyf7DBhwb0gs4xXB-jLuHuCtE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QD0Wnr1fhyvljR800pfsclF7hqx_o0ukqhib4XcJmRu8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qdr9k7I27hVphVPm0hU-ufqkA5_HhNEMzl3oJ5_RLnxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QE5NC7BM2IPeQKUTPaWL7gUdYQN6q8YIttyYmzkhaY4Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qe9DbppoCqtM5salgvd1_mgqB8a9_QT4DbqelTLAvL7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QEfGrmAmS0CkBImIATiALYdnv_Tj5Miv-UGk5KGWuuQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYesv4NtOf0jkxAiGrYF08ZE4cZoyOke_jM_ksi9mBNQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QyEEN3JsP-lOpvAfpIBaVz0w9wjmyKEzuyu4urKvsaMw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qy9GLziVk2JL2Q8EsTrRAabnfajWGqp2I55fM6MRZPqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QXYsw37i8pu4OGP0tvCODgE2wgozCbcI7oRArY2nYvoo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QXXIJ80ANxAEy3BQQOaHeaLrcGkM8nVRuNKUw_1mfGss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QXVJKjC2yLSI2vwSaOqwaJ9y1DZWtH_gN7Z92TgOuN_k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QxPnZipIm0EckDtQbdTSas6_OvO04mjQk-XnZRBriSxg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qxpl6FqZTGSPy2kTZhERuM_7NpnkLAAal_FOAMp0g8c8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QXLJjuarSfTeY23ZWe3MSPfrJEVTfULq4ZN5qbMqBqhA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QEkzjhCI93Yc85Onra3UOpyV1TVB8PZOL3t9G0Mfkfhs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QeMzL6kWUoNQXc_UaIj12Nqe2_lCJT_g8EbtXSywV8TE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QEnSNGxt3sq3w5ZyAxqwm52wtp8n-YnCLVleVwlvb4Vg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QeRpH_hkiedojqM5714hO1Ruf_AJFM8kQy821Cot8Y_o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QX8tnlauvKz0PenNdbFt2sag3osNth-Wy-gzuTzmYCWM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qeu4vFeu0WewDzmUFlvpSz3umSoowu7LtAZG0x5ZkLa8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QEu83QV8_a5dkiKTUItlC6qjqXzGLhoOB0sx32O9BQiA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QeVXkkyi0S90x3AulClKy4dHkmhO6E6JKUAC-O9x1cpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QeW3RCwBLC8RQjgN2G17--3Hl2KBuwf9FXr1VFt_5CAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QV2O4qeyPfLBqBHPjJzP0i10bPrr227ggjv0xkxiNjH4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QX8tnlauvKz0PenNdbFt2sag3osNth-Wy-gzuTzmYCWM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QV2O4qeyPfLBqBHPjJzP0i10bPrr227ggjv0xkxiNjH4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qf8EJBIO7JXciqxm0_VD1YwYC4b1BVbIZueeaNIH_aXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QFkmGgx92KRGEsUJ_UIU2VdLvPldah3vBCoCE9v-UzFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QfLywjLSjpyuASwjaVfcuE5HUEiy9a7RJzJEg6aHrR7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QXHj6AKRcuwoYBpzPELJUYmB844D8Oytg0c28k_gOiQ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QXBdtuBL9HR2hXeFsubjAzQj8VaHB8PbsztNCCEpTFdE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QX85c-uOrM0D2oG4vHhRoVjCMVg8KUP8yPqX7c1rNEhM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qx7z5A_cSf6T-ckx5gY0-e8sHWhXPU0xf3fIyVzhi76w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QX7DFbKvXvney67ivP2x4HonA_9HaaS77b-mSXdQ6qPY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QWYT5eJU-rdq2wZYe6b570eI9-BsE2kmzucJJZrP0iJE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QwwyFuqq2KM-pSvsa2ulkC9KGwKehNJl4fvdbFjC5GtI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QWv_cRmfEy2D4gB4VU9FxboT9c34BV91FE0VKrIhh-Ak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8hxgdz3KVIxoYb_6IjWBnrdEUDlqrmxgfCbc9ybP2ZY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8bQ9xGSIEpuY26JzsH7920etug7V5iyveziCs9mODnE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8BeFNx5gwKUMzMG6Ent9l8B98wR46INpO9y9yxp2hb8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q857EPDiQ-AsmvJUUBd_tqerJbaDpO8gKRkaHsojGrtw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8-pTndvjUM9GLwXdsOONiqR8xe6SRl2J_V--NfEnUPo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7Z8VepHA45WpT7zJPkoPRT19cC-RUi5eDbiERUslOMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7nUxCSHWhxAC3i5UAWbUHjldRFy-SXD61-W9YsAF3iI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6mdxdfLxKLAZl-VgGgfigvWjTuVhYuQ3BYFrv9DKvVc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QX8tnlauvKz0PenNdbFt2sag3osNth-Wy-gzuTzmYCWM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Q6IuPVSRUNaZo9FXIJFVScjFFN1ZO37g_Qbp_d2nX9Yk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6Hch6rkYPODJD0kKOf3zUdWEbwwSQsxlEM7p7TxS5aI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QWKzyBfgLO0z1zwvvjd3CuWm7A2v8oC7d4LZYeibILHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QwFfiMq7tJt6E9d5em3j-pwv3-ewFZiFKv-JKVGHRHWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QWBtOK-txGVBZ5WkuDjDmhH1JoD3JTDT-cQW8m_YY2So", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QwBCZrlGbCMYYc8tlnY0qCFGS9c8ZJrEEtvpDTo22Og8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Qw9GGBHTSNdFkPu-geClthP-ygRBzVvtpyX2YqvjvTFg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QvYxdlbPNeHDyAyYzHK8bxJcr_2oLbrrgNXpAZHqug_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QVWL6XZzB33zLGNq2dUWKlqYQAZ-uXILDNLqZeVXzP6E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QvWA_EIhg1wh25WKGRx-SYASbjN3CC4CjCTP7GeULMLM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QVUBB2EkzoiMhKixDpTDk_4PlG2ClZGBkQur6QZzGzLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qvu1SzyE2Y8gLxFCI2cC2653toLxOG7wHrSlB-0ONL64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QVr1zZtk3f2s5vrqJOligHsxiZGDSTH5H0tgop2htigg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QVQHTQObnG4Ujq3yn_oYsxbSALzfPIcb80qelzaWQ0ZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QVcglgjfhdEH37WBwdjxoQXxHnaa06TeQVtTjkGbwfcE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QvcAUS1Y-LsNjt9E8qXTEJ1Ett2X40CrvfhZ1MCx1ov8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qv1L34FhdN71RUFRtqsbJZjYEeLjX4LP825L7KLsufh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5vin11A44CvtA8TWPjNamW-NLKnaWJSFn-ycHvZCaMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5LIRKEMpkjnJ5FcrFs18G-3HXM7Kh6A8GuIeSHozN24", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5kelH1JqLQfHQrBvtGqtz0wTebZir8sSfqF7U7Vu-sA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5G1iBd6VgeE2z3em9sGFJASvnVOxjxX-feOKgh6vQzk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q54nmALv4DlYbR0Oc35E96erOtLFgEJXJEjQgAEV05DQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q52urDnjRPHegsfHPPJKZhkoUoY0xXzlU7Oy3ZPM7vro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4XNrEUpDx8KiLk0J7gNRmLB2t-nUTh5ytt2mTZY_oOc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4uSs_V8SeJ8QNa3zQWefHY1tKcMu3LsMP42jukdC2-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4NVu61lhDikOvH1ih2L29YOlxDpqW-civNaXP_GUpgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QUw44_F0r0-I-4ONbW14Zx1jybSjXqdbDcKXzGtGjTCA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QUVY_WtdJulK__GTmIKRaXR4_xBd0euxiKY09bacsRCY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QU-PIJbh5PT2Dz9_asuNfnUcLWKwerO92EMxm8T5Jrt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QX8tnlauvKz0PenNdbFt2sag3osNth-Wy-gzuTzmYCWM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QV2O4qeyPfLBqBHPjJzP0i10bPrr227ggjv0xkxiNjH4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QGSFSnWVQc3ssEqxU6wC9BMkX8AcAwpopoa0JtEs60C4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QgTpyaHyWJsaXUyHDPEwOYLmm8Z1p4bSa3c2XXTQcCyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QgVs6a1VewIl8OZ1ql9KItC5Z8-6fN0Bfi_L4S_fEb44", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QGY3KDFr8rZIQK38cCrrEJKwv57A35jds6-Mg3ROYQnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qh-FeI_qUEt4K2YLIJiXNS5JsLF0QB3rbkan6YnpKoEw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qh89QVWsu6dviZ0Z92ejKsVcw7fYW6Z-tf4O7JGEfl9k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q4jGsKFjBEvYFz2zv-_dcDfyKTsKiKtPyl0MUDh1uIOc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4Cc3jWp8VKFDONMoREv_qNfsZhvI6mrahCkRpzNMOVY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3zb822C8nesxpROL2YQ9uryc58bZLBDmiHflGkDfE_s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3Q_nUGMXRfssa_PW0-adBogcsy4Q5BqAIvNKuR2QLhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3-ewkb-HE7n7pQOrdqayhdxHkoO8S1YARvj2o9c6Ovo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1uy1zdLNbf60Oe-5aAl5G70-rO0ehaQ72pkAlUHvLOs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QH97sL56PtTM1CUKCwZqiDumqi6038pc4uwoZl7uMcHw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QtzTLnvRBrA2ho2J9eqz-M5kjRF35kCKb-q2SxBu0Qdw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QtUqMcqU4V-ueuJDTIM7Kj_H0hAm_8bO6UhTUC-57zFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QTK8Az4BPAfH7jT2x7x9211vAEkng0zSHLv0F2g9Depc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QtikFNJU8aPL_oU7D4dBu5gRJ9R_aphZqbgPPf7S-HEw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QT5Dho9VtFNp1w2Dj6_BTr_XJzIlHyYSBlmhtFNVTYjI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qt01Db82OxNP8QDN0FXZTu2UWjQtm0NSWFdasJZ3fCUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QStNCeHdH_apndw1x3NvVmzxTxgpWEPyBP_Y_9v6kCzI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QsTl7Elcu9HY1OE2pFcuPsJoHCdJDFXsSwXUUvnPvh40", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QSMsmgUHeZtWv1axcVjRgyK8EJOHZT3S6NpB60rk22KY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QSKpQaSqdyW6wyymiHN5C-O8zNWzwv28ytXut9prg1WU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QSGBXpEUmHUKa5GaeI6mHSTFH7JCq0IjjCXqNiStovxk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QsBhSzNDaencNv1yhNFN6jvfmbRalSklUlwWLWnktWUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs0mAC8W16a0DkQk6D6yowm4lmfvbDk_l1SpBV-VloUE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QS-U_k0qq0pj8o6FRNqFZmTVmp0JKBdGWHSXt1beoxRU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrzdm6FfGiPANn67iNChPBk3Yga5j5bkLICgdeA5j89g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QrZbOZ8Cb9E9_Ned-auRrJKbdTilpY4Scz6vWiQ3TRYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QRTjXDK2TdXOYsJp7Fj5Tvx3PxMFvbGEITybu3HUSTxk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QRQTVsBT-g2j9sFz6WSlMh0DDSkT8Tqh4-jgVNj1Kslc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QRoKGTgMzytMzvexKq9Xme3toa5zkGDTcLQGT6uCol04", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QX8tnlauvKz0PenNdbFt2sag3osNth-Wy-gzuTzmYCWM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q6JzG5g9jnm3EMsB2GWpLkCNCAK-KO_oKZ0fXEktE-34", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QX8tnlauvKz0PenNdbFt2sag3osNth-Wy-gzuTzmYCWM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QJYzOgDDZDlvVAixLLQvo4w1R38JiEb7K0OB05NouAKg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QS2-zbmh0TMlS2bYWyHNIYGhOC0CtsOTje_xzlE8XMOk", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QRMxZ4sZFAuqy5c8YiiPAgkeArNQm6o269ux0zZJcp2g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrls8EuVg2mSx1GYDfJVAhPw_lva4nHdq6LseW-Wz4dc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QRHVH-7Aci31LElboO0d8d7PlnYysT9zXzzXDNsgIWAM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QrHiXHXSmKyN0sqpEa2tR_WvfD9hlQi3_Msbr_fXfvnI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QrGifBCtNwmY-fGEm4uQwiiKubp6WJOe1kgIsMqXaYnI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QhMXsnXB7J2oWjM8jgKG6zLS5TPZLZHdZymVSwFQqtLo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QHVqcj_IiPalYKLYjEEafBMzTHlxRX0hMhJSqghBnbKI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QI_mDInF49_M2yInxJiq5IDUyVj2al0nWg6vz6Cs2rv8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QIbZZo7NjUfOGfvDMUzf8hqK5jaJ65lGv2T7Q9vEGIdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QIIrZKFPnL0DeCAxntdBnd-l6j1Kp3jvLBBTdebW9w3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qix2Bi5kAIxbSU4ypVYcxjbyaefmJc75wxOkfIMoshms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj1yotCduW8B8mb7TwKEH1bl0fHSWEeWbaFObVlHA_lI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QJ5wdRutl3kForghJ-T6MEVuKBV7QjtmPzrNPH3jb834", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QJAn50QBKQxjyjCQkeDbY7NSylhX7Dptw9Lp2db8asTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QjEvWs08I6ZK5sOJJSCuDUWtsZ_uZCsKmgiqRpVYTvmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QJgwdWDAoKtp_yNe9zxjb5trmbLCCgm2duR2wBvla53c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrc49HIrZlaDL8QWJlPP7NQAppVmsTC4tsIRQQ0G4hms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qr2M8bts1XPx8s9VoO5oIfExAc9HTfo4vgCzzDlfQQKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qr_yLz413U2gXKLaO6N5Lyc6qX31lMyjOLlrA9dmLv9k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QqzddrB6fOWIhBU9V8YIyPbq1xxqPO9-CADKiwecbKFc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qqu1oEVxJyNwxcrkPRE0TwEYhA_6zRZ3qP-7FK8EQfX4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QqogRFwGFcWeurk63NffPw6lrMG_FnGzgezkokALfnOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QQMdutwT1BVBPRUOTbZR3q5lUPlCI8hAecg78OOr_TkA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QQhwffzO1UVAmsjpmBcyaN8Qsrvnt-Lk5Z2bx5pBVlWg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QQclarZdZSaxM6vCysBc0QR_ATsyASqbw3W4YjiZ0894", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QqB4BkFfU8HEQInRbX8_70XgNmk60nyokCxaR2yAKI8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QqAt0DVvASI_LI5PKPkhJvv_-a55rr94nqkh-9DS7cXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq9L6-l9CvokdaKuq3JXVkWDkPB_v_c3u1KMyAFhwSiU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ2raU1E4ITn2Wv_4V8zBoNQdsy5n-26pNimL6XzlWkw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QpQz-rgx_FE1PfSo8pscDFK6VMuW686RaJWvvbDf1pcw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QPoBHk7QoPr_RWNRIojwXpsQkuv79U3ZrH12P8L1QJrQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QPCoqFT1m2CA-AT0yCCO5vg0d2WJvmKeNP0nVbDA3_y8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QoVgfnDqSTTWXD58Bv7EmuLdGjirgfwEOzOnsUAk1SF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QoSCLK3ssecqZiAhAdQ2GtPldBcjC77Vjf7upgf9xld0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QoMuoCF-2XDm8Tow_UUQBlTAxIMcTs1tk1ZIEGYEC1q0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QoM1EeT_fc0TJ5N9MJEGatqTE-aw-m4IZX58Kzrdzq68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QOjx3rylyYSt9Db4akd6NAjXhmrY4BUikVKvUXLy2tlg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QoGNM6kKXmIR8fhaQ3HQTSRFM9wPg0gYqXQu1qSdfXdU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1GpvMtKHq5IDhPlQhFZrXvHSaoA_YCCiFrqMn6FCVgc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q18_MWMHEQpMXJpfQOtElkej01F9p4uCXZN7Q1m0FAuw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0qp_3Ev5EFRvPpZ4CSzKXilnjNQvef0T9jXsgWR79Hs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0mBJ5vq-4DsKPzwWCnTs_-uNbNRFcNP4Au-EJZ-hQU0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q08KEdycaw0KRM9hvpdEHAMt-amEBwxvA5CHiSTVvpIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-Z2-Q_wNUz0mDo5bwo9xRFdFqHCLOraTIrdMUabJmAU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-TNRIJJ-6C3ytZrm9So5QZQb_HlWhyJiPu73vktYry0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-S8V4MjovMRyT7v1wX-u9qwElHpOJg8hsn6Pde2FHxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-nRw14wZV1IFINh-96zgXclzSQxk7cBRtojSMGrRigc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-M3XrI5PEb9vmvvjdVIw418Yuk1Xp3QWucUKaVCBsYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-G6sklVyBSgA5mCDpzXGtPlqBbycnciAekiyXqAE1W8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-9gDn0HDQYzDbjls26RTuiOTfcGb8xjGD2puA1jAXoY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_OZ2mPtggfsgpCt_I5EMX7P4MsgNo721YMNHbduZ2QE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_mTnOoIm6q0FZICR8OZjkO93qTzXEhXY4-qyztXLpdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_IoXwupRxEW4YJudD08ROVFotN2qT4mns_yj0a7Zi-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QOED20fM4mmoC7NJ2EtclXWDLTZKSR3p402KoY1ePgis", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QO7qhIK329JQHDSIGYr3ApQZ0rOU8krEqZX0kt95IaQI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QnZ3g72KGmUsdWu3mnrQUW-DgkiZ3u-ORHGxSpI2dkiQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QnuT48CjYRubsfaUbZOhLwOt9rWvlgkM2BPPtT5TUHEk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QnCXvisWl34_I8K9nF0jG8HykpLErEnYqrjudoNhAIBY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnb0PwTmjAr4N_kxpSfRQFo6q618MMMJtI9eFRTrpTy4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMUHKOBkScqmV7NJi8-rTNF4rpwG6cFsDjxAlfg-FBco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMMu1uQr1-JhHYqWEcNGGv03ifSoFEVZqN9YcgluqmGg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QmLbvz6tgtTP9M2ZaC-C7cWHLKqi1hwnU7oPlNyMi_PU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QmK6J6fonHCbhBc0flge6Z59_Q25u8ZaJauu8zC8VXIk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QMjm25fX4mApaDBHlEmRERYk2aWxhqkdCsjsAvLWaFQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QLT_rDESPecesaZxax00hcxHzaGEBe130bhFec-26Ydk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QLP0xLoe6c-lEifi9agHJUd3AMTsHTKhj2TrriIfSj7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QlN9nPwRwTqxS0FjkwC_-jbRVSfYUjl99ifV66G2tpaE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QKYsVF8P5Sq_Y2xiHYHpzFDJJ6U-Gujcav4GZ5b5YBe8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QKnFUn9WavxJAVmMPqwVzJ7XBh5Vv0FIo8dAvMzv8Eiw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QjV3tauHOf86QYzgMXzKUwUw82SRs0y_rZQMwyj3hXm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QjOelVLguytnPZHChniCOJv9biy6Dg_mak3oFmW7YL7o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-313-x86_64-linux-gnu.so" + } + }, + { + "key": "QjjGtctKqgDbm0wk7KPQLWmm5bhlbDbdqRTHurWHsVJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-313-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp313-cp313-musllinux-1-1-x86-64-whl", + "id": "15904524880", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 46208813, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4X8XXxy0LKuVZT3WQk-lorTBd0QlfbXXCteQqcS9jhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4X8XXxy0LKuVZT3WQk-lorTBd0QlfbXXCteQqcS9jhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qy07l1FK3M8GH8wJRB9V9ltCPcc3KiGKdLOwQenedTPE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Q4X8XXxy0LKuVZT3WQk-lorTBd0QlfbXXCteQqcS9jhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4X8XXxy0LKuVZT3WQk-lorTBd0QlfbXXCteQqcS9jhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qy07l1FK3M8GH8wJRB9V9ltCPcc3KiGKdLOwQenedTPE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4X8XXxy0LKuVZT3WQk-lorTBd0QlfbXXCteQqcS9jhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qy07l1FK3M8GH8wJRB9V9ltCPcc3KiGKdLOwQenedTPE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4X8XXxy0LKuVZT3WQk-lorTBd0QlfbXXCteQqcS9jhI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QgK_rr5nhL4YK9u8cxgYQw50d3aQrTf6wP6uuXL_KCuQ", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_rn5K94s4hYBij6hrHqKZcNzGHw3jMiFBx2vc06ek-8", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLsEs6NO0DLu4ZzVPYH-x3LbdAs23IetOuAm8dZHXvZA", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZYB1SnmvZdkgwnKZXLKTr1leaoN4fhN1jMsl52SMT1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QzjJUQbn1Yti-2JwmOIBj4iqwReYtf7DeQV08R34B6v4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QyXJlarVqxiJROVDEQxWH_Q1hEVipHeJhLt6mCw9HqwQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qy74DkSEy91WC53f8KYuDK5OEtrwGw5VLDeBiFvZaCuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QY1VIjD5kyrVpbum4Hrt3XQlZ4xr43UFzHBmkMz_8JZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qxw78GShW89ZgymbXYYNJyVV-4BlAOALbXq98IwxwE78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QxTnUUII2akurFuyxuK6ts_Mdjo78_Ex-VuYibBMexgI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QXQZ0sMaAwdLl5Kn_c4bV2tMZIdltfu8nYg5ow7Iywpo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QxPAAIKEqjPVeQuznYQoddW0EYP0DUzf1iuySeOP2W6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QXldUfX4uiYGDw9PCI7WWLdp4v0iK5HAN7YM9HTtidbM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QXkbXS_Faqy65STIBuUb1xv_MALa5HBZhcq30uQLI1YA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QxFsbNTb9PX2egltoY1Y_gdmYtLRqDXVxGhfMjt27hFQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QxDqX41mx9b9wpnHyabXyD19A6IFs1TbrT8uK5LpZXxg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qx9xY3S79BNQpROwl4SbKVtseCdW-RXKMoVfg2GLYaLs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QWwTJzmqyMd9cmW9GDrYXJR1eSME5sBZba-aq-NsNQ2o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QWR-0SPpYk2TK65j85zmF5AoXfXurp8SE5aw9BMDHgh8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QwkSg5nwuiDMe4bnX-cip7TFSJCD80_aku-5bnsHygzM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QWebNhdmHYQ3KEXG6_vuT2r9GRiNG8SEDrxmtt-ZO7Ys", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QvYq7ihdph_nE2SYKhglLOcKN-pqVni1a4zXCpPAlXkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QvY2dUKz4UauX20agjXxvyrAYxNefnQ_61dklufuSrfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QVXhjXjmEz-nk-IKRuMrJUVjipqFn3J7criolbeDJh64", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QVK-hQFslXA55FrZMC0pFbkc8C183RchDFvYDgcQURFQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QvFYEftOTP5neM69e80wSTerQSl6gdfpPAb2xfzP9JQw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qv4e3S5aGTxWTjqyMlwFGm752YbNmUApp_ARxp4qtkdk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QV4dS55XuMpU8KcKLlYBXTa_6VHSa--9FYtzQs4OAawU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QuY-fy_0u8shKGMdTl2RleFKot9ZuFd3ZO09cKutZdY4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QUvux-w91bP3xN2dMUDpbZ-aNIoFGs7PLb15nn9n-GRg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QuN1ruAxRVe_IzEuqgZKRpnIuv56gttF5TnDx9P1WiMA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QULIsdFtHPr3v0r2-VZcC9pTyI5KpC0N3XovCrA3OZP4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QuhyI5HdlCSa7v1HdBfxtrah5IpJ6olplcgqDyPm-m-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QuGcMVYFqsYsNxuMW5S35Sy4kWtQ5WXXK35KdVDwdSGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QU_r6mUP9zdH0fvoCJRUGSPsZFFIk-qzJWfG-7adw4_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QTzhrtBObv-lcL1COdkS2L6EWVqz6oWSLocKmW_TJHMU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QtxZ-ZXEkN7y1urFXSJzh8BXzbXL_6QSge4ZshPG0S1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QtpPHnmqowbf1BnlEfeL23OKpivmp-xlQw191wiY1b5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QTmoomTbiFtvc0HHGpcwSPKbuSKMKYPXZWcogbE32rJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QTHTqZwL50c8muwnBReU6ESF4ggRdO4pVOkP_K7BKcCo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QTfDiDgBLVlxnjMpFwxJQGCmtBa26C_YaZ5YYK3M88Dk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qt7jiSXkq4KLiHj3ZgmknW2XlfZ4UrhNZedgvj11Szs4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QSraYOXfm_sVf1rM7s-z4nGgd_eRd8YSkxgo_gv2bces", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QSooE-Nc-p7HGNW9Fpp_pxt8AGC2A5ONn3wVTWzlzvP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QSLPFApbht9iEPhXAqz5ztSKxAv9mUouwqLdsfYIBh1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QsI1NsxuzuUwKzk_oGBrKPlEzsKsOU-hBZRxrIyIbQWw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QSdfBleHAev_uWcVVA0m1J6ZzMdVY6I14UZZhIWsh2gA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qs72Or3RNKsi6rmZh9MSxBLZYRYygurKUmgjCHD8egIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QRvWfb5E8S_AShBQuGf2TUgoKPiQC15MuxZHWHbRXKiY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qrvt1WhdaCD4bfINGGSQd0GUcHP2u1uf1HXUE9oCwsRg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QRjulivjSp_kDLQmLugxjnItVa7fWBj7ULbf55gLKcrM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QR1GbApmRJDz4TjScwnbcHYTWU1mZz3eD2p6hIPo8f6c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qr-tTQG_tAvgDTeubgagBgJKo8Ndt09U6w9jlPbljvYg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QQX_-VxvCKoqEVszw59UpxUccSbsf8-Li9Gicr69linw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QQuPVh0J4cyX8jelzfsPVAAwPOhus_ns1iK19zI3-D0Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QqT2OzXxxJzhhcml8QId17TIgyNiX-vX6vSeETcsXEHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QQkrFJoT8C-4KHJoUL5cXnBUpdMlFG0SaRx9PT_1jXu4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QQ9xN-GVdVm_W57Y4JXEujpaLfVjd-kxpot5dnLNC9NE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QQ4E6ef98nUWIQp1EVYTHSdkJ0C0O1HeOD7QPc3-1ftc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qq1mLuiOuh9M1Iv6EpTgd9mF2R1N5FzMqfMzp-GD5ctw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QQ0rYdLGjk_DOujzXHQW4dcQs5h2w07oz65Pd9Staq0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QPSPMUGJe_dD2syxxfORBptEVMVnsFdIyz6IvauZN8Jk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QOWSLhnxsaxM5rEGuO1rO6g5srry6j-A3-wGgwC1tjCI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QOtdrQwMVoJeAvaiVIe4BN7zR9yyTYTM0rL1_STdVmM8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QONBnAf-77qr6QIXxZbgWLnsQb4z9IE6AYHk40qWy9i0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QoaT7uinvDbd_eny2AY8tDqiBlmkimS39wLA0xsmONmI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qo0BWiJC-AlanLdZyVMuq_7DEPfWoodR235gHpygPw9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QO-csJ_3Go5y7ShdmXTsvG1kh9xFtNBW4En30siq985A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QNoTsHn5IqZwdm-lBNamiu-N6ldW61l8McNRAD8HKfbc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qnlfe2KbKWtTrOAw57H0EFSea42_wJu5Q7fKzLcOiOM4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QnKGkhc84IgEA1mnzIvm6XSRvVm9zbVRgXr0JomAD8Fo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QNbw7o81ObUA_fTw0bCHkNlJO4Bh0NSuFq4iP4R4RMrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qn8ekuomxcC7rNLgJKtrk-EKXJMiOY6spO55CKBgu9qk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QmSoX35RedOuB2LKmVlWVej1Ej6JmPhRwKorEroN1zTs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qm5ujpPA4idcF3cJ7YuZcFgkNfW5ZUtMHwj3SjBSWeM8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QLKjnGWyczHBugUgjj78mCbco7pIfyUCgEDeW_CauqKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QlJw2rOlmEV_DPzmTeeIzi4hWQyDC1dIeJ--8fhjW-9Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qlcs0ccwjy38ttT3fhat-3Jz0AoVGWeg5ib1WfvcucO4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QLCdiLGIgZeLZvrMgfE1_Wv3_O2kvRAU0OMRcwzF0zL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QL_tl1Uo8c9Cn0nniIfIdOENrZRVTEzHKbgIuORQ9mg4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QkYFnKtDnMH5b1phN5qzklrglcCIC8ymx9zI8qcQj77E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QkuMtx5ZtZ4qwIfXL_OoAK9j0xcQy1CMrMV-Z6gTyGwM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qkt0Ru6mCZn3dY6ONRqAYXfFfSpbr5ZtNyXdfrs9JUzg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QKRUk-ezPMQKGfR-GTuTdGXKetXIV11nHEEN8IGUAjf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QkrIP-21BwTk99ijyVh_ee6f4t7oMhc_nAH9_WDGAxiE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qkm4pVdoFrdW0N8WWaZl4IBqX-uVhC2it5UcFaiCHSbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QKkvUdFaYsqicHxab4EUL25Fl3KvHiXpZ5TME-J0dY68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qkcv-ZRl3RIxyQFplqjUNpclVWTkWEu5kmB4uJdRMmDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QKB2fKXse3jCM9gtnmRJGpoqqYiCTZtavo4uYxyPAuO4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QK64c_vaG2gTAZejRGmMfm0zPtUdRh9h-IbjgrVvkWig", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QJT5JQy5q3r6mYzlwaKMVSiqxRogsfgvRNUd5xM7-J0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QJSvJjDDUOujZk6a3tWxwcN7Rm7Xena_2Shl-82jyafM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qjru2bpFq4Bk5EmUlB7HKLf0Ndy_f1r1qQaCdoE3SqvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qjo505chWSsB4YhQTPfO7GDgYlnWq7r8Rnm-IXyLBwq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QjnfHf-BDLL8Mhsu7uxu3XNwzkZbs2eLDiiXak1bsEuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QJcxC7b09kSW8Q8iIFSdCgJ2x7QSC5Bi2pLk-t7fUC1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QIWjGBSg9pK-H5IIvCGKwHKz-YDSTupe-SGTu30xwg50", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QIPmyv3JZn663LA67FPmt0MLDlkGE4Cctd1u-8VvY_5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QiiTkZgwW3xLxS2r9BQo4Tq2gtVpQvAcKMEK24t_VQGg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QIHbbW94IzAoQtJXUlsJUN2e_a2TmtdDcUXrJQgHeI7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QHwecQ7XFIF9M_LghhrCrRPtDdxFRW7cZA6iU2ox5gmo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QhrmIgow2dgYI7U3yHeF9lWIDcuSId95hyfQTULyHHs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QhQYna1WlHr8Udt2EhLW-UmxcVtGcc7-a5afXC02sa5U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QHMj_O32Tpk7fXVqMmzcNoq9lFwAiT0AG2RMJZlPXPfo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QhlaTHdpI8SWdePlMmyQWEiPXTO5SnxrClOppoyIcQGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qhl0X471fZyL4MWfTor5XN3eAJb7tajPxE7c4JLWDtd4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QhgL-Ea-WIjfJI8hAPXj4tsa0GN8HgKZIfjl7OnA4aDY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qhcj4jvYJO9naeY1LsX1YAk8r6yhiXhxqQJ-qHbQ95pU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QHahxyx4dvMuXZyoYaIwXW_q-mh461QlnwIwu_S_IkMU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QHAenhFuOccc_JuWBsLETJmbAqJzkL_8d0Q-NufE23Rs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qh04AHMqh5dDtcdDZuZY4tnfKceJPKTZMumLqFy0pukw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QgW3syXeuUtLM__DANZw66i1qo5V6PBsp9MIc6k_-dY8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QGVYKOIOcgVaRnPcUqOvm_twy63JAfErSKq57LuLTdeY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qg8aUdzH5mZzvjaOmE59k7BFV6fQNRSFe4K3HlMYpCf8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qg4e9Hklh2bip_Ovyecvr9kPYQcxFaVpktoNkD_YxkD0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qg_eXaKDpfb8H3DaBdkLFP6fBTRsnIVRvw3VaBVRUHEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QFyLF7ge_Q5sLnl5vQ0S26dmAmmr1gZcEfb6VMt2FjvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QfrCwH0cdd5iryMVFSr8O40kM6LBDBujLBVIs178gWmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QfOTU8P9T7-EQx-cnYC0SiY8xCqtcLsj9kcLdYJP2K-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QfnWYDTUBuz3nf-ZAsO1PKB3HOmI7YmvL7VpB8YetXdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QfHItyb8OFfcM7NBObsEN5nz3AWi_l-7LkPgIQ5bI6eU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QFGTI6WaOlqRIcDqH5J36KuRAhxaynT04ydJOmLEZKDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QFECQ8cPIB5_43dZBSbqrY9Qiv5ofbYSkk8SyGazpt3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QfeaMeF3FUisd6bDVXfHAaXSskZJTeGklqXVxkuOVx0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qf_ot2C87denBZD6limgcEcnx6jfQPHLTDDuZRjDZaeE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QezG8WCAajohZpQhF50m4AsMbkvHxMGPPHKXm6B0Buqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QeuLqmPSoDyqiTOECssohFvIr22lK26rA4fpP4yjxnEk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QEszo_2hEqftwdBqwVM5I1ZFeTXssoOAusRGv5cqF3KI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QElyUNjoo_q_mPKd4EYqOLLmQs3OHXtkQJ9LUNCgWAUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QEimZRqk58EddxxXjO88DsPsnq0YFZhDZCTfxQ4mavgM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QeHWYK8hXUKGeYy3eVkHFiKs0JHbm4PBBV2gEgJO--Ww", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QeHjzorrbgfqOKgS8r1mUeEYjkaBCzm2MbG2UZflnhdU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QeF2Mub5r7b39vQ333LYr3EmkKYs3D88roexb-mV84l0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QE930Bl9LsxQnHY6xkVEraGOIJE20PNDo3WI6JOjJ14k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qe2x1W0lSXxhR8poZRC99JeMtE7-V4d0pa_HL75TQzrs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qe2a_IKyF6dBY_bqaTsq8466Lb90rFeVDB0HpVVWMaek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qe0_RppSUVITDZaTeJ9SdzgmvMU-kaDZY8ch2RpBqeTA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QDTJ5k9arvd0otqZfMmHX_oANhR2Jr6T0Q_ZfU32yFiI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QdQutAULmHmXTnKp4SlyROBUaFHHByNEo35RQA2QlCCM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qdm0HPg7iBqlger9jGXZro4Oelztrnx5Q94fUNxiDZoE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QDB7MENlZ8nt0unKcUjkr4E2g19YInXKqKDzyf4mMGfo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QD3YTzlBg6QK9oOOOGB0x8UwLrJONKCv7IdcVyzxkJGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QD1W82XId9vLXseGUB50ymf4ad0s9y-3MvrLgg8y-Ohs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QCqmx4aAfEB29vNAM6t8j42nhBYpzzP_V_7dZTW2JmTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QcO7LSjfcMvg-8nNnfL7PP4WfS-_wIof4pEvAFM6xKTY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QcJnpOlNJdy001VmGpmm3p-t_6qS--NWtnU-HVDNCUZk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QcIdVzcrF0bxOMGsyuLLXi15AWdc_GWxNwAiTiuvuxgY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QCGMyXj2loxrUWGxLfgDZTUYKVAkjVQVe6xaHJfo7_RQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QBZxRGPxE8-nJ8Pk7J3WcSoc0FmefiY11dUNota00Gog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QBzmz-4eQ6wdilOZIMopPwRWANfDUD59D-dJqDRIK-v8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QbkLsyd2XYx1tHTP5ff5_amzXwq0hWUfKv8q5xpzTtQU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QbioRaY8HiHSv1DXyZb9baeWdxDgFG1lvVdRFSeY2PfU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QbiJG7QjCK0OAZ19ECezPMgOTqiD2rFKl5kMJ5V-NAH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QBBUNqNxnOZUWw4bw-3rMRHzVrp1twloCGEpgGGakFek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QB9nt8frXJt0ThsbHEUj7JnPHZXDHXV1W5TISxK0xzsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QaWqfIyXUwHJQgG6pzWmydh6Aj0EsPR8_ESW13K0TfYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QaqDPgQdiVrBd4LzELPhYh9E5sWZ77-skVo0WKZl6bKU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QAlPSpOvz0ylNwxMbMbeNqfIuRriFd1CEGQ3DgPkYk94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QaKlFBJzQlVdJX_PYrJRajvGLTC2kOY-x8TYgPfBeAMk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QAGsdWFyjMookVhQAF4U2VBG94yhX361nvMVCVuaB7tM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QacQGtHF9xlNxUIJxHgeP4JhEHr4n3i_4oH5coypUBDY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QAbyIQoCHRQnhgPKtDjUyaXvbmoinT1LnhetaURdkUQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QAbFMlVcfMfkjFiOphoMT7JXg2n-dTr2AtrQclwPFOwE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qa_xvggqBlESzyRjchu69ZdwmxcvZkJk2pVWa89WDBPQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Qa_n5PwN3bOsYRTh-vf0mgkbRa1gaxJq1dRbkVwgmRts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q9nLnA4yssgUzowqYA3ObjIDJbxHI7obU1KSsaT5E1ns", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q9k8NQeVcly65Jiupn3lnvVkNWRMh0dTupdrPan0cwQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q9FxPuI4wZG61akHPa_ZGah7gNyM-xDgpLYqqinEvrcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8ywwVb_8s0qwsY-kHj4hu8SwsZuLE9_zf08Z_FXK2Xo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8Vhka7bX_fZCr9-YNAX2TtHsN28niVfRABZdQv0XhJc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8sq45v8PecEKUDn1KYb08YztR_H4ajxZ_fd1sgLMCWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8SblFuZnwKOYSxAk__UGZteU73AcC--LuplDDYlc1B4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8phLfRfVerwVLXcrCLWGMHNeLiWlE32qbnhqwjuv-K4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8mCMQMey7bAWz-0ofc0FghUNs7vUhqrWN5NOJ1LxaCM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8LELV1h-5nDD_toQ0J-_559mxoGdaVVvNa4RhdPG9cM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q8FtKwfMn5F6ix7BxHN5qHzXD6nboeS2orl8tIvDraAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q876r9T3eZpdM9CnHtybDCndLbJw8r1qGgsfQzBkOCz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q7vtuJUN6z2zb-r5GI5sBrpvBEqIyuzvAG3fAMiPlcVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q7PTT-yMp2HY1TCHaDQCFeFdPOvvWgPqqANYoq26RYjM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q7Hl7Swy9WI50sYDMJJKQXLUk0D287ZlLO6l6fr4LLJ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q71I6oM6EYNtYoo4y8ny-5jY60neWPW5zJ4_Jfz0GiUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q5zTFTakDFN8G3ojG5v0CMhTwsMbn6MHhXMnwh7wwe8k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q5hFa_7fOkS6PxIcVDG_FndyRnIfYbg3o8fqzid6qod4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q5GDDMo1PDtqqAK5ZjxGSLQl-_C4RXW6BeqF0wmJwjd0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q55qp8D0v48i8bipWIQtDg4L2OkRNTcLvwjaEFxYbRGY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q5_iBocFnyIdxYG3-45pFOh42t8t57onbaX5N-LpVDmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q4Nc5ZJq7CKmUADjYzJj7QtUSJukLHhE6Hy4qDKNQ-lw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q4bVJ7JAv_3ObCq_9woMuLmHHFhccoq99_PzlYIpdq6s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q4bNGc4dcz4FL6mq8NPWz4kKZ6-HnxDnvaROJ6iUyPEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q3jt0wNw4uLpY6mfid20lmetjw7DCqnIU5xDFXN6cjWc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q3JNmtpWWl8vBWnr34cY5LRs_SdsPxYPNo8ba9hPh6Lo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q3CGIPT0WJxqNyAu17jvAAjQT8EQFcMxdZ3HhNCVi7Z8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q2KCG_CmwRVRg00N5bmt_c08XJ6hvIuRK4Lqi4eiTV20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q2g-vtB2uHuBdw1SjQy7aXaXH2O7keN_hIQQ12jw39w8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1yWsMRz99pIkjNRBh4mX8XWTk8MOXtW9REuGVLH3fH4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1tJU5vsGU6WZEabtA-sT8RSiP_GH0aiPcDHC1n9GtwA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1R1Ih_JO3H3FqiMllvrgNR4wd_J44crzvwYcZnxGqNQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1JCIhpPI0D1psytq1URyDhWYwC4HoGmYi9WuqH-PBgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1FaEUhTaC9y-JxZ4YbgECr7mLao0MEF9KlFRj56OKDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1dyIbSGEVhjMQaIxE3XZjoeLeFJukL22sI7H7cXiRfw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q1a869NCBK6CsXRxWl4NcudHivUdgNKGnxsdVU8RcBhI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q0R01666G_O4pIFH29XDBwv6dVp2hFkbqmOG7Q52Vudg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q0PDB9kvfFDdv64Rb06oEGu4pYkpVYEpi1yADwh2e5yg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q-Z0PtmcyuhgGGObLhKl_dNBhljE5D_Y36tuj06kiM7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q-w4Jx18rWyQwFgqRFnCMuK7RhSuvjD-sv8Gu7x8Ruts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q-KV6SqBUDAD7IBPMnqSbfDXkcIzC5Z3IPOSoCab2cUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q-BaSuxZEZ3Q4xzq7FvfIVxG3KfK6IF7CXm9MVmXY7gU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q_WgWOUdLCuPiS8QXLTjfqvhZPz44ksXyeK9sFMxeZYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q_JPz1F4Xbx1kIdgOtSd10Epy3YHYe53bAtiMFyMfrE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q_dcbnAyfHd3GDxQogHOQ0_P-62m5cUhDM-4wBCr9jTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "Q_-cNZs9IXVxbOybVdVror6FtgCpGN1d8aQ-Hr0QhFeg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-313-x86_64-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp313-cp313-win-amd64-whl", + "id": "15904524881", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 29504558, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q0aRpAMU93ajUrVj2bSssKfibO-lrV9Dw7iK--lqFVw0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cp313-win_amd64.pyd" + } + }, + { + "key": "Q-rogiRi6H8EYk6xRYu3mHWqgMf9TjsBd1S6zRyZe6D8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cp313-win_amd64.pyd" + } + }, + { + "key": "Q-K8bhrQg75frAbOTyBs7x0vYNJHROPB40PonL77JIcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cp313-win_amd64.pyd" + } + }, + { + "key": "Q_JAZMFmBj6bu53_YEObsWZ979My-xFvA6UxeBdonT5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cp313-win_amd64.pyd" + } + }, + { + "key": "Q_8ZEmlTcnjojNcjYKtJ6CfRvDMz_2fzIGa5Krg1Mphk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cp313-win_amd64.pyd" + } + }, + { + "key": "Q0HLlPTgH2136qxKLYvfey3GdWW2HtKa6kI9h-A01SDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cp313-win_amd64.pyd" + } + }, + { + "key": "Q0zBIujlCl_BiaJa6WOVukWBwaCsdRnaQDtMPE-uoSIE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cp313-win_amd64.pyd" + } + }, + { + "key": "Q13BzT9ho52NUGOW54xVIatHAmhMxfJRwoix_9tIzFnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cp313-win_amd64.pyd" + } + }, + { + "key": "Q1g8SqoR_s5ObPBrwomnP7H3lxtIV53vnpR2wrCh94es", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cp313-win_amd64.pyd" + } + }, + { + "key": "Q29dIJveJzD0I5dJ9lWCuJbVAjajA581T1B4BwTT_LZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2gVFRS-S2qGejW2sCF7WlJqMHEjRNTW3x5nOuyyFoj4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2SzXsJcsGy1hLlI9ZPZcVoBijGpzYiN1ucFKR2tW_IM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2T_1mnxuycH-hX89-iXSJRKFj3HviE8YwUd4XZGb-70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cp313-win_amd64.pyd" + } + }, + { + "key": "Q3_zxBB2H1utFJ_bvjV0vjsqfQJMKu8Icqxma48Pxfr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cp313-win_amd64.pyd" + } + }, + { + "key": "Q3-LEqc5RzxKZuDZbXE854hYBzSwniEthafuDobhMZjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cp313-win_amd64.pyd" + } + }, + { + "key": "Q3gMkoSeaZKW35a-frGxFOoT6Wv7xTRtrDIzQgz5qjTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cp313-win_amd64.pyd" + } + }, + { + "key": "Q3qRYa7U26D5mU7yMAnXHYfU5x5a10IJLfVlBUWsyuc0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cp313-win_amd64.pyd" + } + }, + { + "key": "Q3sn3GdohujSTz0LJpatlb3aLK3_ySeog0m7ex9jrOY8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cp313-win_amd64.pyd" + } + }, + { + "key": "Q4_wgDt_fiXtEUXHCE1S_-XVYUMbJ-ffauVQZ8gC3088", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cp313-win_amd64.pyd" + } + }, + { + "key": "Q4A7a3vQtkTCGFSh7CsN_RrAze6LkSwRql80fEzDCA28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cp313-win_amd64.pyd" + } + }, + { + "key": "Q4ojJBMp1Qg1_SMxP9xJoylx40ebSWQh0cjH_fVuQpXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cp313-win_amd64.pyd" + } + }, + { + "key": "Q5J0Jxl8L7AsUTA48fOKIYFP58fKKIOpG9ivtbvWkRTo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cp313-win_amd64.pyd" + } + }, + { + "key": "Q5yTai1bVLejxzNwfdsvaMCshbJbO1P7MUgrwwTJc9AQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cp313-win_amd64.pyd" + } + }, + { + "key": "Q5z4dVESE_4GOL_fDxD4oAORB8k44gfeszmFIXoQmvQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "Q6fHaRlQDYlhaMhYHX7LklT1RP5_UImhaBuXKLUNLLR8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cp313-win_amd64.pyd" + } + }, + { + "key": "Q7_eeIjeowa6hqTNbLgtW2rwNDnzk77PTpcDrJSzV3wc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cp313-win_amd64.pyd" + } + }, + { + "key": "Q7lGnt-ej7Jn2Nj6_geqSQ1MpwIgmkQmqkPSovt_4CRM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cp313-win_amd64.pyd" + } + }, + { + "key": "Q7Ngefp1gTnloC5tpTPjL5wIJxBgYe2hilwqCkXMz5IU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cp313-win_amd64.pyd" + } + }, + { + "key": "Q8CU_ej6jw72xz1xzmpRS_x_aQNMavwU4xsSEtaMY2Bw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cp313-win_amd64.pyd" + } + }, + { + "key": "Q8DKZxdWcJhTpYX9cyj5_JbqrislnkzJaxWtoTfcsNS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cp313-win_amd64.pyd" + } + }, + { + "key": "Q8EmdYno-1338uULQD6a78mjHlYlt5CRtYWpCUsLkzoE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cp313-win_amd64.pyd" + } + }, + { + "key": "Q8HQCYsZdtzBI6t5uKUqO6KYm5neIiP0xa1dEdhexEyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "Q8nHz1m7bcr73SQ7-KzNM48cGqJlmbcTIpqIZYeqAXhc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cp313-win_amd64.pyd" + } + }, + { + "key": "Q8sVqLT-NVwUN8_GPS5hA-HlpsyQzZHoJlYeze80my6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cp313-win_amd64.pyd" + } + }, + { + "key": "Q9avKz93ePeuq6bX_IboTjdTlBLVDSrDhOdoBtKUFehk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "Q9iWXLggAIVRUG9W1EG4wVlBjSHwtxrLbwi_QAz-ja6Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cp313-win_amd64.pyd" + } + }, + { + "key": "Q9mwwiluasWLV2vY1Vg8RX7d2Kbiqlw6EepnADloFkQI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "Q9t273hq_cm4_Q-U8B3JXzzm0JH_s-qhoX5NI9vrqVsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cp313-win_amd64.pyd" + } + }, + { + "key": "Q9UzOAI4SOuhdIy9TIr_i1orZk9OspEtiUfQzdOok8J0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QabaJ__4ZJYqiQ_-U2KtWV5PxtqnzzJx6wnwp5f2SAXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cp313-win_amd64.pyd" + } + }, + { + "key": "QAEzajcHhYF91_NsGBCvcge8MCKX5JDWpMOBAYSxe82U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cp313-win_amd64.pyd" + } + }, + { + "key": "QAGCC718YkNHktrYk75jYHH2OD0smorB0MiM5ptfXodk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cp313-win_amd64.pyd" + } + }, + { + "key": "QAnIAJsliJo15UXeIuvT3RK4891Jb8yTs8DmZv2ICl0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cp313-win_amd64.pyd" + } + }, + { + "key": "QANjXkZgo59oYt0oGagA7gyh_7wVnC1EtwAKDkZPIFs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cp313-win_amd64.pyd" + } + }, + { + "key": "Qanq4AUS9EEpSlRch2BL-Xe2BwVcdn_BjAsLKixsp35c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cp313-win_amd64.pyd" + } + }, + { + "key": "QARqb_w0q8vbXO7DDKVC7WevdxTJnyss1kuramP1s42M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cp313-win_amd64.pyd" + } + }, + { + "key": "QaYOSGZsjOHS1ih2nGCVtHhJzDupLUEJcQuPTguighzo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cp313-win_amd64.pyd" + } + }, + { + "key": "QB_zvsb_BwrDro4wo2AdVpZ1DhRVmZ4CAKn5ugh1f6jk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cp313-win_amd64.pyd" + } + }, + { + "key": "QbiUgXm2u1o2DfQCaadPRqTpqsUf4PfT36Lm1FUYyQFw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cp313-win_amd64.pyd" + } + }, + { + "key": "Qbn4bDPfJHGEU3q49Bd-m7hyp-Xgxwq5n7bo2VvTm7wU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cp313-win_amd64.pyd" + } + }, + { + "key": "QBULdRS7eQPVXZfCwiBUO_ClciCgWTZTTlURDyjfz07s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cp313-win_amd64.pyd" + } + }, + { + "key": "QciDPZiL22Ri2X2sJJMZKP4Aws0Fzz8pgB29eMacxuMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cp313-win_amd64.pyd" + } + }, + { + "key": "QCo6hNILaCCx7lkn6dXH-gZOHklbd4SpUCGm01g-zwK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cp313-win_amd64.pyd" + } + }, + { + "key": "QCuGHaGQ8nI11u2z2O0StjYuSOBbaIPjkL5TJ1YAhRmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cp313-win_amd64.pyd" + } + }, + { + "key": "QcWHt-3yaOSRUnRt8o3nvTOkqrscOwwbsN0Ht320cryU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cp313-win_amd64.pyd" + } + }, + { + "key": "QcWt-qeLPH9pWwhnD0HNmgpeD80r1rx4lRXWCWZ9u7Zs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cp313-win_amd64.pyd" + } + }, + { + "key": "Qd2AamOwA4OajKPq2c0AzPL-xztBSizitsZHIUwGg3l8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QD9Rr60hL_IknylyeKDq4Z8dne-j59QAgDXCXx5fcoT8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QdAXqArnteyq6TfLvR3pI6ZDnp5QmtDwCQq80e21RxXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cp313-win_amd64.pyd" + } + }, + { + "key": "QDdkeGSKVmB0-izcqnWDTOnqMIV4i1iaQI1AhcjjcQBc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cp313-win_amd64.pyd" + } + }, + { + "key": "QDnGr6zwMzkdN4R0ERSN6Fmz__9DPCFRuzO2AZxv5SKw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cp313-win_amd64.pyd" + } + }, + { + "key": "QDQt5Uf5K8tNKqoGF0Uk-IDdfMdQtfEr6LXlUecnN624", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cp313-win_amd64.pyd" + } + }, + { + "key": "QDSggRnVwThYHKBbaR4vU-tYwsVvGGWnIc14LLcc7O4U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cp313-win_amd64.pyd" + } + }, + { + "key": "QDUF7BwofHq5b9NREefkCczuVqphcZhV98v6LXiIg07k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cp313-win_amd64.pyd" + } + }, + { + "key": "QEAWmZpoApuSoTRugcBQ0Z77jTekyG79rMvGUfHjM7uU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cp313-win_amd64.pyd" + } + }, + { + "key": "QeFM2kiyrdgnvkjew1LShcdj8pHaVK9EnmoD1bgbJTIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cp313-win_amd64.pyd" + } + }, + { + "key": "QEMChhxc3QT129pR0W3iDDW1HsGlEWGtqiVSf8cdRXs4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cp313-win_amd64.pyd" + } + }, + { + "key": "QemNsWT22Q7rAbNPW3lZkoMOQpxTDHiZuFsDmb1JmEqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cp313-win_amd64.pyd" + } + }, + { + "key": "QeSrDqx8X7p0rDbxsiovcf4zHk2spg6fNKPUlBTxJim0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cp313-win_amd64.pyd" + } + }, + { + "key": "QETN-D9bDYfuYCSCh2mhQRu6M6lOaQOvbSZ0sz43yU3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "Qf-_RMrwS79JgzLJJMbLrfupEcWR77A1gnkae1_FgauY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cp313-win_amd64.pyd" + } + }, + { + "key": "QFD4GAHqombypz8g37kJkXB4WQFfiMu_B54MGqyc9110", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cp313-win_amd64.pyd" + } + }, + { + "key": "QFkE8nrA__BwYjnJFFFjJjXBXAYvrKHuUy0n9qVlj0F0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cp313-win_amd64.pyd" + } + }, + { + "key": "QFMgvTazw4-6tqXbXlXFKRV3MtApAyT8d-BLmufBv_YE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cp313-win_amd64.pyd" + } + }, + { + "key": "QfPD9t4CuSMO_jjzjIjCMronhqcxcTw-vw-13Iwv1ku4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cp313-win_amd64.pyd" + } + }, + { + "key": "QFspbJ5gubeIMCLtVF_qRAPyhATnyeeqcIlnJyXHwzxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cp313-win_amd64.pyd" + } + }, + { + "key": "QfYqLSjZ_xOvik7rtSDWewFvIYx2wVbTWLSCtD9gYzh4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cp313-win_amd64.pyd" + } + }, + { + "key": "Qg4sUETwGzPouRp9Gq6OQqvXpMlAtC7xeqGUn0c5QIpg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cp313-win_amd64.pyd" + } + }, + { + "key": "QgAmLJ5ds91jdkkHQZCYclLBy-0BjOL4USJ48yIldJcI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cp313-win_amd64.pyd" + } + }, + { + "key": "QgHdNKmEshKSc-NTKk54Xj51gfO6kPfakFFIzmNei09k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cp313-win_amd64.pyd" + } + }, + { + "key": "QgkjGsFJeNEa_LzQ4zRP7LFVWZ2ZqjDIgnRzDGk17tpc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cp313-win_amd64.pyd" + } + }, + { + "key": "QGo8Mw-0ukE7UC0oDXILsICMihPYWzq6dG3HGZ_5XNfw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cp313-win_amd64.pyd" + } + }, + { + "key": "QGQkrvvVaSX2LxYBewBSydRhbjP0y9w4UuaIUopOj180", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cp313-win_amd64.pyd" + } + }, + { + "key": "QgtOu3LcbCr7ehEumlBUNAenmuCkCF0RRUPwCehOs2KI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QgVh47y_z_Xn9L7SxN6eI27kqOQsCv4I3ub9HNMCdX0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cp313-win_amd64.pyd" + } + }, + { + "key": "Qhc-w4aDvirBdarNx4_8_CtYkh2iCKpEHbxaw_zuiVmI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cp313-win_amd64.pyd" + } + }, + { + "key": "QHE5wu6R86VvD_7RkKD1fsqsZD0fjhl5Bxebr8-iEZ8s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cp313-win_amd64.pyd" + } + }, + { + "key": "QHgHi_T6OSvOQR_DzAe34KaUlLx0FWbNuXCyB28g7iVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cp313-win_amd64.pyd" + } + }, + { + "key": "QHIG7D7PGm__7NrK8Jr1qAR-uYA7RG8daxaiRqiH3QPw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cp313-win_amd64.pyd" + } + }, + { + "key": "QHK-yGH4ZD4m86oXdMkY72lfO8nyZraHNBSCPjuv7-v4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeuBSCOQkl7HbtatRUjX5q24qMxBi-fMAF70MUTEDrbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeuBSCOQkl7HbtatRUjX5q24qMxBi-fMAF70MUTEDrbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QhmgVUOZOS1is_XlH-T2FvLAH7dMv7J5IpwjJT10izF0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cp313-win_amd64.pyd" + } + }, + { + "key": "QHwYj8y7MF_jTgM26FSumFVZVoL08F5TdJEa54YgTero", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cp313-win_amd64.pyd" + } + }, + { + "key": "Qi1cp9a1As6Hm-9avke-Ysy1JAUK-9Th1DToTSpH6e1s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cp313-win_amd64.pyd" + } + }, + { + "key": "QI3bC4tHaK610CCK_jN6wFLx9vuEs6KgveZoJsaFFT2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "Qi8kgArANqTmUW9hz1ukY2380CBvjsfjgNGtGpjFP_KU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cp313-win_amd64.pyd" + } + }, + { + "key": "Qi9MHDEwrQAz-dhOlzJGAawoj2Xjfo7s9s5sRypbXgqQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cp313-win_amd64.pyd" + } + }, + { + "key": "QiAsAeLliT34dyCDyVHbUSicZkKA7nu5Y4j63ujB-GN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cp313-win_amd64.pyd" + } + }, + { + "key": "QIBquXUf8jo5JKJP6Fouc6rGoQfndCEJ8wfaUYxahyLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cp313-win_amd64.pyd" + } + }, + { + "key": "QijtrrgoHK_T6XEgY2tC_eoAJjZwGWKyYpvxMzY3DzcY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cp313-win_amd64.pyd" + } + }, + { + "key": "Qil12Pju8w-YjLns7C4BNa7a5Dh10l3qxF8SS4NJnB5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cp313-win_amd64.pyd" + } + }, + { + "key": "QItDbCX0ct4JWJuFzTocYhqTx88NH2LmOROPrOPfPay4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cp313-win_amd64.pyd" + } + }, + { + "key": "QIZqy1EIYQD1Y39BLuEtWYGYLCfW-6SrX2pLIlOp94P0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cp313-win_amd64.pyd" + } + }, + { + "key": "QjJWMmeVOzFDx5ukZAJQpnI3lo8I2OKOsod12sqWpW-c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cp313-win_amd64.pyd" + } + }, + { + "key": "QJum-ajfqYHHg7BzDkvJrRbumOGwEVFHz-YStx_XsI1M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cp313-win_amd64.pyd" + } + }, + { + "key": "QJX3JrQdGARnOsyu-aYclGb11bBPxm8LaA4kYm-ROL8g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cp313-win_amd64.pyd" + } + }, + { + "key": "QK3LeMChKcKBm97rm7iPk7A632NhaNfTI4P02X3Fy4gg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cp313-win_amd64.pyd" + } + }, + { + "key": "QKdJouOBetETgXgsOLnyq8GFr_kCOLi9m6sjR1nS9WKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cp313-win_amd64.pyd" + } + }, + { + "key": "Qkgkm9IbKiiwfHs6_82j51PLXXw2QoLoJe39VDCw_qd0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cp313-win_amd64.pyd" + } + }, + { + "key": "QkjIxOsECOidyBvEsL_U5pM2uraMf8Qkp-ta721Fze1s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cp313-win_amd64.pyd" + } + }, + { + "key": "Qkl3hJDSJVD_yTf3Znqz1ODNvRcl0KnqPoDOTR3tkOiA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cp313-win_amd64.pyd" + } + }, + { + "key": "QKONQVTr5mM-aL4w1XKbxC34tqtDmtqR5n-R48hIJeR0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cp313-win_amd64.pyd" + } + }, + { + "key": "Qkp42ljHbNyxk6SYOSGw68Em8KaKD_qq_20owGVtny6c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cp313-win_amd64.pyd" + } + }, + { + "key": "QKpBzLdHlJQHuMqal2iYWW9eJ2u0ORfRX0bu06WU0Xn8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cp313-win_amd64.pyd" + } + }, + { + "key": "QKR02ZNPXqdO44sKMNFvfN4DATC6dEyhwgSo1rbSOINQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QKsGj2UEEhuuuaJWouDllfo-M--pNBYxJqf864029w2k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cp313-win_amd64.pyd" + } + }, + { + "key": "QktRJwMFuM8TBABa_-JTmlRPT035GjtCHqTHS23qxUak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QKUhuYpaId144aWWDjOajr4ILxSMXLC1ZGVWBPh7oh4I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QL31QB-9g0cqLyNFI79w5SeFwm5AqHJs51ydvw6H2Cg0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cp313-win_amd64.pyd" + } + }, + { + "key": "Ql7LZCkcrcsWWyharMJZcKCLvHiLiyxDIK57uPh5O-Bk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cp313-win_amd64.pyd" + } + }, + { + "key": "Qla23aYUu42_aXxfTpVNCEYHPJ-Lo73wqoUZY_wdK06U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QLfwf6u8HJdv1A9jGJDSXubU_U9MQnH96pY7lwTaST5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cp313-win_amd64.pyd" + } + }, + { + "key": "QLGD4Sqlw6IPxH3kewJwvqV1VVeQseNsClbxu7FPd6BI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QyAhTDyd5nIdAwvBXzdn6Dn1D4roP6nVzDA03ehFnP1M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QeuBSCOQkl7HbtatRUjX5q24qMxBi-fMAF70MUTEDrbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QlhUdadEj2KA7YqkMwFfp9vnpBlgUETykZwwKL7vSFPE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cp313-win_amd64.pyd" + } + }, + { + "key": "QMATKTk0NTUCQCdlZybY2LnacnNLWFgUpOyNRrdsgx7I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cp313-win_amd64.pyd" + } + }, + { + "key": "QmeSKC8uNxdP1_4mvVrEGySjDY-9u8MV3HIwi9Lc9jGw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cp313-win_amd64.pyd" + } + }, + { + "key": "QMF0rZOI1pXufo0pSzc4iRm7SOsgXkmJC8Ua4AXcUPUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cp313-win_amd64.pyd" + } + }, + { + "key": "QMHl6bEfS5WxI_wPQGBx2PSKtLFCQAkPrDCte3ftj1bU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cp313-win_amd64.pyd" + } + }, + { + "key": "QmOJviGNt3GL5fF-ydFB8DpQX9tqdtD9cbS2voM1etUc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cp313-win_amd64.pyd" + } + }, + { + "key": "QMp2mRygPLjpH5Bd53RBaaVdjQpUgNxGezjNSvwMO2rk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cp313-win_amd64.pyd" + } + }, + { + "key": "QmwuRJOIRW8yRPO88I9uWhm0tMlzrCelH6i6jg5hEPVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QND_dhLIPzUS6OBU0ngn_SChNI_BjXhJxW4RWG1Mfv7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QNl1XcHk3rivoaa5QNFdPiXjEy06P_pRfDY0cpu2hg3U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cp313-win_amd64.pyd" + } + }, + { + "key": "QNrCINkBn2Uf51L7Ei8978HYSrCp__AIRqNnyBmIXAuc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cp313-win_amd64.pyd" + } + }, + { + "key": "Qnt5NxQpEblfPaiuucGvVbpb3fVOl9K9CRp4fMN45YGc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cp313-win_amd64.pyd" + } + }, + { + "key": "QnWzPSiCUOfQxYc8ehn74yAPPbin2EIwbVY4Wr-QNqso", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QO7LzvR9c_G53H0o4aWzJ24sCFultpkirsrEaTeBvAHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cp313-win_amd64.pyd" + } + }, + { + "key": "QorGw5M1XBoy4PETMydqn5OqRhAocRWpeQqVae8utgLs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cp313-win_amd64.pyd" + } + }, + { + "key": "QouKYWQF4ZWFi7e3aR0mBdb2-CB7RCXcu_Zj8jgHbapA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cp313-win_amd64.pyd" + } + }, + { + "key": "Qoye-kjTlakxhJLLxZSPD7GAvB8KIintslH3XovE9NOg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cp313-win_amd64.pyd" + } + }, + { + "key": "QP2c0i-WsxkPoQyq-XzQjaA9bly616n2D3bHywjKmQLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cp313-win_amd64.pyd" + } + }, + { + "key": "QPDhgaxPzANMP8Xz4nKBm0Lj9tmQ32WcXtifuyz_sd8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cp313-win_amd64.pyd" + } + }, + { + "key": "QPFP3QgQZkyT8X4ktN-HQKYpv_aI598nnD30HREyG_5Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cp313-win_amd64.pyd" + } + }, + { + "key": "QPndtRq9rMX2_y8GRq2EobQPCuCkMrkCUyEnWg1sYAs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cp313-win_amd64.pyd" + } + }, + { + "key": "Qppfwbp26BhYGDeX-7x9d8Q_KwbpbkaiRDIocUdFZi0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cp313-win_amd64.pyd" + } + }, + { + "key": "QPr7m43_u1yR8JCjb2jZye6iGzUGmwNiFygOdohSd8n8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cp313-win_amd64.pyd" + } + }, + { + "key": "QPw_z0IayI9OWfKMUYrqYbwXrhipQ9Sz8GLiVafW_oL0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cp313-win_amd64.pyd" + } + }, + { + "key": "QPyKmqDVYNoBdLOpNABJNgtLrybBGY14bpHu0QI5-T90", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cp313-win_amd64.pyd" + } + }, + { + "key": "QQAun2NdvijodVWBo2ytbqphH6sOR-yaiAOoM5HBYWts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cp313-win_amd64.pyd" + } + }, + { + "key": "Qqd-dfwjpBz3GR0DQk2DTQ6M7fgweNYMVYtoWtVQas1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cp313-win_amd64.pyd" + } + }, + { + "key": "QQNZRZjZFjCQjaKO_ico4HdolUmCx6JtG0yV2rID4W_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QqoKdP8_escr2j1gY8Qbd_sDecKelvI7pAPBA_GiIbPY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cp313-win_amd64.pyd" + } + }, + { + "key": "QQoVJZRTi6xytCtx7joJH1k24Ue3-JoLMCTv7apSPXOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cp313-win_amd64.pyd" + } + }, + { + "key": "QQPHU7nP9rRaZFrHiJ1Pl8bVHE2OjzxepgYtYHhoLr0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cp313-win_amd64.pyd" + } + }, + { + "key": "QqUpdSYRBQxS6kibwQNstG6WuM6UgZRi6S48vacTo6bo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cp313-win_amd64.pyd" + } + }, + { + "key": "QquUa0-hRpfEaqZ6EVowDBa0orhMd52GhPEZcLkxFZ98", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cp313-win_amd64.pyd" + } + }, + { + "key": "Qqz9N67NPunev4jdQMEtFATkoWPSpGuZAVcHUsnViRUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cp313-win_amd64.pyd" + } + }, + { + "key": "Qr51xLraFZO1rXDeNUV8phaZZg4_UUwxQxwQ-kiolj98", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cp313-win_amd64.pyd" + } + }, + { + "key": "QR8BHZBt6W4T8kcVRsdJV6TadOZEavjq1ky8qJpFhu_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cp313-win_amd64.pyd" + } + }, + { + "key": "QRaZ-KJPCbY-MwnI2E0HiJjWvc1u4xlXFgaRluxAYjB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cp313-win_amd64.pyd" + } + }, + { + "key": "QrcZQebGVqSL7O3PGhfjcLFfyQY_gFryyTPY7Y7_ElAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QRnAIpiO1fpgtsGSE92etKjvorewnvTsnzAme-B36iiE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "QrR4busx2QJsAtmcBFriMrNLHCllvq-H8wJYMu_k-ZFk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfinegrained.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Qrw18vxX2TOIY4Jefui0bx6-tuRrWXVv8_TpcX1okWMQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QrwAQ7Rf_quygnolUVQm5p_vRW2o-MQOTCRzBR9ixH6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cp313-win_amd64.pyd" + } + }, + { + "key": "QrXZzb0pMW53C2KNtmlDpU8KAtJDd-xdmSMxqMZAiTBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cp313-win_amd64.pyd" + } + }, + { + "key": "QRzj5xAVr3vTionP212Jd5XZnhOUH-c8ZufE1FYKXmKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cp313-win_amd64.pyd" + } + }, + { + "key": "QS1AObgG1C6o3x6cvZJKCq1JkQQhhVpla4qlSYfgdRMY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cp313-win_amd64.pyd" + } + }, + { + "key": "Qs24J1WaZru3C7m09jOAJ1k-LJmFqmiHWu-HvWxWsVUE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cp313-win_amd64.pyd" + } + }, + { + "key": "QSaZPwjC45T_f4HWIh00dzsedfusFyfmOiH6S4WMxbVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cp313-win_amd64.pyd" + } + }, + { + "key": "QScyBsJM-LgHJPWBZXItdNnjpzvit4I91zPBUh3bINIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cp313-win_amd64.pyd" + } + }, + { + "key": "QsIBRSdz6AmoFel1gs6OvLioJXrJqzGF-g6O7adYWv14", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QSL8kpLUaQY2pWUxk21RTxn-Vu_3JVs6ebA4dRwksJl4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cp313-win_amd64.pyd" + } + }, + { + "key": "QsYn6y9C4zdDRzaSC4gbCev2hbQ7PTzpooin79t5qQT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cp313-win_amd64.pyd" + } + }, + { + "key": "QszM__2EMHT_e7401SyrjBpktY7NRtqgTlEZ8SeLQtS0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cp313-win_amd64.pyd" + } + }, + { + "key": "Qt05FfWng5YBNZlz-6ThHZBZIxKRcoJmJilk5Mfa6FSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cp313-win_amd64.pyd" + } + }, + { + "key": "QTbRfJvNhddGVp7ts9bynaUPoTqOkoxjU-szB1HcQN38", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cp313-win_amd64.pyd" + } + }, + { + "key": "QTdURwnNSieSCGN9JhsOXuEJGZSUBzodpqgkXcDW1Eo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cp313-win_amd64.pyd" + } + }, + { + "key": "QtfCVB3uVfxBAdBaD97y9N_IVcYCsjl1qYP2e4tEC0E0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QUDT-ingJUif6LrAoLGxvqqlR1g1XXj-ITNEyFnHTbxk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cp313-win_amd64.pyd" + } + }, + { + "key": "QuGr_hzc-oQhgEBeM6JTdhOcmO3P_0TNA2-ufusrAlgo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cp313-win_amd64.pyd" + } + }, + { + "key": "QUVVQlp4QWtcBeYnFEmXQj8yBlj9pPtOxE3p01snhUFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cp313-win_amd64.pyd" + } + }, + { + "key": "QuyGwe5Qa6WS41fQo26aQFlD_dQrrLWo4VRkMnCgR42s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cp313-win_amd64.pyd" + } + }, + { + "key": "QUZXn7j1qHmCuq8tb1xFT1RD8trzqqw4lVXAhy4LzVlU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cp313-win_amd64.pyd" + } + }, + { + "key": "QV1KV1v_80D2dBRl-bMmN8LiX4M_RDzXrZf-vVhWt31Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cp313-win_amd64.pyd" + } + }, + { + "key": "QVc9zmCU0srZciK8wW2OZuqQeDeIQfYtRhkNm-f3YN_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cp313-win_amd64.pyd" + } + }, + { + "key": "QvjRpG61dYJJmIm7XL1Pd7ItBCnnTqSO4LeVzat-6neI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cp313-win_amd64.pyd" + } + }, + { + "key": "Qvp9CbGHY7YuttFN41aFOJ0JLQBRqRzjh_SLy_RMMYiY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QWE1Iz_X5NBdSxqZc9qdI1G5OoUcKz9d0UL8BulLvdgU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cp313-win_amd64.pyd" + } + }, + { + "key": "QwEfiZHT2Emjd0XlQd_JM-4PjEF0NUwFPBiwMfqZDPKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cp313-win_amd64.pyd" + } + }, + { + "key": "QWEJ-JpLMitI9Z28ScSjspzBDWoAhgKestbjQoYL59AU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cp313-win_amd64.pyd" + } + }, + { + "key": "QwtcFGNW1ddSsgD8aNxTGi_ktGOOaFTXZtnMqlp1f0p8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cp313-win_amd64.pyd" + } + }, + { + "key": "Qx_uComQXTyLNrdtZpFTfAwCFds1vA69KpncNOIRlPV0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cp313-win_amd64.pyd" + } + }, + { + "key": "Qx6EA66xKLotK68WJiM5YLM8mcQPqW_OlA3hbkQO6-b0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cp313-win_amd64.pyd" + } + }, + { + "key": "QX8MuycnDOHYsAtGIK2Sv3WF6UcErdm8ljeA1P9GzeX8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cp313-win_amd64.pyd" + } + }, + { + "key": "QXcJ4oksTHQMcR7OGRH6Zj5MrEWdSZX6DHYTHntzwLcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cp313-win_amd64.pyd" + } + }, + { + "key": "QXFxHY0DAQdQdFC-4MlAECryEaElTj0uq39oWeXSqm5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cp313-win_amd64.pyd" + } + }, + { + "key": "QXYVbtN6xZagp2f8SwmDKmKITVuqET0mAdclZpO7ONb8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cp313-win_amd64.pyd" + } + }, + { + "key": "QY2oW0f7DgL6nhTghBukgWbuGFRjz9C7Cx4Dr8hH2lNU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cp313-win_amd64.pyd" + } + }, + { + "key": "QYDsHh4KogoY2yS8rqhGoqeZqtZGO7Niclj0sCqin2ys", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cp313-win_amd64.pyd" + } + }, + { + "key": "QYO5ncYE8xJfUGncV4MKnRi19y_sc3H7Pup80MHo86DI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cp313-win_amd64.pyd" + } + }, + { + "key": "QYQgqPrGCOUAcK3LB-tfEq8quxbLwRll5hufYLkkDSmE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cp313-win_amd64.pyd" + } + }, + { + "key": "QYTdcCtrHfqn4G1p8yG5fK01vd5LHYqtUfucX49RK-eU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cp313-win_amd64.pyd" + } + }, + { + "key": "QyWEIQJ1rNeDx_TLYcL7xyD9mVeBzHXorukp_uDxmQrw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cp313-win_amd64.pyd" + } + }, + { + "key": "QZ-W2HBIopzhHRAO2n8uvG3XrQdqQ4TEzgBs4ZO5YhEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cp313-win_amd64.pyd" + } + }, + { + "key": "Qzi1IP23vy5pAuJsQWeax3meQpmjg2th7bU7arJ4qR60", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cp313-win_amd64.pyd" + } + }, + { + "key": "QZI8vnH6ATN8-eF7UxQaoY3f3_lmaFeJmFVARbIxAwvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cp313-win_amd64.pyd" + } + }, + { + "key": "Qzps7nc60FmGK9-DIo-AmYBlHLTdlrpj_zqdIG6YslsU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cp313-win_amd64.pyd" + } + }, + { + "key": "QzxaoFchej7rigZL-o95fbpD2vTcRZLz9Uqag_uas1xs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cp313-win_amd64.pyd" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QeuBSCOQkl7HbtatRUjX5q24qMxBi-fMAF70MUTEDrbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QyAhTDyd5nIdAwvBXzdn6Dn1D4roP6nVzDA03ehFnP1M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QeuBSCOQkl7HbtatRUjX5q24qMxBi-fMAF70MUTEDrbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QyAhTDyd5nIdAwvBXzdn6Dn1D4roP6nVzDA03ehFnP1M", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q_OUXZDpuLSrkA-q_2zofVRrv2D9SuBNSDwdTFPX6fDk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QeuBSCOQkl7HbtatRUjX5q24qMxBi-fMAF70MUTEDrbs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2S8w2I1T3DJ5BHSGHOUyP9ZltvHCHkhPqqrBFNWmZig", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2be33nkr9avBEFmcgbEqX4vHEPfysoTpkxBFPhNl9NM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp38-cp38-macosx-10-9-x86-64-whl", + "id": "15904524882", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 35693402, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Q_8lD1pdLz-HJ2BvbaLRpcelh96D7zWoLjMD5GQlRjDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-38-darwin.so" + } + }, + { + "key": "Q_ANMQdeRqfW1PIyzs0ineNblqaH-IAEYh1SiKP2Fsac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-38-darwin.so" + } + }, + { + "key": "Q_vmCe5GhCGpDGjX09sNcIwuUSKPpIoFtSpcvIG7xjV4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-38-darwin.so" + } + }, + { + "key": "Q_wR_qF9pbWZtCk-QGCQEQTcXZxINWMzHrVvxn_gw3oI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-38-darwin.so" + } + }, + { + "key": "Q_zVANoy2vWEJYZVtVPOf_yMah5FGuffY5nxXKw5I_nY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-38-darwin.so" + } + }, + { + "key": "Q-9NWIigyTLV0O1jOgR5NAPF1rUd_5a339BvYaw7GR-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-38-darwin.so" + } + }, + { + "key": "Q-FxChIASDlhKY8haveB-IcyguUBD2670gV4d4dOhins", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-38-darwin.so" + } + }, + { + "key": "Q-h3DcvhqWJGDELnL7vTjbFjs53glmOmGfaX9r-si8VI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-38-darwin.so" + } + }, + { + "key": "Q-T8XtNXwlhtnMJNslVXdwykqIt8DdCd4nTI8JUZCstk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-38-darwin.so" + } + }, + { + "key": "Q0Jt2EITa1CpVALvkzxqlBvc9FDqj3PBIZMMYzKzN_BY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q0rY0VjRAZXUkeqsp7Dscm5ci5JI6jOuq68DQKJAsNNU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-38-darwin.so" + } + }, + { + "key": "Q0StFpoOgvr54LJG13xew0yJ1uR5hjOKyS0zAcxFCcsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-38-darwin.so" + } + }, + { + "key": "Q1BKK6WusuSkh0rrnIve3XQHat-_1Wn2uqjEF6ZD4OS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-38-darwin.so" + } + }, + { + "key": "Q1gdhmyEvTiRk4PK4AL5vErO3MvxTJrbpwC8hE5aVBvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-38-darwin.so" + } + }, + { + "key": "Q1q1xpYtxmEztzkAViaWFjjXp1zAdkVfP1KqcOg-BsjM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-38-darwin.so" + } + }, + { + "key": "Q1QNeBqWNDVg3w9y0h9icpnhjfotbFgczlIo_u3eSPlY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-38-darwin.so" + } + }, + { + "key": "Q23s1xEJkUmYH3evamxi1Kr9eKg4kvRmGN9zNfvi5ITU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q2nriqA3S5ls8ggSkiAqcUZ8g8llFRolTs7HLq5uNpOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-38-darwin.so" + } + }, + { + "key": "Q2t21BF20LYFWMWIp5ZrTq3RR1yMX5JYMSyR-oRFabxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-38-darwin.so" + } + }, + { + "key": "Q328YeNiSh594Qva4gwoC5MnVnlGR_JWmkKC9XAT1G-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-38-darwin.so" + } + }, + { + "key": "Q3JXbFFU8YqDAQ7bvXlOVNsziuoNW-UuEVDm2HdDocgQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-38-darwin.so" + } + }, + { + "key": "Q3vTem-C2sG1szEzYzx-fdt46JNHiVSdiYaP7Fp-2FTY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-38-darwin.so" + } + }, + { + "key": "Q48IKAvjmotQloBY6i4Shr4QcXudV8iTtHJQzhGxXPZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q4anRBbWk1djm1fx_777R_-mclD5ujPyd8mkl5KjnQfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-38-darwin.so" + } + }, + { + "key": "Q4FtUSofMrr9GR0lCsbrQBjSmZ0o2y-8TmoUrqjtj8D0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q4hkj159hfu6mfw1TsIojnEc_mp5iX53NBIIuvoiBP_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-38-darwin.so" + } + }, + { + "key": "Q4ZnhZ1cnDljyvGS0YKcwps95V6xDcSCWSbwm_DUMjhY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-38-darwin.so" + } + }, + { + "key": "Q51AZCJyXHmi5vE1FDWIMcywMHxZok5_cpP0Ofm5j1Ng", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-38-darwin.so" + } + }, + { + "key": "Q5BKcrVMY-J20vjT0YZ4SrSKg4Lf5r5z9S27Vv2j_XvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-38-darwin.so" + } + }, + { + "key": "Q5ntefabI7hP6s1R_RnQFMSzZFTJ4yp3wQF1X5flzggE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-38-darwin.so" + } + }, + { + "key": "Q5OPXRTfwswGk3TQmBS4w-4nrZV5u5BaWi_P8-uJUmBk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-38-darwin.so" + } + }, + { + "key": "Q5RR4hG_Y5gL6J_4IZonRCflNl5mAat-CMG__ElkVzog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-38-darwin.so" + } + }, + { + "key": "Q5ZuXkRFxioRETn1Kn88hlc9hHI01gWqwXNMUGN-gnss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q6-83wpJqxodYEztYGDdZSNRtoFD-YUSGhBm-66b50pk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-38-darwin.so" + } + }, + { + "key": "Q67AhJvQaIuevdxP7vCnDiCCgwLWZF39u9SMv3B7ZXbY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-38-darwin.so" + } + }, + { + "key": "Q6AxNJo-xPZhDsKs3DHjflct_YTn2RGmSvaOac3dugQE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-38-darwin.so" + } + }, + { + "key": "Q6Edxt7BgZk5ogJ9LgzCmKfpnQbZJ5qQ6tJlA1L3LE-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-38-darwin.so" + } + }, + { + "key": "Q6IghtrZt-6IbdzPZDE2brkWg3L5jh-ek2_CZ98m4uGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q6ld2-BrGWCxfeJSK_nfCfAf6emiZPOz3neOlqKJqehY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-38-darwin.so" + } + }, + { + "key": "Q6NTQu0x-NDCOEoSnernObleVLFYJL95Rpt0WtXYYiXI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-38-darwin.so" + } + }, + { + "key": "Q6wBvGJJNSMlz_zCBIDBplOzy0K67190h9JVSKixvAdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-38-darwin.so" + } + }, + { + "key": "Q7RPFw-MjXjgl2tvOB844WdeZPLulA78TtAVBuP5JMik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-38-darwin.so" + } + }, + { + "key": "Q7TOEFeylujARgNmjelRR1Q4ce-EMIpXw-GUoaZ5tN34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-38-darwin.so" + } + }, + { + "key": "Q8-ORCla2qDb2Nq7ijh400X1seTWIHApjIApAn8PM5y8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q88Ai8ZE3aXjwh_Z3v-JU0Dbt3Wxrsd7dm8O577QrhNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-38-darwin.so" + } + }, + { + "key": "Q8e7_t6gF3bqJn3xlO-K0qvH-E1PPbmt4f7iVre1hY-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-38-darwin.so" + } + }, + { + "key": "Q8FTE4H9ii1idmLOF2vLkoDxuMQtLI-9i1Lnp6g9XF38", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q8mg55ZN4l-jo2L4xDCSGRyFXyA3egy420wwR-6LG2Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-38-darwin.so" + } + }, + { + "key": "Q8nXmPLtIxq3W-PZCmFOecwaPLkJ5rqzUyc6MKwgC-L8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-38-darwin.so" + } + }, + { + "key": "Q8wFes12nWRbgqUNFp_WpACgsmx2uo71s1gbKAkXTYcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q8XRPuhEvAQ1TNy0yYHiURADpH1dANSTg7QekbvZKjiQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-38-darwin.so" + } + }, + { + "key": "Q93eUhBrkpv9VenBVD-WgWEAHDPqc72pR7jbDvFkoFEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-38-darwin.so" + } + }, + { + "key": "Q9DIXv79Bp-i6eWb9YSAppQXQ54F_Isw6O6Ff07RlsXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-38-darwin.so" + } + }, + { + "key": "Q9JddlTludwWIazEikVdfum-3cXRxAVAME6Pib92ZKFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-38-darwin.so" + } + }, + { + "key": "Q9VHYz8EzQUJ7lnsJpCmXXxkFqGMUMwEW0maH10Pw540", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-38-darwin.so" + } + }, + { + "key": "QA9sULu8h4Xlmx9b0woSmCIeNggYjg07Fibb7WciIF80", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-38-darwin.so" + } + }, + { + "key": "QAbtMl38_ryhkkQVhuJQiBjU0Lznc2M-sESyOR2HOIqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-38-darwin.so" + } + }, + { + "key": "QaDl71YFj2B9PJFm6u7o9sOHt5y79loa0x42bGBP8_ro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-38-darwin.so" + } + }, + { + "key": "QaIv5EvgDy54hFkiY76MjRxWBVX7csv098QP0Th0DaZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-38-darwin.so" + } + }, + { + "key": "QAKiBkoCh3QU28xAcKugKMUd7Z5lmKC1qrC3S-WDaTVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-38-darwin.so" + } + }, + { + "key": "QAmUL6Fn47KU9u_R8iRpyOhrgY-_R-4kzojZ3WVlTA1s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-38-darwin.so" + } + }, + { + "key": "QBVX5UTyX04QtDwMbwipCq_OJ-x2iq7qFovo-ewxM9bQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-38-darwin.so" + } + }, + { + "key": "QBzvLO42Ji0BLFd26CN7mtk9eQBTyL-W6xZAV5kbGoak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-38-darwin.so" + } + }, + { + "key": "Qc9TI6thCSOIXr2__sQLrgWFKxWNtJOjM1maIujdUQWo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-38-darwin.so" + } + }, + { + "key": "QCChhEtkowUoFaUNvXrGVramt3sIA3NnnBYe4WPUMNjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-38-darwin.so" + } + }, + { + "key": "QcEaUO4ff-l5xrFJgNCBaWznWjPbQeE543QzN91jnBo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-38-darwin.so" + } + }, + { + "key": "QcFf7HnAxUc2T_oRT4Iwel11HEewmuOberDkODWtTYZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-38-darwin.so" + } + }, + { + "key": "QCk_x-H6Vz6nikhKn1h5cp2PrOYOnHe6o9hJ_JZK__wg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-38-darwin.so" + } + }, + { + "key": "QCTwNSvel5AQ00iu-VBCQWn9DmoG-fgLFWlMwiM9K0vo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-38-darwin.so" + } + }, + { + "key": "Qcu1tVXE7qdZa3A_NKeA720Qa-TPgx1KKVsb3yD8NrvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-38-darwin.so" + } + }, + { + "key": "QCyGj3l8dlMxmuz6zgRi2DvBoUL-NpNbkUXpZhPDUS2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-38-darwin.so" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QDFZn4qXizSOxQtHYropgULUlXNlDzjKMhqNK3U-9IFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-38-darwin.so" + } + }, + { + "key": "QdGI9Y_1tsoQHVKBzlOEIu-_BMl3PEByMo3V5ovz4glQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-38-darwin.so" + } + }, + { + "key": "QDn05JVwFhIOcE2KuUnXYKclMMIeunrcFxAJoLhtvyXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QdOKyAxv6TlULzeH7UoSnnGrijICf5D0X3HV3M60odeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-38-darwin.so" + } + }, + { + "key": "QdYM2bm8muBPj12h9opF10PP9IGYGMXLvehbJlvAAn2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-38-darwin.so" + } + }, + { + "key": "Qe-q-pLIg1p4xatX6bnB1ybFDlOodvy_4mYm1FEStN_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-38-darwin.so" + } + }, + { + "key": "Qe0yrqeIJgPI7XF6NZnQcBTEneJmq4lqsHgu8xiRTIKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-38-darwin.so" + } + }, + { + "key": "QeLBmgLoCpwtZnvBnWTZHPFkm9oZ3KpGUSbw-SeE8pzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-38-darwin.so" + } + }, + { + "key": "Qf_UTh5lEYqKqiaUFYQRizXJL2q1im7FTsp6X2UijGDU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-38-darwin.so" + } + }, + { + "key": "QF4Oc5XT9l0ZLgDgGpB1XfzY7EbOaDReZQeA4-16Onuw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-38-darwin.so" + } + }, + { + "key": "QfArXAogy8vHWv67BZOOxcicTRPdI4_yOIkajnuJOfQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-38-darwin.so" + } + }, + { + "key": "QfbvqUG9huKRpeestv9dofP_V2lOl2jtzESo_CAPcPc0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-38-darwin.so" + } + }, + { + "key": "QfDYofrnicuPagCYUqV_mDffQiJ-5bSt0gv3dJpsw2N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-38-darwin.so" + } + }, + { + "key": "QFFPPfc-IBDuL22cG50bafLAXE9NLLbrRw8EUWscjlvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-38-darwin.so" + } + }, + { + "key": "QfjJo5otyqR_lu9GEeHB_VdohR6W9nZMMvFFJ2c-P-sI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-38-darwin.so" + } + }, + { + "key": "QfK5kKFWU-LFTGWKh6JgkAcCqkJtx60MKJgPj0rQnmW0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-38-darwin.so" + } + }, + { + "key": "QflzGTrYuSHSeD-TfKDp0DsqiXMBF5u6XG3vrC-TibAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-38-darwin.so" + } + }, + { + "key": "Qfor6D-ys9-Q4YoyD5G17IvCgiq2FpNxd1-vNfYS8jnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-38-darwin.so" + } + }, + { + "key": "QfzGC9vxlvKfLzRgbgoW7Og8Ekk76WK66Tn6i1nURXcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-38-darwin.so" + } + }, + { + "key": "QfZHyYeuL4DfwDeuODMArcQ08twnuSYFWPne1fVdaC4k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-38-darwin.so" + } + }, + { + "key": "QG-nP__u59SsgBAvFptBzinW5oeFX1swf6e8ndAN60XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-38-darwin.so" + } + }, + { + "key": "Qg9yqUX70wC31WddeoQKiqhIJ8TAvhD5_REAcpJNhMfE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-38-darwin.so" + } + }, + { + "key": "QgAdXnlfxbTL0LcXl-gt4g20b6v6IMz3IIBJhbJRmPXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-38-darwin.so" + } + }, + { + "key": "QGejLQbYm5ui7H0nUrjMD4q60GiRKV9de4dWK2Ip5j9w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-38-darwin.so" + } + }, + { + "key": "QGfR4w5ype_BFU8RQ-W9qQglczGlPFfLPw9xqZxAlVos", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-38-darwin.so" + } + }, + { + "key": "QHc6TMm5O3D5N9c5AJ3speBUJekB5Yh3bDzjUJ_O6W-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-38-darwin.so" + } + }, + { + "key": "QhNSUfA8rQwBpp9Tn4xF80br64e2VrKr3gfjx73aW_AA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-38-darwin.so" + } + }, + { + "key": "QHO2Srd_a4WMSKIx-45vhy2EOHlfu9Vix-vJIiLZrGT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-38-darwin.so" + } + }, + { + "key": "QHpgaekI7nNU3Qw31AkHn8M0_4mV8kMZCOD60gjEbHyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-38-darwin.so" + } + }, + { + "key": "QhrabMaMn8WzoSwPDk33PbkJ01TeBE9egkmKd21CMocA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-38-darwin.so" + } + }, + { + "key": "QHuFJMyAxTsIWxR1qt_JUC27UjJaUyX8hzaJ0BeCnFuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-38-darwin.so" + } + }, + { + "key": "QHvDq9BcnVfQZU4zW6KnmqzQuV_lHYYXgKHP0RhxbOPI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-38-darwin.so" + } + }, + { + "key": "QhXF-ZAJTpquZDBHFdH6N6LjmJmNO7F6qILd7-DEuWOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-38-darwin.so" + } + }, + { + "key": "QhZnGFBIZdVWkW13Y5LTF8-Rgd6hT07aX1MO27JDxz00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-38-darwin.so" + } + }, + { + "key": "QI64x-9po87o9uJzg3Re4-QFlm3Txvu5NrdIPT7o77Fs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-38-darwin.so" + } + }, + { + "key": "QI8SQK39EwZGKr2yuuz7X1n7sBf3m59r2y86XnjGymDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-38-darwin.so" + } + }, + { + "key": "QI9yu_HdSZ_EI90U1pyH7RcEYUlvcf_leh5RGQxR07lE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-38-darwin.so" + } + }, + { + "key": "QIb8xpkRg3qn8uoORtSatbjeQmaCOE-MMmQ_QI0cKVZ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-38-darwin.so" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qc6-1SM1l07ceo6X_UCCskUoK9Mx51iTobjYvuZJ0suY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QljeZyLI83gXdrkgmcKIoCsCNtC5WplWktrJ1jQWX24U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qc6-1SM1l07ceo6X_UCCskUoK9Mx51iTobjYvuZJ0suY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QiH78AB6PTBkG859zEoLmnRZN4H3SLxeCnSbOcA-5D-I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-38-darwin.so" + } + }, + { + "key": "QiL8TguqBhMlh2uIUyd_uLOsb52KKBZoSGl4sR8LRaKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-38-darwin.so" + } + }, + { + "key": "QIRm6SSc7gwwc97DbpPmxVNy_OWLhWKsBC_ZAvkoju5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-38-darwin.so" + } + }, + { + "key": "QisAPjUytZvRNHi5L5oB4jfH3VlkJb5So9tmNzBNkjEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-38-darwin.so" + } + }, + { + "key": "QiuqT3TnHVgwzZKoqCddAXoZBU1SkH-DsJgJUI2eE1S8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-38-darwin.so" + } + }, + { + "key": "QJ6mu7J3Bw-geYA4lH0jG9GTgRWWD1flZLaJ9SK_zoC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-38-darwin.so" + } + }, + { + "key": "QJdAyz1eOFr49L5voOLtW1CF_ST4EPMg4CQYiuIgU_x0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QjhS_CgzIK3f03ZjxXnY3sb89OALHqdGM09CBz6ut05Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-38-darwin.so" + } + }, + { + "key": "Qjk-ymjua27CH2ztONIACOghVeWbcFFwy2zLkmLPodGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-38-darwin.so" + } + }, + { + "key": "QJKagGZBVLUhOuF4i1zOh0jhAq2d-eEb211xb6dz3PP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-38-darwin.so" + } + }, + { + "key": "QJsKOlU7Ct23Cubo6G-JJLtDcFl7gikH6CldRh3be1Vs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-38-darwin.so" + } + }, + { + "key": "QJw4YRdAwTf6jIjAtKfpOmu4IPPM8xgKGVuEtCLOTbrk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-38-darwin.so" + } + }, + { + "key": "QjWj7lXzAPUEyzS6lwQ29NHVScRKp7skpAioo2fFJFgg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-38-darwin.so" + } + }, + { + "key": "QK_2dtqihKBdhybJP2llr1zrsBMC34_YQfXL9K7mYsK4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-38-darwin.so" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qc6-1SM1l07ceo6X_UCCskUoK9Mx51iTobjYvuZJ0suY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qk_edfJaINwUdRk0_FoRGZWCw0yOMGkdqP7qMkK0-QO4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-38-darwin.so" + } + }, + { + "key": "QkAoajQ1kBe0Vb7hTcWdJFZBWQ7O9lNGjZgrPOZVKTw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-38-darwin.so" + } + }, + { + "key": "QKaSPq4E3lF1s3xq0K3cfWvzS03EGl0Fz5c8jRBFudiA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-38-darwin.so" + } + }, + { + "key": "QkBqLF2f0COrtRiJ-bhrzwzVjRgOQAN_s9B-eBEVQtj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-38-darwin.so" + } + }, + { + "key": "QKKN7HPUsLokZgo78V3hBU85fkVtA4lqwRyP8RTy99zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-38-darwin.so" + } + }, + { + "key": "QKNSP4gmEstG3lY-fDw7DcWdh9E2-VvhBiMi6l2ULQBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-38-darwin.so" + } + }, + { + "key": "QkOrlcuPqFE2Ikf3x49d_0rlAQ08uD-H8wMEVNncYIwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QKxGb1UrCYu_Ut8RpDtkns7WPqqigRYE1l-7Dgy3t3OM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-38-darwin.so" + } + }, + { + "key": "QKXsz0DKbY60lU21bb8YtMckdA1lmqxc3x68MsmHx6Jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-38-darwin.so" + } + }, + { + "key": "QlezEoLL5QZucSHL53kc0fdi-b_9wy5LwLsrhAQRW6yg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-38-darwin.so" + } + }, + { + "key": "QLP0xCmZ2LwhgR0q9PsqBaVu4Q9ip4quuVnbDBnjao5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-38-darwin.so" + } + }, + { + "key": "QmiS_UiepeW65qp_dkN13H3wyefRARN6aYR0sO4jWxy0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-38-darwin.so" + } + }, + { + "key": "QmK1e8uY0Tsfy_6jcNiEI3IztGZ90fp85--Xey44N11Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-38-darwin.so" + } + }, + { + "key": "QmPwk3_c6Jj0XnO2YvkZo_lCRQHdxYgTYIlgAlZEO7GE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-38-darwin.so" + } + }, + { + "key": "QMXkTZTGm756Z5aaNJWjzJ5vIYV-45_vTbRjFTPOIeQ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-38-darwin.so" + } + }, + { + "key": "QNEKZwoi5fhr9Eq0ElK0QxWfX0Luy6fl7Qdnz5-BBRqs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-38-darwin.so" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnJs3gmOj4KKvfhEziLLjE7hSIq_BxtFWFgp_m_7qFbc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-38-darwin.so" + } + }, + { + "key": "QnlM8QbA3nSUKBrVRxEDOUJKIWRNkoZ-XZyZu1MqfZ_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QNMIcp_0NCaFyxWJEryg6DkhPijfSBZqIt_suZfYLIlE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-38-darwin.so" + } + }, + { + "key": "QnoSqr2QC5qEV3JJ_WMunMFJfyMXYxawJkZpMyKRLsoY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-38-darwin.so" + } + }, + { + "key": "QNQ_NCdsvsCYQ0JARWUlTzk6fZCIUK868GOTOnY57Gpg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-38-darwin.so" + } + }, + { + "key": "QnTtYV-LZSPCaoJqKyPh1i7WYxdp_CwJ3ZdaD_834qv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-38-darwin.so" + } + }, + { + "key": "QO-H9j-z2I7eM2jcJdfKGH7ER8iKy1dhFSROVMB9IMZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-38-darwin.so" + } + }, + { + "key": "Qoo2lZZH_-C-XRqkWcm88dkUzRsJ0y6khZ_D4TooVCB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-38-darwin.so" + } + }, + { + "key": "Qoq-Zh7vRivQquO57_A2EeZ39PyyiLiFZBePYKG8rwqU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-38-darwin.so" + } + }, + { + "key": "QosGHtXx8oOHCPjXXxWda5vb0ik0cz9BrR_gEKUfBWrA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-38-darwin.so" + } + }, + { + "key": "QOt1sWuLbdSP_I6X0Vvemy3SCuCyRUqgVErnA4HEhSMg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-38-darwin.so" + } + }, + { + "key": "QOTaPwjF7GD5RjJlGvszipfV0aW1x_vObYnvaYO-KQdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-38-darwin.so" + } + }, + { + "key": "QpkLszH8hgdtMOsy0ja0wfDRVSYrK4joHp_28DyTpaMw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-38-darwin.so" + } + }, + { + "key": "QpuKw-Pp7EMddXhrb6Xp6Gvz1UXQP8JJ_P0XWjSujvQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-38-darwin.so" + } + }, + { + "key": "QQE6AVqBIbS3Yu0EU67PfPnwJ1Nm-_w8wRROiCZO0vzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-38-darwin.so" + } + }, + { + "key": "QqGOmizhCed_5KaoU7JSwYKQuTlPCLuLgi8g_hgq5Jgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-38-darwin.so" + } + }, + { + "key": "QqPS_3oo0ZJK5FHjG94kabTdz4kt0Wfi2psoEW6qFmZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-38-darwin.so" + } + }, + { + "key": "QQzmUPTBOhxDZZDRZlWGKgFsh-XUzl3-APE6iWOou52o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QR1PIIdEGAIYeSeTqtGUDdgrwfrTy7UoaoD9dYh437j4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-38-darwin.so" + } + }, + { + "key": "QrDgaNDQpZYq1TRJAWycF55vhkkqcgicPIvwVrBINtBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-38-darwin.so" + } + }, + { + "key": "QRfUJby8SzJM7aA0smmX59M18AzMaWgSt4lgx7Z1kTkE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-38-darwin.so" + } + }, + { + "key": "QRNZb0qN9nkWSphJiEqZ6bEbol2su40Mkd3a7go2OsLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-38-darwin.so" + } + }, + { + "key": "QrpfBlAhMJ--OJcQIXegZekhsawmqviswqAnqURYg1ZA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-38-darwin.so" + } + }, + { + "key": "QRUvJX18r32jyQz5nCCREs1GscxofSQ1x91G5GLKMHVc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-38-darwin.so" + } + }, + { + "key": "QrVqDHfOVIxF4UPHrwcUt3-641AnJ2k23h0OHC3B-kas", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-38-darwin.so" + } + }, + { + "key": "QrxJyQAZRJlYW9M6kEXwJnDhoHKLAZsTNQPcN52wrRhc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-38-darwin.so" + } + }, + { + "key": "QRxlLdzCAmNC-FKq7JKOBhD5XRWSRkU7G8HvowhcF1vY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-38-darwin.so" + } + }, + { + "key": "QRZAa4jMp0jbvjo0sA-X69m3Pbm9C7SfY5NvHmPCDtrE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-38-darwin.so" + } + }, + { + "key": "QsJo3fHy8NW7RUkL0CIQ-66vCjQ1piN450bVCfS2RTck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-38-darwin.so" + } + }, + { + "key": "QsUlupoMBHcB0ZN4GsAs3iFBVSuIjjvjIc_xswxVWznM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-38-darwin.so" + } + }, + { + "key": "QT21CVXm0CtUC6l0ryJKot9HOVggJleH3TWX_5DnQFvc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-38-darwin.so" + } + }, + { + "key": "Qt81HYjsBgTevbn0vjRj7zS5PIXCnLZ6u3xT3o2xO-A0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-38-darwin.so" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QljeZyLI83gXdrkgmcKIoCsCNtC5WplWktrJ1jQWX24U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qc6-1SM1l07ceo6X_UCCskUoK9Mx51iTobjYvuZJ0suY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QljeZyLI83gXdrkgmcKIoCsCNtC5WplWktrJ1jQWX24U", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qc6-1SM1l07ceo6X_UCCskUoK9Mx51iTobjYvuZJ0suY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9GxgdqBUDMdGW-wuG-J08QVtZQHOApHYSZ5CzrEpx0k", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Qto3S5pzYuVuj3BvGfURea5KZMO_kYYmWkQrCSFbJ-XQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-38-darwin.so" + } + }, + { + "key": "QTQo2bVxaoy7J1vC9Uf4zZRB1UntLM11g-ZAtRNLTnx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-38-darwin.so" + } + }, + { + "key": "QTtOR3JFqOSykfNv4AzKdtPKZ5O9XGjfEk4m5yzooyFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-38-darwin.so" + } + }, + { + "key": "QTvzjzZ2HTGJMOL4_IaQx6htnC6xqVCIiyqI9TpFq3jM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-38-darwin.so" + } + }, + { + "key": "QU6gWXTCdaMRgx3O4WN7BJ6u737Zna3zyh_aN9V-cA2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-38-darwin.so" + } + }, + { + "key": "Qu7wzv_Wnhd9K10cxm5eiayI77pJxXfLp4z3CZAXjGmA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-38-darwin.so" + } + }, + { + "key": "QubXfoYOhwX1xQ6wNLsv3JnoE5BMGLb0Gs8Vr5BBCG_o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-38-darwin.so" + } + }, + { + "key": "QuDjEjTF_AJ7NEFYOW_dC2djonDE1xSSkwoJWyZAHbqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-38-darwin.so" + } + }, + { + "key": "QuGidfNNvm3QZe2t8SRBoMw_MsNU7uZ-YCxnE0jbTB_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-38-darwin.so" + } + }, + { + "key": "QuI2dh-Yc0NazaPnaN69nKtqZa5PT15ho_J9WiZsPbpI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-38-darwin.so" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qc6-1SM1l07ceo6X_UCCskUoK9Mx51iTobjYvuZJ0suY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qus3SNf-zT_XttSF3rK1fRPUc-gpbUhqNqRNKX3PaNnA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-38-darwin.so" + } + }, + { + "key": "QUYGM0uQZ2Ssf6wWARqM5NCBlMfICBCW347VopzNTGBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-38-darwin.so" + } + }, + { + "key": "Qv9UZ0IBpHqpU5Vf6rrp6UmapvdPxIxWeWv6_nBxG0L4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QVBw_8fsN837r3VenYQwEOMrPt-zok6sBT_d8HUNRiN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-38-darwin.so" + } + }, + { + "key": "QVhLrooqNzUNqldm7iIUg9YkwdVMbWDOf8HAJ3p361qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-38-darwin.so" + } + }, + { + "key": "QvPDaQtbUeZANiCAqmPIx7dRRbHTHjAAxykpNymfkpIY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-38-darwin.so" + } + }, + { + "key": "QVQN5KkWFk4CcvY3KZEDGqzQkx1AYJJu8eDyLeQ4EPjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-38-darwin.so" + } + }, + { + "key": "QVUPaHMaDyebloCIhQlp609MMB_adqWchpi3mNTiRrP0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-38-darwin.so" + } + }, + { + "key": "QvX9P7FzXa72Cpcu3bpcr5-kFB9iP71QijzChVFcTQNM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-38-darwin.so" + } + }, + { + "key": "QW_8lZpQdXcogE11iI4kGwVfUUzSjZ-lv7rSvPs0eyeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-38-darwin.so" + } + }, + { + "key": "QwdcTK-dvIc_T8STlN9MWSTzikrnzFSwbHL1kldBb_ic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-38-darwin.so" + } + }, + { + "key": "QWGKTTRfIjdgs3xPktqvfS0RhNQi94ipQI8GIp9aou88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-38-darwin.so" + } + }, + { + "key": "QWlZ9avpHFTptWaI2XUkfE7JSMNKUDn2kPdr_1Oa6h_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-38-darwin.so" + } + }, + { + "key": "QwoyL2xBrlffJIhSpktu3l8Y41j41qhQp45G-wpSxPCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-38-darwin.so" + } + }, + { + "key": "QwPOJQMXjlTJZ8h9YpQeKMwPfVSTT2ZrCugbjAfPCmlw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-38-darwin.so" + } + }, + { + "key": "Qwt26BPnC-t4XZ7BhH1oFHDl2bbiiE2mmePNj6dj0i5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-38-darwin.so" + } + }, + { + "key": "Qwt5gaEJaapExUssfVsTPwwyaYIs-HJDWAK_OwN0kgsg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Qwzbeh5NrtP9O028iLLZv7xN5CqkNaE32dmBGOPCYPgY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-38-darwin.so" + } + }, + { + "key": "Qx_R0Wtw6F7H430lVVI27ULowi7UlrPLAoCNbwDfQaIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-38-darwin.so" + } + }, + { + "key": "QxgEyLJOg9yVmxv4RNOT1EmdYnQuPrBZgtEjCRRf2XNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-38-darwin.so" + } + }, + { + "key": "QXiEfOsVxsl4v9loQHzPEqrXhSiMogiPaZB7ZWW_zw2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-38-darwin.so" + } + }, + { + "key": "QxKAb4glJUKlOydOz7Ohzo67u0d6HDdNqRNJYMaA3NiA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-38-darwin.so" + } + }, + { + "key": "QxTlA4oKzJTonEJqHL0S_fPq773ZR6bQajzinxGNBCe0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-38-darwin.so" + } + }, + { + "key": "QYmfU8sSFqwtta5wQTWrSB_7_pe09mN4nSLBUnBZVdlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-38-darwin.so" + } + }, + { + "key": "Qyri21Bp5H98xhJxTXsZRp6MDoia8XSwY7_X5axsAy_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-38-darwin.so" + } + }, + { + "key": "QzjiAaJ64XfFT8T380XfuxXm8rFoeiZIF7giuIQNQBd8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-38-darwin.so" + } + }, + { + "key": "QZwsF-san6n1PHuqdNwmIhPqB_w_wLhHXNK3Uhie4fUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-38-darwin.so" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qbd_VZDa8VkkO1vZdmK-6HGtlcyY6ZtHaCKalzbQDZmM", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QXwIwmDXSk7Ertu9OIbRAwA64hTblwRtzJVl7yC21Lfc", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp38-cp38-macosx-11-0-arm64-whl", + "id": "15904524883", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45873736, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QQYUoSMHkapI73tbnGSl2c-kwIobSnwI2xIOMOi1PYIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QKTMZA3fvlDi4YW3TgjcOlUqNszqLncPWO0QDdynowAE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQYUoSMHkapI73tbnGSl2c-kwIobSnwI2xIOMOi1PYIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QKTMZA3fvlDi4YW3TgjcOlUqNszqLncPWO0QDdynowAE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQYUoSMHkapI73tbnGSl2c-kwIobSnwI2xIOMOi1PYIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QZwsF-san6n1PHuqdNwmIhPqB_w_wLhHXNK3Uhie4fUo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-38-darwin.so" + } + }, + { + "key": "QzjiAaJ64XfFT8T380XfuxXm8rFoeiZIF7giuIQNQBd8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-38-darwin.so" + } + }, + { + "key": "Qyri21Bp5H98xhJxTXsZRp6MDoia8XSwY7_X5axsAy_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-38-darwin.so" + } + }, + { + "key": "QYmfU8sSFqwtta5wQTWrSB_7_pe09mN4nSLBUnBZVdlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-38-darwin.so" + } + }, + { + "key": "QxTlA4oKzJTonEJqHL0S_fPq773ZR6bQajzinxGNBCe0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-38-darwin.so" + } + }, + { + "key": "QxKAb4glJUKlOydOz7Ohzo67u0d6HDdNqRNJYMaA3NiA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-38-darwin.so" + } + }, + { + "key": "QXiEfOsVxsl4v9loQHzPEqrXhSiMogiPaZB7ZWW_zw2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-38-darwin.so" + } + }, + { + "key": "Qoo2lZZH_-C-XRqkWcm88dkUzRsJ0y6khZ_D4TooVCB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-38-darwin.so" + } + }, + { + "key": "QO-H9j-z2I7eM2jcJdfKGH7ER8iKy1dhFSROVMB9IMZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-38-darwin.so" + } + }, + { + "key": "QnTtYV-LZSPCaoJqKyPh1i7WYxdp_CwJ3ZdaD_834qv0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-38-darwin.so" + } + }, + { + "key": "QNQ_NCdsvsCYQ0JARWUlTzk6fZCIUK868GOTOnY57Gpg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-38-darwin.so" + } + }, + { + "key": "QnoSqr2QC5qEV3JJ_WMunMFJfyMXYxawJkZpMyKRLsoY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-38-darwin.so" + } + }, + { + "key": "QNMIcp_0NCaFyxWJEryg6DkhPijfSBZqIt_suZfYLIlE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-38-darwin.so" + } + }, + { + "key": "QnlM8QbA3nSUKBrVRxEDOUJKIWRNkoZ-XZyZu1MqfZ_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QnJs3gmOj4KKvfhEziLLjE7hSIq_BxtFWFgp_m_7qFbc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-38-darwin.so" + } + }, + { + "key": "QNEKZwoi5fhr9Eq0ElK0QxWfX0Luy6fl7Qdnz5-BBRqs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-38-darwin.so" + } + }, + { + "key": "QMXkTZTGm756Z5aaNJWjzJ5vIYV-45_vTbRjFTPOIeQ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-38-darwin.so" + } + }, + { + "key": "QmPwk3_c6Jj0XnO2YvkZo_lCRQHdxYgTYIlgAlZEO7GE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-38-darwin.so" + } + }, + { + "key": "QmK1e8uY0Tsfy_6jcNiEI3IztGZ90fp85--Xey44N11Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-38-darwin.so" + } + }, + { + "key": "QmiS_UiepeW65qp_dkN13H3wyefRARN6aYR0sO4jWxy0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-38-darwin.so" + } + }, + { + "key": "QLP0xCmZ2LwhgR0q9PsqBaVu4Q9ip4quuVnbDBnjao5c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-38-darwin.so" + } + }, + { + "key": "QlezEoLL5QZucSHL53kc0fdi-b_9wy5LwLsrhAQRW6yg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-38-darwin.so" + } + }, + { + "key": "QKXsz0DKbY60lU21bb8YtMckdA1lmqxc3x68MsmHx6Jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-38-darwin.so" + } + }, + { + "key": "QKxGb1UrCYu_Ut8RpDtkns7WPqqigRYE1l-7Dgy3t3OM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-38-darwin.so" + } + }, + { + "key": "QkOrlcuPqFE2Ikf3x49d_0rlAQ08uD-H8wMEVNncYIwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QKNSP4gmEstG3lY-fDw7DcWdh9E2-VvhBiMi6l2ULQBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-38-darwin.so" + } + }, + { + "key": "QiuqT3TnHVgwzZKoqCddAXoZBU1SkH-DsJgJUI2eE1S8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-38-darwin.so" + } + }, + { + "key": "QisAPjUytZvRNHi5L5oB4jfH3VlkJb5So9tmNzBNkjEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-38-darwin.so" + } + }, + { + "key": "QGejLQbYm5ui7H0nUrjMD4q60GiRKV9de4dWK2Ip5j9w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-38-darwin.so" + } + }, + { + "key": "Q_8lD1pdLz-HJ2BvbaLRpcelh96D7zWoLjMD5GQlRjDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-38-darwin.so" + } + }, + { + "key": "Q_ANMQdeRqfW1PIyzs0ineNblqaH-IAEYh1SiKP2Fsac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-38-darwin.so" + } + }, + { + "key": "Q_vmCe5GhCGpDGjX09sNcIwuUSKPpIoFtSpcvIG7xjV4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-38-darwin.so" + } + }, + { + "key": "Q_wR_qF9pbWZtCk-QGCQEQTcXZxINWMzHrVvxn_gw3oI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-38-darwin.so" + } + }, + { + "key": "Q_zVANoy2vWEJYZVtVPOf_yMah5FGuffY5nxXKw5I_nY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-38-darwin.so" + } + }, + { + "key": "Q-9NWIigyTLV0O1jOgR5NAPF1rUd_5a339BvYaw7GR-s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-38-darwin.so" + } + }, + { + "key": "Q-FxChIASDlhKY8haveB-IcyguUBD2670gV4d4dOhins", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-38-darwin.so" + } + }, + { + "key": "Q-h3DcvhqWJGDELnL7vTjbFjs53glmOmGfaX9r-si8VI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-38-darwin.so" + } + }, + { + "key": "Q-T8XtNXwlhtnMJNslVXdwykqIt8DdCd4nTI8JUZCstk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-38-darwin.so" + } + }, + { + "key": "Q0Jt2EITa1CpVALvkzxqlBvc9FDqj3PBIZMMYzKzN_BY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q0rY0VjRAZXUkeqsp7Dscm5ci5JI6jOuq68DQKJAsNNU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-38-darwin.so" + } + }, + { + "key": "Q0StFpoOgvr54LJG13xew0yJ1uR5hjOKyS0zAcxFCcsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-38-darwin.so" + } + }, + { + "key": "Q1BKK6WusuSkh0rrnIve3XQHat-_1Wn2uqjEF6ZD4OS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-38-darwin.so" + } + }, + { + "key": "Q1gdhmyEvTiRk4PK4AL5vErO3MvxTJrbpwC8hE5aVBvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-38-darwin.so" + } + }, + { + "key": "Q1q1xpYtxmEztzkAViaWFjjXp1zAdkVfP1KqcOg-BsjM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-38-darwin.so" + } + }, + { + "key": "Q1QNeBqWNDVg3w9y0h9icpnhjfotbFgczlIo_u3eSPlY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-38-darwin.so" + } + }, + { + "key": "Q23s1xEJkUmYH3evamxi1Kr9eKg4kvRmGN9zNfvi5ITU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q2nriqA3S5ls8ggSkiAqcUZ8g8llFRolTs7HLq5uNpOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-38-darwin.so" + } + }, + { + "key": "Q2t21BF20LYFWMWIp5ZrTq3RR1yMX5JYMSyR-oRFabxA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-38-darwin.so" + } + }, + { + "key": "Q328YeNiSh594Qva4gwoC5MnVnlGR_JWmkKC9XAT1G-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-38-darwin.so" + } + }, + { + "key": "Q3JXbFFU8YqDAQ7bvXlOVNsziuoNW-UuEVDm2HdDocgQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-38-darwin.so" + } + }, + { + "key": "Q3vTem-C2sG1szEzYzx-fdt46JNHiVSdiYaP7Fp-2FTY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-38-darwin.so" + } + }, + { + "key": "Q48IKAvjmotQloBY6i4Shr4QcXudV8iTtHJQzhGxXPZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q4anRBbWk1djm1fx_777R_-mclD5ujPyd8mkl5KjnQfM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-38-darwin.so" + } + }, + { + "key": "Q4FtUSofMrr9GR0lCsbrQBjSmZ0o2y-8TmoUrqjtj8D0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-38-darwin.so" + } + }, + { + "key": "Q4hkj159hfu6mfw1TsIojnEc_mp5iX53NBIIuvoiBP_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-38-darwin.so" + } + }, + { + "key": "Q4ZnhZ1cnDljyvGS0YKcwps95V6xDcSCWSbwm_DUMjhY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-38-darwin.so" + } + }, + { + "key": "Q51AZCJyXHmi5vE1FDWIMcywMHxZok5_cpP0Ofm5j1Ng", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-38-darwin.so" + } + }, + { + "key": "Q5BKcrVMY-J20vjT0YZ4SrSKg4Lf5r5z9S27Vv2j_XvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-38-darwin.so" + } + }, + { + "key": "Q5ntefabI7hP6s1R_RnQFMSzZFTJ4yp3wQF1X5flzggE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-38-darwin.so" + } + }, + { + "key": "Q5OPXRTfwswGk3TQmBS4w-4nrZV5u5BaWi_P8-uJUmBk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-38-darwin.so" + } + }, + { + "key": "Q5RR4hG_Y5gL6J_4IZonRCflNl5mAat-CMG__ElkVzog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-38-darwin.so" + } + }, + { + "key": "Q5ZuXkRFxioRETn1Kn88hlc9hHI01gWqwXNMUGN-gnss", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q6-83wpJqxodYEztYGDdZSNRtoFD-YUSGhBm-66b50pk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-38-darwin.so" + } + }, + { + "key": "Q67AhJvQaIuevdxP7vCnDiCCgwLWZF39u9SMv3B7ZXbY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-38-darwin.so" + } + }, + { + "key": "Q6AxNJo-xPZhDsKs3DHjflct_YTn2RGmSvaOac3dugQE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-38-darwin.so" + } + }, + { + "key": "Q6Edxt7BgZk5ogJ9LgzCmKfpnQbZJ5qQ6tJlA1L3LE-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-38-darwin.so" + } + }, + { + "key": "Q6IghtrZt-6IbdzPZDE2brkWg3L5jh-ek2_CZ98m4uGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q6ld2-BrGWCxfeJSK_nfCfAf6emiZPOz3neOlqKJqehY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-38-darwin.so" + } + }, + { + "key": "Q6NTQu0x-NDCOEoSnernObleVLFYJL95Rpt0WtXYYiXI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-38-darwin.so" + } + }, + { + "key": "Q6wBvGJJNSMlz_zCBIDBplOzy0K67190h9JVSKixvAdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-38-darwin.so" + } + }, + { + "key": "Q7RPFw-MjXjgl2tvOB844WdeZPLulA78TtAVBuP5JMik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-38-darwin.so" + } + }, + { + "key": "Q7TOEFeylujARgNmjelRR1Q4ce-EMIpXw-GUoaZ5tN34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-38-darwin.so" + } + }, + { + "key": "Q8-ORCla2qDb2Nq7ijh400X1seTWIHApjIApAn8PM5y8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-38-darwin.so" + } + }, + { + "key": "QgAdXnlfxbTL0LcXl-gt4g20b6v6IMz3IIBJhbJRmPXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-38-darwin.so" + } + }, + { + "key": "Qg9yqUX70wC31WddeoQKiqhIJ8TAvhD5_REAcpJNhMfE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-38-darwin.so" + } + }, + { + "key": "QG-nP__u59SsgBAvFptBzinW5oeFX1swf6e8ndAN60XI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-38-darwin.so" + } + }, + { + "key": "QfZHyYeuL4DfwDeuODMArcQ08twnuSYFWPne1fVdaC4k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-38-darwin.so" + } + }, + { + "key": "QfzGC9vxlvKfLzRgbgoW7Og8Ekk76WK66Tn6i1nURXcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-38-darwin.so" + } + }, + { + "key": "Qfor6D-ys9-Q4YoyD5G17IvCgiq2FpNxd1-vNfYS8jnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-38-darwin.so" + } + }, + { + "key": "QflzGTrYuSHSeD-TfKDp0DsqiXMBF5u6XG3vrC-TibAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-38-darwin.so" + } + }, + { + "key": "QfK5kKFWU-LFTGWKh6JgkAcCqkJtx60MKJgPj0rQnmW0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-38-darwin.so" + } + }, + { + "key": "QfjJo5otyqR_lu9GEeHB_VdohR6W9nZMMvFFJ2c-P-sI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-38-darwin.so" + } + }, + { + "key": "QFFPPfc-IBDuL22cG50bafLAXE9NLLbrRw8EUWscjlvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-38-darwin.so" + } + }, + { + "key": "QfDYofrnicuPagCYUqV_mDffQiJ-5bSt0gv3dJpsw2N0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-38-darwin.so" + } + }, + { + "key": "QfbvqUG9huKRpeestv9dofP_V2lOl2jtzESo_CAPcPc0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-38-darwin.so" + } + }, + { + "key": "QfArXAogy8vHWv67BZOOxcicTRPdI4_yOIkajnuJOfQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-38-darwin.so" + } + }, + { + "key": "QF4Oc5XT9l0ZLgDgGpB1XfzY7EbOaDReZQeA4-16Onuw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-38-darwin.so" + } + }, + { + "key": "Q88Ai8ZE3aXjwh_Z3v-JU0Dbt3Wxrsd7dm8O577QrhNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-38-darwin.so" + } + }, + { + "key": "Q8e7_t6gF3bqJn3xlO-K0qvH-E1PPbmt4f7iVre1hY-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-38-darwin.so" + } + }, + { + "key": "Q8FTE4H9ii1idmLOF2vLkoDxuMQtLI-9i1Lnp6g9XF38", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q8mg55ZN4l-jo2L4xDCSGRyFXyA3egy420wwR-6LG2Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-38-darwin.so" + } + }, + { + "key": "Q8nXmPLtIxq3W-PZCmFOecwaPLkJ5rqzUyc6MKwgC-L8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-38-darwin.so" + } + }, + { + "key": "Q8wFes12nWRbgqUNFp_WpACgsmx2uo71s1gbKAkXTYcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Q8XRPuhEvAQ1TNy0yYHiURADpH1dANSTg7QekbvZKjiQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-38-darwin.so" + } + }, + { + "key": "Q93eUhBrkpv9VenBVD-WgWEAHDPqc72pR7jbDvFkoFEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-38-darwin.so" + } + }, + { + "key": "Q9DIXv79Bp-i6eWb9YSAppQXQ54F_Isw6O6Ff07RlsXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-38-darwin.so" + } + }, + { + "key": "Q9JddlTludwWIazEikVdfum-3cXRxAVAME6Pib92ZKFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-38-darwin.so" + } + }, + { + "key": "Q9VHYz8EzQUJ7lnsJpCmXXxkFqGMUMwEW0maH10Pw540", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-38-darwin.so" + } + }, + { + "key": "QA9sULu8h4Xlmx9b0woSmCIeNggYjg07Fibb7WciIF80", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-38-darwin.so" + } + }, + { + "key": "QAbtMl38_ryhkkQVhuJQiBjU0Lznc2M-sESyOR2HOIqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-38-darwin.so" + } + }, + { + "key": "Qf_UTh5lEYqKqiaUFYQRizXJL2q1im7FTsp6X2UijGDU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-38-darwin.so" + } + }, + { + "key": "QIRm6SSc7gwwc97DbpPmxVNy_OWLhWKsBC_ZAvkoju5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-38-darwin.so" + } + }, + { + "key": "QiL8TguqBhMlh2uIUyd_uLOsb52KKBZoSGl4sR8LRaKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-38-darwin.so" + } + }, + { + "key": "QiH78AB6PTBkG859zEoLmnRZN4H3SLxeCnSbOcA-5D-I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-38-darwin.so" + } + }, + { + "key": "QIb8xpkRg3qn8uoORtSatbjeQmaCOE-MMmQ_QI0cKVZ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-38-darwin.so" + } + }, + { + "key": "QI9yu_HdSZ_EI90U1pyH7RcEYUlvcf_leh5RGQxR07lE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-38-darwin.so" + } + }, + { + "key": "QI8SQK39EwZGKr2yuuz7X1n7sBf3m59r2y86XnjGymDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-38-darwin.so" + } + }, + { + "key": "QI64x-9po87o9uJzg3Re4-QFlm3Txvu5NrdIPT7o77Fs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-38-darwin.so" + } + }, + { + "key": "QhZnGFBIZdVWkW13Y5LTF8-Rgd6hT07aX1MO27JDxz00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-38-darwin.so" + } + }, + { + "key": "QhXF-ZAJTpquZDBHFdH6N6LjmJmNO7F6qILd7-DEuWOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-38-darwin.so" + } + }, + { + "key": "QHvDq9BcnVfQZU4zW6KnmqzQuV_lHYYXgKHP0RhxbOPI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-38-darwin.so" + } + }, + { + "key": "QHuFJMyAxTsIWxR1qt_JUC27UjJaUyX8hzaJ0BeCnFuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-38-darwin.so" + } + }, + { + "key": "QeLBmgLoCpwtZnvBnWTZHPFkm9oZ3KpGUSbw-SeE8pzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-38-darwin.so" + } + }, + { + "key": "Qe0yrqeIJgPI7XF6NZnQcBTEneJmq4lqsHgu8xiRTIKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-38-darwin.so" + } + }, + { + "key": "Qe-q-pLIg1p4xatX6bnB1ybFDlOodvy_4mYm1FEStN_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-38-darwin.so" + } + }, + { + "key": "QdYM2bm8muBPj12h9opF10PP9IGYGMXLvehbJlvAAn2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-38-darwin.so" + } + }, + { + "key": "QaDl71YFj2B9PJFm6u7o9sOHt5y79loa0x42bGBP8_ro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-38-darwin.so" + } + }, + { + "key": "QaIv5EvgDy54hFkiY76MjRxWBVX7csv098QP0Th0DaZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-38-darwin.so" + } + }, + { + "key": "QAKiBkoCh3QU28xAcKugKMUd7Z5lmKC1qrC3S-WDaTVA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-38-darwin.so" + } + }, + { + "key": "QAmUL6Fn47KU9u_R8iRpyOhrgY-_R-4kzojZ3WVlTA1s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-38-darwin.so" + } + }, + { + "key": "QxgEyLJOg9yVmxv4RNOT1EmdYnQuPrBZgtEjCRRf2XNY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-38-darwin.so" + } + }, + { + "key": "Qx_R0Wtw6F7H430lVVI27ULowi7UlrPLAoCNbwDfQaIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-38-darwin.so" + } + }, + { + "key": "Qwzbeh5NrtP9O028iLLZv7xN5CqkNaE32dmBGOPCYPgY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-38-darwin.so" + } + }, + { + "key": "Qwt5gaEJaapExUssfVsTPwwyaYIs-HJDWAK_OwN0kgsg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-38-darwin.so" + } + }, + { + "key": "Qwt26BPnC-t4XZ7BhH1oFHDl2bbiiE2mmePNj6dj0i5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-38-darwin.so" + } + }, + { + "key": "QwPOJQMXjlTJZ8h9YpQeKMwPfVSTT2ZrCugbjAfPCmlw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-38-darwin.so" + } + }, + { + "key": "QwoyL2xBrlffJIhSpktu3l8Y41j41qhQp45G-wpSxPCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-38-darwin.so" + } + }, + { + "key": "QWlZ9avpHFTptWaI2XUkfE7JSMNKUDn2kPdr_1Oa6h_I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-38-darwin.so" + } + }, + { + "key": "QWGKTTRfIjdgs3xPktqvfS0RhNQi94ipQI8GIp9aou88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-38-darwin.so" + } + }, + { + "key": "QBVX5UTyX04QtDwMbwipCq_OJ-x2iq7qFovo-ewxM9bQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-38-darwin.so" + } + }, + { + "key": "QBzvLO42Ji0BLFd26CN7mtk9eQBTyL-W6xZAV5kbGoak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-38-darwin.so" + } + }, + { + "key": "Qc9TI6thCSOIXr2__sQLrgWFKxWNtJOjM1maIujdUQWo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-38-darwin.so" + } + }, + { + "key": "QCChhEtkowUoFaUNvXrGVramt3sIA3NnnBYe4WPUMNjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-38-darwin.so" + } + }, + { + "key": "QwdcTK-dvIc_T8STlN9MWSTzikrnzFSwbHL1kldBb_ic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-38-darwin.so" + } + }, + { + "key": "QdOKyAxv6TlULzeH7UoSnnGrijICf5D0X3HV3M60odeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-38-darwin.so" + } + }, + { + "key": "QDn05JVwFhIOcE2KuUnXYKclMMIeunrcFxAJoLhtvyXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QhrabMaMn8WzoSwPDk33PbkJ01TeBE9egkmKd21CMocA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-38-darwin.so" + } + }, + { + "key": "QHpgaekI7nNU3Qw31AkHn8M0_4mV8kMZCOD60gjEbHyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-38-darwin.so" + } + }, + { + "key": "QHO2Srd_a4WMSKIx-45vhy2EOHlfu9Vix-vJIiLZrGT4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-38-darwin.so" + } + }, + { + "key": "QdGI9Y_1tsoQHVKBzlOEIu-_BMl3PEByMo3V5ovz4glQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-38-darwin.so" + } + }, + { + "key": "QhNSUfA8rQwBpp9Tn4xF80br64e2VrKr3gfjx73aW_AA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-38-darwin.so" + } + }, + { + "key": "QHc6TMm5O3D5N9c5AJ3speBUJekB5Yh3bDzjUJ_O6W-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-38-darwin.so" + } + }, + { + "key": "QGfR4w5ype_BFU8RQ-W9qQglczGlPFfLPw9xqZxAlVos", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-38-darwin.so" + } + }, + { + "key": "QKKN7HPUsLokZgo78V3hBU85fkVtA4lqwRyP8RTy99zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-38-darwin.so" + } + }, + { + "key": "QkBqLF2f0COrtRiJ-bhrzwzVjRgOQAN_s9B-eBEVQtj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-38-darwin.so" + } + }, + { + "key": "QcEaUO4ff-l5xrFJgNCBaWznWjPbQeE543QzN91jnBo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-38-darwin.so" + } + }, + { + "key": "QcFf7HnAxUc2T_oRT4Iwel11HEewmuOberDkODWtTYZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-38-darwin.so" + } + }, + { + "key": "QCk_x-H6Vz6nikhKn1h5cp2PrOYOnHe6o9hJ_JZK__wg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-38-darwin.so" + } + }, + { + "key": "QCTwNSvel5AQ00iu-VBCQWn9DmoG-fgLFWlMwiM9K0vo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-38-darwin.so" + } + }, + { + "key": "Qcu1tVXE7qdZa3A_NKeA720Qa-TPgx1KKVsb3yD8NrvQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-38-darwin.so" + } + }, + { + "key": "QCyGj3l8dlMxmuz6zgRi2DvBoUL-NpNbkUXpZhPDUS2I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-38-darwin.so" + } + }, + { + "key": "QDFZn4qXizSOxQtHYropgULUlXNlDzjKMhqNK3U-9IFY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-38-darwin.so" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQYUoSMHkapI73tbnGSl2c-kwIobSnwI2xIOMOi1PYIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQYUoSMHkapI73tbnGSl2c-kwIobSnwI2xIOMOi1PYIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QKaSPq4E3lF1s3xq0K3cfWvzS03EGl0Fz5c8jRBFudiA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-38-darwin.so" + } + }, + { + "key": "QkAoajQ1kBe0Vb7hTcWdJFZBWQ7O9lNGjZgrPOZVKTw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-38-darwin.so" + } + }, + { + "key": "Qk_edfJaINwUdRk0_FoRGZWCw0yOMGkdqP7qMkK0-QO4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-38-darwin.so" + } + }, + { + "key": "QK_2dtqihKBdhybJP2llr1zrsBMC34_YQfXL9K7mYsK4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-38-darwin.so" + } + }, + { + "key": "QW_8lZpQdXcogE11iI4kGwVfUUzSjZ-lv7rSvPs0eyeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-38-darwin.so" + } + }, + { + "key": "QvX9P7FzXa72Cpcu3bpcr5-kFB9iP71QijzChVFcTQNM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-38-darwin.so" + } + }, + { + "key": "QVUPaHMaDyebloCIhQlp609MMB_adqWchpi3mNTiRrP0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-38-darwin.so" + } + }, + { + "key": "QVQN5KkWFk4CcvY3KZEDGqzQkx1AYJJu8eDyLeQ4EPjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-38-darwin.so" + } + }, + { + "key": "QvPDaQtbUeZANiCAqmPIx7dRRbHTHjAAxykpNymfkpIY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-38-darwin.so" + } + }, + { + "key": "QVhLrooqNzUNqldm7iIUg9YkwdVMbWDOf8HAJ3p361qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-38-darwin.so" + } + }, + { + "key": "QVBw_8fsN837r3VenYQwEOMrPt-zok6sBT_d8HUNRiN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-38-darwin.so" + } + }, + { + "key": "Qv9UZ0IBpHqpU5Vf6rrp6UmapvdPxIxWeWv6_nBxG0L4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QUYGM0uQZ2Ssf6wWARqM5NCBlMfICBCW347VopzNTGBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-38-darwin.so" + } + }, + { + "key": "Qus3SNf-zT_XttSF3rK1fRPUc-gpbUhqNqRNKX3PaNnA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-38-darwin.so" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QKTMZA3fvlDi4YW3TgjcOlUqNszqLncPWO0QDdynowAE", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QQYUoSMHkapI73tbnGSl2c-kwIobSnwI2xIOMOi1PYIs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QuI2dh-Yc0NazaPnaN69nKtqZa5PT15ho_J9WiZsPbpI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-38-darwin.so" + } + }, + { + "key": "QuGidfNNvm3QZe2t8SRBoMw_MsNU7uZ-YCxnE0jbTB_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-38-darwin.so" + } + }, + { + "key": "QuDjEjTF_AJ7NEFYOW_dC2djonDE1xSSkwoJWyZAHbqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-38-darwin.so" + } + }, + { + "key": "QubXfoYOhwX1xQ6wNLsv3JnoE5BMGLb0Gs8Vr5BBCG_o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-38-darwin.so" + } + }, + { + "key": "Qu7wzv_Wnhd9K10cxm5eiayI77pJxXfLp4z3CZAXjGmA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-38-darwin.so" + } + }, + { + "key": "QU6gWXTCdaMRgx3O4WN7BJ6u737Zna3zyh_aN9V-cA2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-38-darwin.so" + } + }, + { + "key": "QTvzjzZ2HTGJMOL4_IaQx6htnC6xqVCIiyqI9TpFq3jM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-38-darwin.so" + } + }, + { + "key": "QjWj7lXzAPUEyzS6lwQ29NHVScRKp7skpAioo2fFJFgg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-38-darwin.so" + } + }, + { + "key": "QJw4YRdAwTf6jIjAtKfpOmu4IPPM8xgKGVuEtCLOTbrk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-38-darwin.so" + } + }, + { + "key": "QJsKOlU7Ct23Cubo6G-JJLtDcFl7gikH6CldRh3be1Vs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-38-darwin.so" + } + }, + { + "key": "QJKagGZBVLUhOuF4i1zOh0jhAq2d-eEb211xb6dz3PP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-38-darwin.so" + } + }, + { + "key": "Qjk-ymjua27CH2ztONIACOghVeWbcFFwy2zLkmLPodGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-38-darwin.so" + } + }, + { + "key": "QjhS_CgzIK3f03ZjxXnY3sb89OALHqdGM09CBz6ut05Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-38-darwin.so" + } + }, + { + "key": "QJdAyz1eOFr49L5voOLtW1CF_ST4EPMg4CQYiuIgU_x0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QJ6mu7J3Bw-geYA4lH0jG9GTgRWWD1flZLaJ9SK_zoC0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-38-darwin.so" + } + }, + { + "key": "QTtOR3JFqOSykfNv4AzKdtPKZ5O9XGjfEk4m5yzooyFo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-38-darwin.so" + } + }, + { + "key": "QTQo2bVxaoy7J1vC9Uf4zZRB1UntLM11g-ZAtRNLTnx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-38-darwin.so" + } + }, + { + "key": "Qto3S5pzYuVuj3BvGfURea5KZMO_kYYmWkQrCSFbJ-XQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-38-darwin.so" + } + }, + { + "key": "Qt81HYjsBgTevbn0vjRj7zS5PIXCnLZ6u3xT3o2xO-A0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-38-darwin.so" + } + }, + { + "key": "QT21CVXm0CtUC6l0ryJKot9HOVggJleH3TWX_5DnQFvc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-38-darwin.so" + } + }, + { + "key": "QsUlupoMBHcB0ZN4GsAs3iFBVSuIjjvjIc_xswxVWznM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-38-darwin.so" + } + }, + { + "key": "QsJo3fHy8NW7RUkL0CIQ-66vCjQ1piN450bVCfS2RTck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-38-darwin.so" + } + }, + { + "key": "QRZAa4jMp0jbvjo0sA-X69m3Pbm9C7SfY5NvHmPCDtrE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-38-darwin.so" + } + }, + { + "key": "QRxlLdzCAmNC-FKq7JKOBhD5XRWSRkU7G8HvowhcF1vY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-38-darwin.so" + } + }, + { + "key": "QrxJyQAZRJlYW9M6kEXwJnDhoHKLAZsTNQPcN52wrRhc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-38-darwin.so" + } + }, + { + "key": "QrVqDHfOVIxF4UPHrwcUt3-641AnJ2k23h0OHC3B-kas", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-38-darwin.so" + } + }, + { + "key": "QRUvJX18r32jyQz5nCCREs1GscxofSQ1x91G5GLKMHVc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-38-darwin.so" + } + }, + { + "key": "QrpfBlAhMJ--OJcQIXegZekhsawmqviswqAnqURYg1ZA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-38-darwin.so" + } + }, + { + "key": "QRNZb0qN9nkWSphJiEqZ6bEbol2su40Mkd3a7go2OsLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-38-darwin.so" + } + }, + { + "key": "QRfUJby8SzJM7aA0smmX59M18AzMaWgSt4lgx7Z1kTkE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-38-darwin.so" + } + }, + { + "key": "QrDgaNDQpZYq1TRJAWycF55vhkkqcgicPIvwVrBINtBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-38-darwin.so" + } + }, + { + "key": "QR1PIIdEGAIYeSeTqtGUDdgrwfrTy7UoaoD9dYh437j4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-38-darwin.so" + } + }, + { + "key": "QQzmUPTBOhxDZZDRZlWGKgFsh-XUzl3-APE6iWOou52o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-38-darwin.so" + } + }, + { + "key": "QqPS_3oo0ZJK5FHjG94kabTdz4kt0Wfi2psoEW6qFmZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-38-darwin.so" + } + }, + { + "key": "QqGOmizhCed_5KaoU7JSwYKQuTlPCLuLgi8g_hgq5Jgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-38-darwin.so" + } + }, + { + "key": "QQE6AVqBIbS3Yu0EU67PfPnwJ1Nm-_w8wRROiCZO0vzw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-38-darwin.so" + } + }, + { + "key": "QpuKw-Pp7EMddXhrb6Xp6Gvz1UXQP8JJ_P0XWjSujvQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-38-darwin.so" + } + }, + { + "key": "QpkLszH8hgdtMOsy0ja0wfDRVSYrK4joHp_28DyTpaMw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-38-darwin.so" + } + }, + { + "key": "QOTaPwjF7GD5RjJlGvszipfV0aW1x_vObYnvaYO-KQdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-38-darwin.so" + } + }, + { + "key": "QOt1sWuLbdSP_I6X0Vvemy3SCuCyRUqgVErnA4HEhSMg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-38-darwin.so" + } + }, + { + "key": "QosGHtXx8oOHCPjXXxWda5vb0ik0cz9BrR_gEKUfBWrA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-38-darwin.so" + } + }, + { + "key": "Qoq-Zh7vRivQquO57_A2EeZ39PyyiLiFZBePYKG8rwqU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-38-darwin.so" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFlW7zOzZyRC83VVUGalnDa0_1sjwnWYeswgvfrWbRds", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q84pWUZScG2adQK8IqQROSJ_ae_zBhRsoZ3w3MEtHS18", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QbY1UAem_iDuK7kb9f690CkE1fizqVddWOhilMU9Hx70", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "id": "15904524884", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 42223070, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q_UxtvSv2s-8t3hKMbJCsYKy9mDWk_4p_q951rdO1Q00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_RW34Z_9WU31olkYzOoeIJkbxDi_SrebO31mqur1g5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_IUmCVIWbbd2jcEpfmBCf9ZmUhfPbhNF6tGYKgUn3-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_bSlbvaADK0QNG5rSZq--SHBkQo43GbHsuP7IQPNV94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_Asw8KgptvUj5aOKA1ooOs0SPrPgHpDFavCD0l1qX3A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_a7OxZjYGUecEu_Npdscm5wzVHNHAEvvrwEQnULDKJU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwlT9pRi7uSwErv3NZu8o-xLKfIxNrC2MB3ijT_Ov4HU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMSD4hJC6I7PCezWX7G4vggw5jpX78yydXldOm5BqqNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMTrFaxPy_xNcWnDSO2Ra82RvGiCmmltVeKklJxjslHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMwJbCw57Od7Zg4RYLI5swZcm2tAfuXV0OdWbWaUk2fk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QN50sYgibOo7pvMIu3uBEHSAcSUgM-Jm7PPPC2RpMtfA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn7iU76Z3GHW-jPtH6dqyZhs5a8lSR7xOWFawkGE5Xfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QNLVbpcmHnwQqDgeO7wMBL4LFJ6X1KXL9fTcMmbtXSEk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmpUp1XiHSIGuzcp7Cog5iSZpmO5geWmYe_vp1uOggl0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMPaISPcqUEUVMHq6w5lB51XBBT6Wzn1EaU50f_deIU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmKhVWvJxFdrZBUcNG0wxwdSMVEK_s-ubs544UWcFFYU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmIRzZWN2zyzrpAksBcuTEZmOCCo7FXRTdzPZ8mlSqwI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QSbb_uBcmpLz8xPkOhJyXj0s_s74xFHkRxszqLcEjtFc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qc0jazqriNlRQ-a_dF8TtL1z8bBzS7nLKy931xSvyyTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMG7EMge5B9Q5ZyIwhQjfhuOCyj56qUqv1eTiUpaxeWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmF92ZykjI8DqXKBJebjH4erKL4SHZGCXEbYaur64YU4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMdefnyJ98aoA_gaBESiJAIQDymbZO7Jai8xZgRV0goQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QM9wZ-R5r3sxVrxy1wjGt9a9Wxv-MJqAbj9i_SHpCfK4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qc0jazqriNlRQ-a_dF8TtL1z8bBzS7nLKy931xSvyyTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qc0jazqriNlRQ-a_dF8TtL1z8bBzS7nLKy931xSvyyTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qm2nuA8FL9CtIg0hPHmmWi6yWPo6e5iB_16mHXwR6Pkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlFNZumC5lSVPWiPYbG3_wozz6O_NhTqiyCFMF4WBbwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Ql9W7xycAYD6XklAepiLKmoV0K9omjaJBpiRMyGAsyKI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QL4G9VmMDI-Fse1RhQvvHrX7aQKDK4amgLhPK1dUGVy4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QKWHCMRZ2UrsMUKkcy-czFKHZi1u9k_7soyIajihpJVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QKH42grZDPNuOs87aADKBNNDKHfIPSPX3Txm5wzcNIFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QK8qBqv7xtxsqVO3Y1gcvWDA9PlTBCWJumQrQ4URVkDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk8EUMyP8oYSHqCRDwGxZ-94diHoBP0SHOBcj0TQA4Hc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QJz0Bau1psVBE5cD99bVAsN3Dre5fJCkaeeZmYt7s5AI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QJy2FKJrXmonDd8it_q64TuqJdoITlhxCp27x02_Wo30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qju291ZRIXDJUttCHA1KoZqxuHgSrw_I8NBmxqzxtoaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QjrpWWqft3t818Nq0WW27JNH_dbJ9mqjiZxkcohJZDDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QJIwzCVhu7iXiNWJNLRBs-Kxlr_aM0zLMJ06HQ5dZyME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj9AdT-GAMA0Rk9XATHfY5fk-PbJpz90-l2StAxYPK8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QIwM_kmCOAh4NtrORlq2KDU6Oi1pQzK_rURrXxW20pVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QIVuzEXkvEZjd-a8ofB6G2u545FW0mvB2sfRvAqhV9M0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QivDSesljlJX7aZ1HeUwpReaE62nMQ40ZtXe_Yaoj0FU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QIqYyTJMXinkkZiPIii6NIhUQyjO-y9vdV9FyTjSacQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QICXD7Jf1nNrJvFH3gip3PKPrDsuly0eygLqKMwQKKpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi5MhQU0grJPRC6E_VjNxSfwSo2EjllP6H-LZpUB6ruQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QI_QZIccuG8oSgpHd0RgobhvaSODlGT0hKbl_MIZoazs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QHRfsGDcYD2Vi0Pxx6XW9ANBnx99LgVZQmrGnCGFKF7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qhinz2mff4N2XJftZCnOxTEHtzDmkbVPLjZFlDkTTgE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QHCqCKDrG9jpAPcKeJMD6NO1DZnNDSaxQXAxvEFddl_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QHBoDBXF9RLGa0yQvyMzmitmnFWgHf6zj7UsHb5grGyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QgibbvtpfLBbjCVdM0eEzaCwftQxlaYsOFNU5LFJU9qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QGDiIwaJB_j8riFgpWJKq_TL5y9Ms6tL8HCKm-zj8bO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QGcya6vcywqaY6R-ktgUVx9FaJyCVXO6wpJoRGqGcX68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfU9ii88Gi36XklrgIbHFpFVp_ZgKpWHAI63ev4MxCVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QokT2RiViN_naC7LHt5v6RgDDEsS5tlL9HxOpheOE1MQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QOPt_bxc58JCjhRKOE3D4Od6ebZ5Dk7u1R8ePnmnIE2U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoR3BhzmvZuitlTdFPfGo7u8KIceOtOF-zAR9QX2fzuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QOsbQBwU8fAFA_XchSCeQ0UbQoxUHF_46UTCfKUsK5c4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QouBJILFAFSnyBZrQ6Rk1zBFJ-POr1lwhyGgJ3lGpjQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoVDBkZ6mtId_uC2C3gto5Ss9h8ZbDod-q0SOUABS26M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoyykHE5cocnghsfHYOYMvUd7Pip7StDjg16cM4vNPKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoZsQpsDeFRFa44TpqiWXDdNppbWv8Q3Lb2--y3ATakE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QPfvAeOiMWh8OFzz3fQe-_GVOZCfra0EgM2JZk6BY21o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QpMd-mO4D_ip7xLOumfPKIBq6NzJ-i3cvWq81MrvrZbs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QPN0hQf5Hh88OSHmmTmwQ4tthNfirTdhMmHhajLb_270", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QppVKB7p994g2lo02CbUPUbn3MVqn0V6us1Z8sgI6T-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QpxI0FalvKaNbSh7k3kHvFfvXA2LaSIsYOqgak-LvyR8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpYQHjP4F-QeI3BtzFWDlY4PhUflpaVIClNUlSX6fhlU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QftKEzRQCShqxEQTVKsy1TuIBPCa_BvRwqsvq3sAld_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfrVvq3BiSOWwrQyG6-Cxm8uAqu0rZPrbQox6l6t_cGY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QFoTRf4381pMVsQRBWA7HMB3Y9rF7ozbk80ah8ik2U5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfBl0tUJSyNb6IgVqfxvF42XqiguzgyRa5q2Rbo3nEYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QF6DYpjANKhDgfe5dSQrfGeYZQf355s7OtsblnQguqTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEUthsI8fCOZHuKKJz46QbKKhl2mDmv5BaRYa2jF__0k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEs6ekaLNLM0iVyyriLMEg7HBZayHYoJogXL2sGPAjx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ0yMACjdgkNaiqXfgNMcoF_BcpKAvP0iTD4PzY24HhI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ4tI2ycOR6g7lNQHF4wIpdTGxsif4uk7GvEN67cZ7EQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq5u38Vhi_y1NnlMYOTKeboZwcrtFtdKkmRCn_2xwf-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQD_avYUgIg_zJalT-fr-awItfeWH2z5W5IHvf2JUjTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEpm59t5SAi235JaaTHcGwzJprpg7CNzZI0wJgPgrGUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEP3O06RBat3zJ1oUr7ejphl1hvxhQrUXwS2mJ0ZFLXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QENE3bbz7Cm3d6_qTtoQj6eMRktG_7qORsm4okkGJAbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeBHThSBqOoqW-eR30h41n13nMH87Ae-Z1IuRvuBca8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDR0CxPQ28zEjHN89-3Rrp7NIVl3_qs1woi7_KZLZKYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDp2PQB_HXeqqIWtB2NKYw4vZd5K5LO7qd6ep9AcBvKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QdkqnJJbAhOjnNvVPeuke7JETG32NQv9oceOdqPFTPTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDHO4jtUF8bV27ibkq9RNaPKgWWnt--gkd4FbwYIcEN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QdBmQs7fcEvHb7rDYNBXHlh1d4v3q7EyDqx3pdc9zTwo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDB8stFOZZ-1IG3SthwsBoecAu7zYwh_2RNeS4j6HDlw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDa66AHe2gOJM98J_4mtFDdw9RwRZqJgXusxQOS0My0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDA0NCLlA61GwqPTiipjllSc2zMb4ffRbnUZm0axhU8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QD2tRuBoIjVvXAZGT3SMlQpN6vbaaq0RtN0GWTWckTbE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd29MmPVbQhgxMY4AqDevB9YlkdcwYn8G75uU1_5csaA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcy05LXQ0tQOs-4E_VTOzCYVBopePVOdO0-K3B8O5IkM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QcnFkgawoSKZ0Hjeh3ROfJbY75MWyV1V9JLddDYAgsGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QcnbfUzqfl4r5CNvNVU2l4FMk4SZuZTHT6PFQlLui74w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQDmf16s-C4Aa-9DZS5VHRYc0el06uv3tOCwd4Dcdaoo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQLck8R7YOa5clkEkScvc262fekhWlFJD3fg_JamQkFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QqlYJ7XnHFvUia1IY5DVh7wUbrxxHR7S-cdQ1zYRZG9o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QqpiWXOYeyTYu9xksRoEcziLOIrvqtcfLM9Xr3yotcFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQReVoPjK2Mqwvvbyd6cm-6TjKx-yyyvf_OBRZQ6BLGk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QR-fpSMklfhNkUW0ljtpJ0I_FnfBUc5ObVS_GdR1crvE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRkNDULcXT4KZEvb2X_H4U0RuSUD_T9M8QAXXhoXb0DY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRm-0D_2IzqMUWqJJWN5uVpA7A9MaaDl78FRORje-hhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QroTaUS5FawSkY0Qf-8nElFyWCORX7EAnvA9_vbchUcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrw_q6bQp0jgMbCQqUzvQ5dVi03g5FIO_qWNJltXbwec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QCD8nc2IzOSD8nQ0ccHFG9F-cBsyy6Org-Q4WObnvT2U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QC1PSHpLp-ELalt982PfgQRpyfb4TqE4uQpGws51I5Qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QbxS-IAkyE-16EqVJDjg0qmp0BHBV2vW-otGM7Z9liJ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QBvIu0FCa7YXV9ltEg4co9V5Xrgw4Mh9YwA2DBYvkvJw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QBq5E1GeFCHQj9x-Uv7aXasUy6nVmjmCIDvzsyJuVVn4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QbMIsVtjZ9UbJO8rF97OPt1G7w2NN8Xs5sxMWyf3c5pw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbjws64nVeZG0hbRAcO4wF_ReQHOO7bNdvZw_QMrv8ro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QbJ2P57AFkrKWGas5pUnNQUQywff6Veh6SmZYY9MefJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QBHXH-IMDkp23HFFVXiBZZl8aYk_ez3-U4iZ8s_7RkD8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb_i96IBH4vp44pG_Lx3E3BBOEfXlfBJl6DVoFbQ3Xqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QaRUe476PsD069RRNEW9ReGTBBV_3cJCzP_VQCMUrtuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRYlTI9k-7VVZk3s7U2IM7FkOu44cIRQzjUht5Va7clM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRYXcPz-aaPIcEdxJMSs13xV0JiSRsdJ4VfUAyOHdGgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRzfHrv9KVGphZWFsFL_FDl2auLk59YW42yJICTuYTU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QS1EOo4xPryV9x0402tvGTLUmT_6SM4Ofd_8sDN2VEaA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QS7sw4UcAsFRVkvIwP_QTGGTO5szt62GbWzHruo6BRGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QsaeA9U5aDLRdd9MvxC0XqtVRVqAEIJOph94EnxAv-rg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qse-W2wW43YqBh0e2utHiEGIRCBqGxJ6B4U8eGdZuQ_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QsNfEJRycaUIYKDXDOZzrHP-n6QzMFxDSLRS94RQGf0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qa92ig4hq5Zvyfg6ski2t4X_pruaWZ97SrPxa8tCDsrQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qa7tIIddkq9j81LNXc6mpXyDivmZZBc2-6dYiBSnCmp4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QA6MiP5zdBu8H44FWkm1kYjtk3YdN9Ph2w_WhGD005Zs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qa0I7HjJAxuHux8TrSWeYsUK2R7PeaSd2aFZVO0d2qk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9i5rwkynjUCZOnaSAoAGFK53s16pvAEZQQ_1cgkL1ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q95kd07mv6TNle5OCNtLLp3c3pLfI_tqy38dMv-Ybk7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8YHfX-UmvlmEFTQt3qkx5fUQ7Y0QPDQSzcmbNjia-WU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8ixtrqBQXwqSjQu765kDcbkFWM0JXmPi7hSSwleeBq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8cB6N3Pt4U3MWunmKqh2RuCd94_W_5xBDwBl4ckSoDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6nZ5ep5yF6968oNJzVDW_hbWFODW8qs5Fk8hgmc-b9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6bLNjB_wRdcFYMyjbWUu7RQo_tkk6yLleV-6ExHnmic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5XF3Qwykzfa5lG5cvtm9IbNg5g04VBAcgTQk9pO9-E4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5ChOYDue6xEQNnG1q5Ggup0zOmVT9lTRQZSYXzOxU1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q50Qu1-o-hJ9f54solhFGTC0faKO_TR1BMprYZaZwAeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4poeHzeWnhne3Gb1dJYPH8Zql5WmyiOJi_FqyzAz8nY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4m7DyoDCl811JG8cB78Kfan7gP37ojfrZW04aA6KQ-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4jjbM-JZEjyflaK69wCXJxMyw6QbKbvHyInFhodvBrs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qc0jazqriNlRQ-a_dF8TtL1z8bBzS7nLKy931xSvyyTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QSbb_uBcmpLz8xPkOhJyXj0s_s74xFHkRxszqLcEjtFc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qc0jazqriNlRQ-a_dF8TtL1z8bBzS7nLKy931xSvyyTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QSbb_uBcmpLz8xPkOhJyXj0s_s74xFHkRxszqLcEjtFc", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qc0jazqriNlRQ-a_dF8TtL1z8bBzS7nLKy931xSvyyTE", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QaubTe60yVMApe1CD1_fBNFR3cmt1nH__P-1fk7Yrwd4", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzKJeCVbhMGYXdThe4TEn5Q8dE-4MbZq2dA8lL4hJDYQ", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVayzr7bwrlJ2ewWJI5NXPOGPGYWLcse76qyPU7j77BU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzumZrBIybWdHhUHhEAZn9W7D2kmQsngCK6qrnicWzas", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QZNTPgVGoFxsvWYDtvX-a9cRBFeEIYAeYO71pSkHu0Yc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzns0Mp0hGSpSUY3EBNfernPy3WeDbS_qn2Pkxk8uBL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzI9NIYBQhsrpmMNQOkIggWmMlo0nYuq1pGfGyWZgNSU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzgnbhnnP5vtbOly3kvOotgh2G1FqdymNnb-UTi4-Fa8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzGF6tqVweGCQvJz4iNMlqsFofm7oX11SXdKlck_bD6k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz9A84kaWZiWTDpQsOys149rcRd4mUKDDUTaG_RHxDLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ__g-x6vpV2UjJYOKqfVEvbx-0r8bwslGWn1EPpGgrM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QYUbo-Cps3gDtJ7UHv_JGsB2J1YSbDTOeTiSt1hqbnNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QyprjqiPlGvi5zIuQBn37gLruNVhjEkIymCoR3n9ng0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qy6ZfWX3ql5VX-ONqMK8wtktel0SA1NvY90IObCEu56Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QxWDjZsjB-YWERABJWJWLnqoY5fYVb74vuuRwSVdrRRI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QxqJTlyyiKPf4jir5TSP1P8sdZv3RHtS3OujGthh3s3I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXFKNbllKBgQEJoIbZioI4qj9ikXLqFF2_tKPaNzUWAU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXBURYKPa0UWLlvfIzUyKbIZ689Xeffhh6N_CIgMQ6Ko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXB3wEcz6701W8CHn3YmnDz-Wq3VNKFoGRlseIsg2yj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXA80tXPWtnBf3xvRJQs74UTCZZecCeZyO7KQ22Lqiyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QWTHMO4uiExAE0rchX-isZ-rOSn-i-rEltJgAXekUc70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QWpa1MrOmrEfI59MEMnugG-WiiiP0Or1jC5PRVu8-5eY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwmqpktC02E1-SJFQe0fN_heOUbdT_xvlJUEO1WUpzfE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QSq0_t8U-I_133ul9tqhAnROzE8BRQWMNdvveaxp5JIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QstIFEvmgbuaioGsQ3gX1f6bIy-UrVTQDziW6RKcqL5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QStKORoADmyXv5wydXyd-xkrz8MfJVGEkr4xYKs5e9A4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QsV4eme0aHG9u6XmEGo7QbN8oHRDgIlTI-xpeZ8xthOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QT2AAMXq2SFHzi6XLPJb6ZDlCQVdsZ-miEkxqP3olL-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QT2YIbFKuqFcEBQnqI8LZxr07KqXPa33e9CEnTzrgNHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qt99294IJo_rWX95N6Ll0JtU-u7yaUfYdrhoHJ-hrMFE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QTJu3CdDAxNiRkazR6l4Pnu0eab1vHcgvyG062J1Genc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtowDJt0Ievt2bNZ3jchzMNbXpHVWn51Azyh5p5AIwkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtRct-2wF7DMuQ5SQOT1r1SZYjWEAIDx7NiGNwpMUNwc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtskETt9UkgXojnx-HeWRaJnU4gt1dPff9LnbYjV0i28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtY6kc-qR_1U31pUZDHemFaCIOJDeBz1qqmecpfHKVfw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu5P5yTEkvOg2wguqadse-mpBnD2zoN_9C_TFzSFsHG0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QuNO_enGYzthXKDPFKZtfqAyrB2_QKUC8yzaCYFshfVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QUo01qEF8rehQFTAqbqBGi5dSe5vNdvLXQdpwq0HiI7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QUU-NMEZvsbmN2EPgp0SGLvEWHTVwatuCoejv1iX7xrY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QUyUjm_Ou9CgGBrRGe5wvuL4Qm0XGgCTkvqztBz3Bpr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qv2E2R8PmYipI_V85HO8fRtz9fo2kWrpt8YLHcnd8GZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QV95-XpY0MdYbNTDypvNYnECKYIE0pz7cQNayIiORaX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvlC_fvUokbPe5iWq4cFUZUvLHtJ2N_4Nsem2D3droJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qvmj_xPeAo48uFd10PxPFomiPukX6NvYBJZUz9sASnUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QVQsbXw9kHnpiic_fYP_LJurJX3aSM5RzGhKfwwoajT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qvteg1hzis-V2BPpKeHerE9llUOjKO7DXzPLrDmmf-K4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvtxZrww8L0lsJHp4A2Y1UW4OZHnofBFUMdJMLyEBJwo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvX5jz3fIzIXZTyptxrGujUiTVw_1jHKDxdKPB_xbhU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwaMFBvrz24BYkulsCwm9fLrd7cCPAQ17X-nesLlOfqg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QWbvYquC5HBNAE4tzIla5ntKGKI9tE0FTCtWxblCibqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwdeTVRs2uaZ6sAoEqIUSSifx2dtGJcplFv3tG7QOEdI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwIlaKjtK73fb0bDExvovaH635oVd9fKvnB4QKcQOQV4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwJXNP-RPxsWx3PFKAM6erHcq4zs8KXk6KrsyihAH45k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-1itnRqgKOHEGlnY1kX8MmAQ-iMtoRrveWDVgIH2kiY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_yxY5HPfpkH6_CcSwsoXwyWZteIsqIkjAfa6yIKfE3Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_W5c31jBK2p5yPwoZPSrQFvXADLSlfYZOTk0xBXrHzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4fFl9R1up7vVPdbnI_--AnptDjf1gD2WhAZQdWs0_PQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q44WzB7U90_R5Vq9qsfXctddbwFiRLMVG0dcyYABpWlk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3ZRpM2H-0-ezLhjt_rYvogEjDvsSRD0MSm2jnQdwvms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3xhY3VAgkjIBSdYhgsg7l6l81r4mpXrgJTSYxnswoKM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3w1WUhxYDuKLb80C4xoCm-fDW2tjNPc1m-pQjkBUjps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3UA-ZD6uNfnMNjkCGS7rC-EnzYLm6gsJYpIIyiv3Mz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q39l3AbLDcT_wj6FFWHChsOdLz1y7u3tupkxURSKJWVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2okYSbcYhl8JVfXwX2OGjsjWGFpUj1SVjgrnLGCBl7A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2o3wiO_PT_KSW83lrSxV6qoHvQw8h-OlNkqzXfETAOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1nN7_-QKpdPyhwcfvp8lRyAe8rlCTPrW91lsPBICbXI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1nBvvpu1oDMU47aKL4Tb8EvvbjS00mNaVhryFEbAKR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1CZhszfa4NJe5DXAz4bfHu-IZSMxe02LLW7ESFQmD1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0k_9dHEkbJub3f1L6v-NS9sbLvBBiWN2_HzeiehdzwY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0FGHCZ20SV53BieJnS6qgmut4CWHy9OB6sJUuQy-vqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0-taZJ5McpplS4CD1uTCROyDF8mx7VA63a1fbXLGKdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-xbJisGx-X0X5XHz3MYGg4qAmNIc7F4lrmWaSgebRWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-3UxHzysownaNdf2bgFMU-gJkjqaZMOhVlrRlqEyGcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-38-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp38-cp38-musllinux-1-1-x86-64-whl", + "id": "15904524885", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45455339, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q_a7OxZjYGUecEu_Npdscm5wzVHNHAEvvrwEQnULDKJU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_Asw8KgptvUj5aOKA1ooOs0SPrPgHpDFavCD0l1qX3A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_bSlbvaADK0QNG5rSZq--SHBkQo43GbHsuP7IQPNV94", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_IUmCVIWbbd2jcEpfmBCf9ZmUhfPbhNF6tGYKgUn3-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_RW34Z_9WU31olkYzOoeIJkbxDi_SrebO31mqur1g5A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_UxtvSv2s-8t3hKMbJCsYKy9mDWk_4p_q951rdO1Q00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_W5c31jBK2p5yPwoZPSrQFvXADLSlfYZOTk0xBXrHzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_yxY5HPfpkH6_CcSwsoXwyWZteIsqIkjAfa6yIKfE3Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-1itnRqgKOHEGlnY1kX8MmAQ-iMtoRrveWDVgIH2kiY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-3UxHzysownaNdf2bgFMU-gJkjqaZMOhVlrRlqEyGcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-xbJisGx-X0X5XHz3MYGg4qAmNIc7F4lrmWaSgebRWQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0-taZJ5McpplS4CD1uTCROyDF8mx7VA63a1fbXLGKdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0FGHCZ20SV53BieJnS6qgmut4CWHy9OB6sJUuQy-vqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0k_9dHEkbJub3f1L6v-NS9sbLvBBiWN2_HzeiehdzwY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1CZhszfa4NJe5DXAz4bfHu-IZSMxe02LLW7ESFQmD1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1nBvvpu1oDMU47aKL4Tb8EvvbjS00mNaVhryFEbAKR4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1nN7_-QKpdPyhwcfvp8lRyAe8rlCTPrW91lsPBICbXI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2o3wiO_PT_KSW83lrSxV6qoHvQw8h-OlNkqzXfETAOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2okYSbcYhl8JVfXwX2OGjsjWGFpUj1SVjgrnLGCBl7A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q39l3AbLDcT_wj6FFWHChsOdLz1y7u3tupkxURSKJWVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3UA-ZD6uNfnMNjkCGS7rC-EnzYLm6gsJYpIIyiv3Mz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3w1WUhxYDuKLb80C4xoCm-fDW2tjNPc1m-pQjkBUjps", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3xhY3VAgkjIBSdYhgsg7l6l81r4mpXrgJTSYxnswoKM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3ZRpM2H-0-ezLhjt_rYvogEjDvsSRD0MSm2jnQdwvms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q44WzB7U90_R5Vq9qsfXctddbwFiRLMVG0dcyYABpWlk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4fFl9R1up7vVPdbnI_--AnptDjf1gD2WhAZQdWs0_PQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4jjbM-JZEjyflaK69wCXJxMyw6QbKbvHyInFhodvBrs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4m7DyoDCl811JG8cB78Kfan7gP37ojfrZW04aA6KQ-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4poeHzeWnhne3Gb1dJYPH8Zql5WmyiOJi_FqyzAz8nY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q50Qu1-o-hJ9f54solhFGTC0faKO_TR1BMprYZaZwAeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5ChOYDue6xEQNnG1q5Ggup0zOmVT9lTRQZSYXzOxU1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5XF3Qwykzfa5lG5cvtm9IbNg5g04VBAcgTQk9pO9-E4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6bLNjB_wRdcFYMyjbWUu7RQo_tkk6yLleV-6ExHnmic", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6nZ5ep5yF6968oNJzVDW_hbWFODW8qs5Fk8hgmc-b9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8cB6N3Pt4U3MWunmKqh2RuCd94_W_5xBDwBl4ckSoDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8ixtrqBQXwqSjQu765kDcbkFWM0JXmPi7hSSwleeBq8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8YHfX-UmvlmEFTQt3qkx5fUQ7Y0QPDQSzcmbNjia-WU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q95kd07mv6TNle5OCNtLLp3c3pLfI_tqy38dMv-Ybk7k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9i5rwkynjUCZOnaSAoAGFK53s16pvAEZQQ_1cgkL1ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qa0I7HjJAxuHux8TrSWeYsUK2R7PeaSd2aFZVO0d2qk4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QA6MiP5zdBu8H44FWkm1kYjtk3YdN9Ph2w_WhGD005Zs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qa7tIIddkq9j81LNXc6mpXyDivmZZBc2-6dYiBSnCmp4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qa92ig4hq5Zvyfg6ski2t4X_pruaWZ97SrPxa8tCDsrQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QaRUe476PsD069RRNEW9ReGTBBV_3cJCzP_VQCMUrtuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb_i96IBH4vp44pG_Lx3E3BBOEfXlfBJl6DVoFbQ3Xqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QBHXH-IMDkp23HFFVXiBZZl8aYk_ez3-U4iZ8s_7RkD8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QbJ2P57AFkrKWGas5pUnNQUQywff6Veh6SmZYY9MefJ8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qbjws64nVeZG0hbRAcO4wF_ReQHOO7bNdvZw_QMrv8ro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QbMIsVtjZ9UbJO8rF97OPt1G7w2NN8Xs5sxMWyf3c5pw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QBq5E1GeFCHQj9x-Uv7aXasUy6nVmjmCIDvzsyJuVVn4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QBvIu0FCa7YXV9ltEg4co9V5Xrgw4Mh9YwA2DBYvkvJw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QbxS-IAkyE-16EqVJDjg0qmp0BHBV2vW-otGM7Z9liJ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QC1PSHpLp-ELalt982PfgQRpyfb4TqE4uQpGws51I5Qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QCD8nc2IzOSD8nQ0ccHFG9F-cBsyy6Org-Q4WObnvT2U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QcnbfUzqfl4r5CNvNVU2l4FMk4SZuZTHT6PFQlLui74w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QcnFkgawoSKZ0Hjeh3ROfJbY75MWyV1V9JLddDYAgsGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcy05LXQ0tQOs-4E_VTOzCYVBopePVOdO0-K3B8O5IkM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qd29MmPVbQhgxMY4AqDevB9YlkdcwYn8G75uU1_5csaA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QD2tRuBoIjVvXAZGT3SMlQpN6vbaaq0RtN0GWTWckTbE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDA0NCLlA61GwqPTiipjllSc2zMb4ffRbnUZm0axhU8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDa66AHe2gOJM98J_4mtFDdw9RwRZqJgXusxQOS0My0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDB8stFOZZ-1IG3SthwsBoecAu7zYwh_2RNeS4j6HDlw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QdBmQs7fcEvHb7rDYNBXHlh1d4v3q7EyDqx3pdc9zTwo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDHO4jtUF8bV27ibkq9RNaPKgWWnt--gkd4FbwYIcEN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QdkqnJJbAhOjnNvVPeuke7JETG32NQv9oceOdqPFTPTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDp2PQB_HXeqqIWtB2NKYw4vZd5K5LO7qd6ep9AcBvKo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QDR0CxPQ28zEjHN89-3Rrp7NIVl3_qs1woi7_KZLZKYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QeBHThSBqOoqW-eR30h41n13nMH87Ae-Z1IuRvuBca8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QENE3bbz7Cm3d6_qTtoQj6eMRktG_7qORsm4okkGJAbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEP3O06RBat3zJ1oUr7ejphl1hvxhQrUXwS2mJ0ZFLXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEpm59t5SAi235JaaTHcGwzJprpg7CNzZI0wJgPgrGUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEs6ekaLNLM0iVyyriLMEg7HBZayHYoJogXL2sGPAjx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QEUthsI8fCOZHuKKJz46QbKKhl2mDmv5BaRYa2jF__0k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QF6DYpjANKhDgfe5dSQrfGeYZQf355s7OtsblnQguqTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfBl0tUJSyNb6IgVqfxvF42XqiguzgyRa5q2Rbo3nEYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QFoTRf4381pMVsQRBWA7HMB3Y9rF7ozbk80ah8ik2U5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfrVvq3BiSOWwrQyG6-Cxm8uAqu0rZPrbQox6l6t_cGY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QftKEzRQCShqxEQTVKsy1TuIBPCa_BvRwqsvq3sAld_E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QfU9ii88Gi36XklrgIbHFpFVp_ZgKpWHAI63ev4MxCVI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QGcya6vcywqaY6R-ktgUVx9FaJyCVXO6wpJoRGqGcX68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QGDiIwaJB_j8riFgpWJKq_TL5y9Ms6tL8HCKm-zj8bO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QgibbvtpfLBbjCVdM0eEzaCwftQxlaYsOFNU5LFJU9qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QHBoDBXF9RLGa0yQvyMzmitmnFWgHf6zj7UsHb5grGyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QHCqCKDrG9jpAPcKeJMD6NO1DZnNDSaxQXAxvEFddl_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qhinz2mff4N2XJftZCnOxTEHtzDmkbVPLjZFlDkTTgE4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QHRfsGDcYD2Vi0Pxx6XW9ANBnx99LgVZQmrGnCGFKF7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QI_QZIccuG8oSgpHd0RgobhvaSODlGT0hKbl_MIZoazs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qi5MhQU0grJPRC6E_VjNxSfwSo2EjllP6H-LZpUB6ruQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QICXD7Jf1nNrJvFH3gip3PKPrDsuly0eygLqKMwQKKpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QIqYyTJMXinkkZiPIii6NIhUQyjO-y9vdV9FyTjSacQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QivDSesljlJX7aZ1HeUwpReaE62nMQ40ZtXe_Yaoj0FU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QIVuzEXkvEZjd-a8ofB6G2u545FW0mvB2sfRvAqhV9M0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QIwM_kmCOAh4NtrORlq2KDU6Oi1pQzK_rURrXxW20pVQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj9AdT-GAMA0Rk9XATHfY5fk-PbJpz90-l2StAxYPK8U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QJIwzCVhu7iXiNWJNLRBs-Kxlr_aM0zLMJ06HQ5dZyME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QjrpWWqft3t818Nq0WW27JNH_dbJ9mqjiZxkcohJZDDw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qju291ZRIXDJUttCHA1KoZqxuHgSrw_I8NBmxqzxtoaw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QJy2FKJrXmonDd8it_q64TuqJdoITlhxCp27x02_Wo30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QJz0Bau1psVBE5cD99bVAsN3Dre5fJCkaeeZmYt7s5AI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk8EUMyP8oYSHqCRDwGxZ-94diHoBP0SHOBcj0TQA4Hc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QK8qBqv7xtxsqVO3Y1gcvWDA9PlTBCWJumQrQ4URVkDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QKH42grZDPNuOs87aADKBNNDKHfIPSPX3Txm5wzcNIFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QKWHCMRZ2UrsMUKkcy-czFKHZi1u9k_7soyIajihpJVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QL4G9VmMDI-Fse1RhQvvHrX7aQKDK4amgLhPK1dUGVy4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Ql9W7xycAYD6XklAepiLKmoV0K9omjaJBpiRMyGAsyKI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QlFNZumC5lSVPWiPYbG3_wozz6O_NhTqiyCFMF4WBbwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qm2nuA8FL9CtIg0hPHmmWi6yWPo6e5iB_16mHXwR6Pkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QM9wZ-R5r3sxVrxy1wjGt9a9Wxv-MJqAbj9i_SHpCfK4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMdefnyJ98aoA_gaBESiJAIQDymbZO7Jai8xZgRV0goQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmF92ZykjI8DqXKBJebjH4erKL4SHZGCXEbYaur64YU4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMG7EMge5B9Q5ZyIwhQjfhuOCyj56qUqv1eTiUpaxeWE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmIRzZWN2zyzrpAksBcuTEZmOCCo7FXRTdzPZ8mlSqwI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmKhVWvJxFdrZBUcNG0wxwdSMVEK_s-ubs544UWcFFYU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMPaISPcqUEUVMHq6w5lB51XBBT6Wzn1EaU50f_deIU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QmpUp1XiHSIGuzcp7Cog5iSZpmO5geWmYe_vp1uOggl0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMSD4hJC6I7PCezWX7G4vggw5jpX78yydXldOm5BqqNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMTrFaxPy_xNcWnDSO2Ra82RvGiCmmltVeKklJxjslHg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QMwJbCw57Od7Zg4RYLI5swZcm2tAfuXV0OdWbWaUk2fk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QN50sYgibOo7pvMIu3uBEHSAcSUgM-Jm7PPPC2RpMtfA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qn7iU76Z3GHW-jPtH6dqyZhs5a8lSR7xOWFawkGE5Xfs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QNLVbpcmHnwQqDgeO7wMBL4LFJ6X1KXL9fTcMmbtXSEk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QokT2RiViN_naC7LHt5v6RgDDEsS5tlL9HxOpheOE1MQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QOPt_bxc58JCjhRKOE3D4Od6ebZ5Dk7u1R8ePnmnIE2U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoR3BhzmvZuitlTdFPfGo7u8KIceOtOF-zAR9QX2fzuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QOsbQBwU8fAFA_XchSCeQ0UbQoxUHF_46UTCfKUsK5c4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QouBJILFAFSnyBZrQ6Rk1zBFJ-POr1lwhyGgJ3lGpjQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoVDBkZ6mtId_uC2C3gto5Ss9h8ZbDod-q0SOUABS26M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoyykHE5cocnghsfHYOYMvUd7Pip7StDjg16cM4vNPKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QoZsQpsDeFRFa44TpqiWXDdNppbWv8Q3Lb2--y3ATakE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QPfvAeOiMWh8OFzz3fQe-_GVOZCfra0EgM2JZk6BY21o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QpMd-mO4D_ip7xLOumfPKIBq6NzJ-i3cvWq81MrvrZbs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QPN0hQf5Hh88OSHmmTmwQ4tthNfirTdhMmHhajLb_270", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QppVKB7p994g2lo02CbUPUbn3MVqn0V6us1Z8sgI6T-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QpxI0FalvKaNbSh7k3kHvFfvXA2LaSIsYOqgak-LvyR8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QpYQHjP4F-QeI3BtzFWDlY4PhUflpaVIClNUlSX6fhlU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ0yMACjdgkNaiqXfgNMcoF_BcpKAvP0iTD4PzY24HhI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ4tI2ycOR6g7lNQHF4wIpdTGxsif4uk7GvEN67cZ7EQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq5u38Vhi_y1NnlMYOTKeboZwcrtFtdKkmRCn_2xwf-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQD_avYUgIg_zJalT-fr-awItfeWH2z5W5IHvf2JUjTk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQDmf16s-C4Aa-9DZS5VHRYc0el06uv3tOCwd4Dcdaoo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQLck8R7YOa5clkEkScvc262fekhWlFJD3fg_JamQkFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QqlYJ7XnHFvUia1IY5DVh7wUbrxxHR7S-cdQ1zYRZG9o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QqpiWXOYeyTYu9xksRoEcziLOIrvqtcfLM9Xr3yotcFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QQReVoPjK2Mqwvvbyd6cm-6TjKx-yyyvf_OBRZQ6BLGk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QR-fpSMklfhNkUW0ljtpJ0I_FnfBUc5ObVS_GdR1crvE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRkNDULcXT4KZEvb2X_H4U0RuSUD_T9M8QAXXhoXb0DY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRm-0D_2IzqMUWqJJWN5uVpA7A9MaaDl78FRORje-hhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QroTaUS5FawSkY0Qf-8nElFyWCORX7EAnvA9_vbchUcs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qrw_q6bQp0jgMbCQqUzvQ5dVi03g5FIO_qWNJltXbwec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRYlTI9k-7VVZk3s7U2IM7FkOu44cIRQzjUht5Va7clM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRYXcPz-aaPIcEdxJMSs13xV0JiSRsdJ4VfUAyOHdGgw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QRzfHrv9KVGphZWFsFL_FDl2auLk59YW42yJICTuYTU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QS1EOo4xPryV9x0402tvGTLUmT_6SM4Ofd_8sDN2VEaA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QS7sw4UcAsFRVkvIwP_QTGGTO5szt62GbWzHruo6BRGA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QsaeA9U5aDLRdd9MvxC0XqtVRVqAEIJOph94EnxAv-rg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qse-W2wW43YqBh0e2utHiEGIRCBqGxJ6B4U8eGdZuQ_g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QsNfEJRycaUIYKDXDOZzrHP-n6QzMFxDSLRS94RQGf0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QSq0_t8U-I_133ul9tqhAnROzE8BRQWMNdvveaxp5JIs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QstIFEvmgbuaioGsQ3gX1f6bIy-UrVTQDziW6RKcqL5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QStKORoADmyXv5wydXyd-xkrz8MfJVGEkr4xYKs5e9A4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QsV4eme0aHG9u6XmEGo7QbN8oHRDgIlTI-xpeZ8xthOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QT2AAMXq2SFHzi6XLPJb6ZDlCQVdsZ-miEkxqP3olL-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QT2YIbFKuqFcEBQnqI8LZxr07KqXPa33e9CEnTzrgNHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qt99294IJo_rWX95N6Ll0JtU-u7yaUfYdrhoHJ-hrMFE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QTJu3CdDAxNiRkazR6l4Pnu0eab1vHcgvyG062J1Genc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtowDJt0Ievt2bNZ3jchzMNbXpHVWn51Azyh5p5AIwkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtRct-2wF7DMuQ5SQOT1r1SZYjWEAIDx7NiGNwpMUNwc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtskETt9UkgXojnx-HeWRaJnU4gt1dPff9LnbYjV0i28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QtY6kc-qR_1U31pUZDHemFaCIOJDeBz1qqmecpfHKVfw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qu5P5yTEkvOg2wguqadse-mpBnD2zoN_9C_TFzSFsHG0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QuNO_enGYzthXKDPFKZtfqAyrB2_QKUC8yzaCYFshfVk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QUo01qEF8rehQFTAqbqBGi5dSe5vNdvLXQdpwq0HiI7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QUU-NMEZvsbmN2EPgp0SGLvEWHTVwatuCoejv1iX7xrY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QUyUjm_Ou9CgGBrRGe5wvuL4Qm0XGgCTkvqztBz3Bpr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qv2E2R8PmYipI_V85HO8fRtz9fo2kWrpt8YLHcnd8GZQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QV95-XpY0MdYbNTDypvNYnECKYIE0pz7cQNayIiORaX0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvlC_fvUokbPe5iWq4cFUZUvLHtJ2N_4Nsem2D3droJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qvmj_xPeAo48uFd10PxPFomiPukX6NvYBJZUz9sASnUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QVQsbXw9kHnpiic_fYP_LJurJX3aSM5RzGhKfwwoajT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qvteg1hzis-V2BPpKeHerE9llUOjKO7DXzPLrDmmf-K4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvtxZrww8L0lsJHp4A2Y1UW4OZHnofBFUMdJMLyEBJwo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QvX5jz3fIzIXZTyptxrGujUiTVw_1jHKDxdKPB_xbhU8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwaMFBvrz24BYkulsCwm9fLrd7cCPAQ17X-nesLlOfqg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QWbvYquC5HBNAE4tzIla5ntKGKI9tE0FTCtWxblCibqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwdeTVRs2uaZ6sAoEqIUSSifx2dtGJcplFv3tG7QOEdI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwIlaKjtK73fb0bDExvovaH635oVd9fKvnB4QKcQOQV4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwJXNP-RPxsWx3PFKAM6erHcq4zs8KXk6KrsyihAH45k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwlT9pRi7uSwErv3NZu8o-xLKfIxNrC2MB3ijT_Ov4HU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QwmqpktC02E1-SJFQe0fN_heOUbdT_xvlJUEO1WUpzfE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QWpa1MrOmrEfI59MEMnugG-WiiiP0Or1jC5PRVu8-5eY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QWTHMO4uiExAE0rchX-isZ-rOSn-i-rEltJgAXekUc70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXA80tXPWtnBf3xvRJQs74UTCZZecCeZyO7KQ22Lqiyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXB3wEcz6701W8CHn3YmnDz-Wq3VNKFoGRlseIsg2yj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXBURYKPa0UWLlvfIzUyKbIZ689Xeffhh6N_CIgMQ6Ko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QXFKNbllKBgQEJoIbZioI4qj9ikXLqFF2_tKPaNzUWAU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QxqJTlyyiKPf4jir5TSP1P8sdZv3RHtS3OujGthh3s3I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QxWDjZsjB-YWERABJWJWLnqoY5fYVb74vuuRwSVdrRRI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qy6ZfWX3ql5VX-ONqMK8wtktel0SA1NvY90IObCEu56Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QyprjqiPlGvi5zIuQBn37gLruNVhjEkIymCoR3n9ng0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QYUbo-Cps3gDtJ7UHv_JGsB2J1YSbDTOeTiSt1hqbnNE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ__g-x6vpV2UjJYOKqfVEvbx-0r8bwslGWn1EPpGgrM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz9A84kaWZiWTDpQsOys149rcRd4mUKDDUTaG_RHxDLw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzGF6tqVweGCQvJz4iNMlqsFofm7oX11SXdKlck_bD6k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzgnbhnnP5vtbOly3kvOotgh2G1FqdymNnb-UTi4-Fa8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzI9NIYBQhsrpmMNQOkIggWmMlo0nYuq1pGfGyWZgNSU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qzns0Mp0hGSpSUY3EBNfernPy3WeDbS_qn2Pkxk8uBL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QZNTPgVGoFxsvWYDtvX-a9cRBFeEIYAeYO71pSkHu0Yc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "QzumZrBIybWdHhUHhEAZn9W7D2kmQsngCK6qrnicWzas", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7FgaAhQ3tkX7b_2CeRCcAmPCK7y2K_PijtFCIbPQoNM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QtbV3BH0vyGJr6iXKuYbQy906er1zO4PtHgk_hn_Bq70", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q7FgaAhQ3tkX7b_2CeRCcAmPCK7y2K_PijtFCIbPQoNM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QtbV3BH0vyGJr6iXKuYbQy906er1zO4PtHgk_hn_Bq70", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q7FgaAhQ3tkX7b_2CeRCcAmPCK7y2K_PijtFCIbPQoNM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q7FgaAhQ3tkX7b_2CeRCcAmPCK7y2K_PijtFCIbPQoNM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QtbV3BH0vyGJr6iXKuYbQy906er1zO4PtHgk_hn_Bq70", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q7FgaAhQ3tkX7b_2CeRCcAmPCK7y2K_PijtFCIbPQoNM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QTXQw2JxI2mf6bd5ad2Q6-mkH-oa9vdo6zmOyB0Aueu0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q7FgaAhQ3tkX7b_2CeRCcAmPCK7y2K_PijtFCIbPQoNM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q07H9wd-fmo4jprOzJS9bMaDdhO3m3lvju6R6y9H9X4c", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFXaZ60EZzrLZpcmikso8OjSpzPkDJUSeYAqjf1h3Hsg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp38-cp38-win-amd64-whl", + "id": "15904524886", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 28651355, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Qu4mQ1HrF7uzH7ByHHMQQPo7UTspbfjRqLGDLJrFu1po", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cp38-win_amd64.pyd" + } + }, + { + "key": "Q2ZgYfF9Z4tvrN6VzdXyj3C59YzuJeuG1B4hdKJo-iKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cp38-win_amd64.pyd" + } + }, + { + "key": "Q2y1cDI6mOZwnQuoXD4vQSy7pk1mYZdAZ3_h4P88FYpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cp38-win_amd64.pyd" + } + }, + { + "key": "Q2V8KfwBCZ5fjq8y8uXxuwXYTbRPsaVNRsB-eYVJdCvc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cp38-win_amd64.pyd" + } + }, + { + "key": "Q22-UNt5V_MhpFCgga62FdFZW0IXCX4b5T7xCHVts7sY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cp38-win_amd64.pyd" + } + }, + { + "key": "Q1rNwqxDwKF0qkfgFzE0ZH7L5cqp4kkidcW-P9vWbhys", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cp38-win_amd64.pyd" + } + }, + { + "key": "Q1nBg5nQ16bCUgdngXABRU1bDxpuZ_HugNS9Y4rZeZyc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cp38-win_amd64.pyd" + } + }, + { + "key": "Q1_wpbkoq2c1d3Rfeg6Y9eOArFu9qRmrlNycwNtX7yho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0vnvuzZYpQwdzVE3nmkFsxY-72YQ5eYki26BfsjU-J0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0s34xDyzXw-wfGGNpac_3FevT4ICyGLN95_ZdOGp0E4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0FnVBuQVFgeqIT3gjNXLRzPHa0SxKkkueXeA4G9VY-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0f6jeXp5bA1l-oLU2YuKestezZeJLybDqANNXFeOeGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cp38-win_amd64.pyd" + } + }, + { + "key": "Q0drKBlQT6RXGi5CfImCHDRVFzep-IAsOlrVLAG5B6Jk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cp38-win_amd64.pyd" + } + }, + { + "key": "Q05pkG2O9ZTFvfD7zl7KgwCn3W_9U7EADxmJvcCY7xpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cp38-win_amd64.pyd" + } + }, + { + "key": "Q-Xrgd-K2hp2zgn_UqgTSAJGirBnLyfEWJiz3l_jor_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cp38-win_amd64.pyd" + } + }, + { + "key": "Q-n8r5BhqFbeMHd1dN5MXErUi8hdfyddb56tFEwXzlDA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cp38-win_amd64.pyd" + } + }, + { + "key": "Q-LpobLUGRDxyaPu51r_Aki9Z5h0Nlf8I4UuMcdiCZXM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cp38-win_amd64.pyd" + } + }, + { + "key": "Q-fx96g3PlsBz2yTgrznnuClO_p6L5DmBu6yhUD3SmRY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_qQScYDDkkzJeuZ2TGdSsf4Ht2Szjw0RoiqGihKPtKc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_-T8iQrJGmBXiAyId-gS13R5CpaRUNI5J4Z5D0Xotjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_54HXjI2wZADJx4EfIv9YB5xawDOFKuANGLJo2iB3Xg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_AX8WTWzaclj9G0klSFe0KTLBllfaVadsRgx5IHo4K0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_kbmXPoLw3Do6QpdiUmkR8e_UIkTlXUUqgLonGiIvk0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_PQTKkUqfYaOsDHhdVSfpORGXzEWirSAlLnKJv3_U2U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cp38-win_amd64.pyd" + } + }, + { + "key": "Q_QJMuo4eyJqOA6DmLzIHErfdoRCe5aUuJ19pDFc9Jtc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cp38-win_amd64.pyd" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw3p215-9H2Y9Jd22x8VPvAAdxdTjJLSR1LjAusb5jMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw3p215-9H2Y9Jd22x8VPvAAdxdTjJLSR1LjAusb5jMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QcqIMU94XE7Js_jxL0n530cl7vuB1EvvXzK2QgzH1Ywk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qw3p215-9H2Y9Jd22x8VPvAAdxdTjJLSR1LjAusb5jMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfinegrained.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw3p215-9H2Y9Jd22x8VPvAAdxdTjJLSR1LjAusb5jMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QcqIMU94XE7Js_jxL0n530cl7vuB1EvvXzK2QgzH1Ywk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw3p215-9H2Y9Jd22x8VPvAAdxdTjJLSR1LjAusb5jMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QcqIMU94XE7Js_jxL0n530cl7vuB1EvvXzK2QgzH1Ywk", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qw3p215-9H2Y9Jd22x8VPvAAdxdTjJLSR1LjAusb5jMg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QG9tWc-Yt_RB1tz-z_Yv2F5XAjozCpGa6KZburNefk3U", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q142HCUSlC6pcg-jH8MMHwhhQvVzK33HIVvltggd18yE", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QYkDuqSimpzDW5devJkaXo0LY9zR8DmljrnmkjwmbZ7Q", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QzZNfeZHMTR1mHpaA0sKBNLx2PQ0KPMHMso-JD3QP4Mk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cp38-win_amd64.pyd" + } + }, + { + "key": "QzywgpZz59Evc6EVNA5lAsdywCV353paGgQpVdV0K0Aw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QZTdTa8vsqupz68oT72Bz1pnRMWs_l_LJW30Pw_CVlqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cp38-win_amd64.pyd" + } + }, + { + "key": "QZRB9rT9WAdLPStGNFlnuPXXPw4chtNOj823K3TNuGRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cp38-win_amd64.pyd" + } + }, + { + "key": "QzpiWPufbfVVWaP3ZarRLkH0oH7AZ7L7_ufYSQPiWxIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cp38-win_amd64.pyd" + } + }, + { + "key": "QZkM_VXHfk3bZ-Ad7m7gETr2ekl8LrH3MrKFXnwsnBbs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cp38-win_amd64.pyd" + } + }, + { + "key": "QZJdvNHE_jKesVLlm5Qg1iTn_VsCDPRfA7OS0kguFEYQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cp38-win_amd64.pyd" + } + }, + { + "key": "QZglM44_f3bDOQIHLg7E5EgsDC2SMkOOyOz5Sy_1HL_Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cp38-win_amd64.pyd" + } + }, + { + "key": "QzDSNPm69K7sDXAaCET_xh2tUguzPZPBkTmT0bYNuqEo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cp38-win_amd64.pyd" + } + }, + { + "key": "QZdfKvuTUIpNg1cRmSehVCj8qh1OO0b9j5_nyFcTfWbo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cp38-win_amd64.pyd" + } + }, + { + "key": "QzaIQzg0qYU5XOGagfWAS1SMNscAAVfSJzkLU0IGF6rc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cp38-win_amd64.pyd" + } + }, + { + "key": "Qz8_SIk-WWRpykUFlTgfx6W6XGJKFN13PkcvQkAwQ7Z4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cp38-win_amd64.pyd" + } + }, + { + "key": "Qz6EArZ4UMBr7mhzBVTyvfJhhAdZnZhFF6Ggqc9vFO-w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cp38-win_amd64.pyd" + } + }, + { + "key": "QZ4BdcoCJ5AR_szwVbuQYIJUej62wMxLZEeAudcX9Upk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cp38-win_amd64.pyd" + } + }, + { + "key": "Qz1B8efhVxBlKoy5xs3jbdr_nqEDvh456jYW9FJ3n3_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cp38-win_amd64.pyd" + } + }, + { + "key": "QyzVNpWTjbyDvY9zGG_Fspv0jNdgOGVxapHEdILxIs3I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cp38-win_amd64.pyd" + } + }, + { + "key": "QywMUSGpbAaGkW5HM0d6i7RZFQvEH0yoQRpbxH4nEaR0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cp38-win_amd64.pyd" + } + }, + { + "key": "QYjAV77ek7ldb84V5MEAPy6HHzIYmIIR_M74DcZGedqs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cp38-win_amd64.pyd" + } + }, + { + "key": "QydYBMeUCPQ3e-96Juy5ngI24ixd4rZakere6gFtLuis", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cp38-win_amd64.pyd" + } + }, + { + "key": "QYC0xCVsQL46ZZcc7tL8aPrUTCsGZolhyNA_SDMNtaYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cp38-win_amd64.pyd" + } + }, + { + "key": "QY3eU35UPlcGBLZGh1xaLTJ1r7NaqFrLcFk4MVWRysIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cp38-win_amd64.pyd" + } + }, + { + "key": "QXYH4MT256OYcDp5micSb_Z86VLR02e1KKMufleMwgYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cp38-win_amd64.pyd" + } + }, + { + "key": "QxxspaaPmYfuM8v-f9FFTLpDf8ZQVwqB6eItnBMK36SE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cp38-win_amd64.pyd" + } + }, + { + "key": "QxOBU3dIfFD-pQkS7uaNsf3i2kvuHDngON7LTJY6CLF8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cp38-win_amd64.pyd" + } + }, + { + "key": "QXNPko7-GR3SalBtKyKyIiDOFttTTyOpARszKAZLYi_4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cp38-win_amd64.pyd" + } + }, + { + "key": "QxlH-8WIyd9sQUnV2E6DHWNCep30rqzQCVfWejEmv9Fo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cp38-win_amd64.pyd" + } + }, + { + "key": "QXDXdCuEymYzIT-wI2HyszSX3rj_VpwWLVfV9ee_YuMQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "Qx84bWURxTsunGTyByPbR_lSpyQ7qc0u-sD1HAvQCxSE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cp38-win_amd64.pyd" + } + }, + { + "key": "Qx5xHiK5zpUtrCDVKBEPujOt3HSHNZZTYhWLhjiLcmi0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cp38-win_amd64.pyd" + } + }, + { + "key": "QX5iJ3VrLEFSUzKydhEXx9ZhmE50sq9u4uxpo2Xx3i3U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cp38-win_amd64.pyd" + } + }, + { + "key": "QwX96Lb4P6nXGjr1TVAZJk0AveAGOkNvsHlQC3ok9hKQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "Qwu2pOdBCawuUYxs_HQSrAYrz3W5GIoCx1D5ojoOeYKU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cp38-win_amd64.pyd" + } + }, + { + "key": "QWNug1hi1FHy3fMjX_srbnWUKWXwiPmo9PmkyF8Xrr0w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cp38-win_amd64.pyd" + } + }, + { + "key": "QwlVVY5UBIJm2MJFe1xRUF7j20WifT0eYLRhFWIH6mjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cp38-win_amd64.pyd" + } + }, + { + "key": "Qw2BNE9HrFTGSiIgZgVZCnnM83kruzxbRZKvBfY79IK0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QvSrwsbfPE8AS3ZWucddmwSKNUU6BqwplmcSRugeuzSQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cp38-win_amd64.pyd" + } + }, + { + "key": "QvjXViQ6aBMl64AQhGLYGki92_VQLgpL3ZgQi6J2eCds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cp38-win_amd64.pyd" + } + }, + { + "key": "QVDL1t2uBu1tqgwQeT3Ih11GcZ5gfcCawCwBhhw0U30Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cp38-win_amd64.pyd" + } + }, + { + "key": "QVd6dz4CIzsxeSMsZ1k7IwlBhzoHwkVlJfMEnw1npA0I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cp38-win_amd64.pyd" + } + }, + { + "key": "Qv8PM6rDcQhilQsNId53-9KB2BH2oAYd1bhgR4HkyDJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "Qv3aIQ5aIRjG9ox4TzEiZTrxY2G9E9Ty9INr9iJpVbLI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cp38-win_amd64.pyd" + } + }, + { + "key": "Qv0WOLB5p5MJylVbOSBZa5niuuv6tRBXPnOIgHPMRoIc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cp38-win_amd64.pyd" + } + }, + { + "key": "QUySmyWBDEBVVuS4YEpKpaTQc1VqlaxhKv4huuA6IoXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cp38-win_amd64.pyd" + } + }, + { + "key": "Qups0YEopYzojyddJNoqmUGQTmUuKngumaJR7uy4IXKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cp38-win_amd64.pyd" + } + }, + { + "key": "Qtx7sWgWFr5DA2TiAPT8h8iLyu1IunTQODkbylYPsrYo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cp38-win_amd64.pyd" + } + }, + { + "key": "QtUzWASmlTKnaKihULUPQOZUIzoE_ONn3LlxqirNHWvo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cp38-win_amd64.pyd" + } + }, + { + "key": "QtfqRI_kxaSx8aqPikznMihQrg1QSg1YxKf0Bgw0-ZFg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cp38-win_amd64.pyd" + } + }, + { + "key": "QtFCILoZ3jN0mlxThdNrch8zYGZZS1rtKLQdJQwwXyyo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QTewH3p5zFUUT9Tbv6FfEPx8pTnQedW8EBnn-fXYnNbw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cp38-win_amd64.pyd" + } + }, + { + "key": "QStIzvmLaNyvkMf6HD9cfemCItLCH9TTlFNp0il2_JGc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cp38-win_amd64.pyd" + } + }, + { + "key": "QSN4xRoMSEkRAWhXierlxuWy7nHeiHJX__I7_HNU3e-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cp38-win_amd64.pyd" + } + }, + { + "key": "QsGQZsGyYsjuQtjFsmkODe2vwJtevpL7IUDRmWT-eIQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QSE3JuWgJACQVjPGNZa_iXEcpPWbABdcSQuXSXVTlfg4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cp38-win_amd64.pyd" + } + }, + { + "key": "QsDSNIR9sep_PVnlQk3sNbj2vnv194eJqQbWJIE6i35g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cp38-win_amd64.pyd" + } + }, + { + "key": "QS1b4XYLL4UHmwVsS9CBigVBZj-Fsp3U_WDSvMt_59hI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cp38-win_amd64.pyd" + } + }, + { + "key": "QRxRr4nLCd9jhtTvjVjQO76cGr41zL368GAofwtfmVHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cp38-win_amd64.pyd" + } + }, + { + "key": "QRVW1KfJ8d-7Ujzy3r6Dy5EhwwyfDrAhD9O6IPip-UZc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cp38-win_amd64.pyd" + } + }, + { + "key": "QRU-fTZZDaLaC3I16iql9d25picfYpe9xEnHRpsqz_AI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cp38-win_amd64.pyd" + } + }, + { + "key": "QRokqy0NIuadPlJ14yLgSuYaki33bfu2JigblLe2VfVs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cp38-win_amd64.pyd" + } + }, + { + "key": "QrMrqyGHFPJyfe5tDz03ICNEIuTBNi7c5WNsUNncxn9c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cp38-win_amd64.pyd" + } + }, + { + "key": "QRJ_SmztyUv48IpScGJdHl6p-rhoxryl5017jJoZ9f0I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cp38-win_amd64.pyd" + } + }, + { + "key": "QR9TJJwN9xnp22d2v-DSovXFXCQM3lWXMfwjL469LkDc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cp38-win_amd64.pyd" + } + }, + { + "key": "Qr5gLzp3YqPPDoa0JHGlq28_8s3CKVviuq3OgNvho2iQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cp38-win_amd64.pyd" + } + }, + { + "key": "QqeoRw2eerUGkV6bVfwrqWnbIPGpsWV5FqrO2U2K2WdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cp38-win_amd64.pyd" + } + }, + { + "key": "Qq3P_b6sL7yBE6VnlsSeXEqEoiQstg8EAgbRQu26mNH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cp38-win_amd64.pyd" + } + }, + { + "key": "QPxxWMUlmthWGsGiq0KII-k0tVHeSdGaSqGh8tRf9wqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cp38-win_amd64.pyd" + } + }, + { + "key": "QpLZY_yKJnr6sj_jCeHJeWdTYOQVzOI6RPx-3jtXJ_Pc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cp38-win_amd64.pyd" + } + }, + { + "key": "QpIwEpom018al_A5RRxaPEBXZhxc58bFD5SEQnq4bMcM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cp38-win_amd64.pyd" + } + }, + { + "key": "QPeHNQYBMwRlIy7fOa1CvuthVhrwKlJwUum9PrJHD7vs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cp38-win_amd64.pyd" + } + }, + { + "key": "QPCUSKYLdGEFUjRZXsotceGQJwfSqQLsPxSbWlHFZkdA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cp38-win_amd64.pyd" + } + }, + { + "key": "QOQqrVQFoc5bNg4jA_-zG7WOGHRm9SJlnxuwMpqrTmQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cp38-win_amd64.pyd" + } + }, + { + "key": "QoMJDWemkq4GhvDXfRRFjWB0qsV5CwcOxDEZIJEmBZt0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cp38-win_amd64.pyd" + } + }, + { + "key": "QO-Qfc0n4YSImjldJg8kWMN9AoMTWNs_7qq-w4LJkR0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cp38-win_amd64.pyd" + } + }, + { + "key": "QnzkK5PkOAG6H1Qp0zUGq93X1M-swF3SRReJjfrcqV08", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cp38-win_amd64.pyd" + } + }, + { + "key": "QnY998ppDPa4lWqCzcF6uqIxahkmSFeWLz8c1off7N4w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cp38-win_amd64.pyd" + } + }, + { + "key": "QNrtallYcIKlX0mjgBIKWGfKSDhVAWYdoxUguQN8p7Ws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cp38-win_amd64.pyd" + } + }, + { + "key": "QNQHuAbgBJvuJtOeOOE_7IwtIu0tyxEeUWkqeZTvHQJo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QN8BKtXTAjtNVuuyOUYwTn05GF8DXFnC4cqI-8rcH7aw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "Qn2opRq1rIeJpcTjOpsr6PsmUDKUcB2YBxfXTL34IX-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QMv0nNM7kz6EUz5A3L73E8_-FCMSxapGCf5FVOM0tYT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QmtJ2ziLWRxtaTWU4-jSWmCU6gWFr6-7XElIMkbL9GAs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cp38-win_amd64.pyd" + } + }, + { + "key": "QMri_T8b04O4WmcGX_YFpcF3pOGSNmGET96rMBB-xjPI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cp38-win_amd64.pyd" + } + }, + { + "key": "QmJ_untVNu-s9D33ySrzjDCVhUVK1WRuX1TZq2eeAgR0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cp38-win_amd64.pyd" + } + }, + { + "key": "QMahSuHZ84hWP9tt7BTZLVL0jYFop3hBTmmWhxnMQYeE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cp38-win_amd64.pyd" + } + }, + { + "key": "QMa01fl9TJ0nJDArj3wZdSZWX9NYhkiglQ7NG94pgNlk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cp38-win_amd64.pyd" + } + }, + { + "key": "QM7O6X7x3hI1kohCdz6UsZMvW4PtQlVm5tCOUJzLzwFQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cp38-win_amd64.pyd" + } + }, + { + "key": "Qm_9nxa-6Fp_0g74-YsNH6igSQA29SqB0oo8NfYYx_KE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QLm3XyLwutODuMP8ebQzLgx-StI1bSrJ1NnCtLXiOvZk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cp38-win_amd64.pyd" + } + }, + { + "key": "QLE0DWGH_1NdUK5ZgMTMTxJ3YA8RyzUxzhVqOotoQ8m0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cp38-win_amd64.pyd" + } + }, + { + "key": "QL6UeET5fGlYpYo9OyDgs0qKPHHuSKcQZfCg6xE_9XxQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cp38-win_amd64.pyd" + } + }, + { + "key": "Ql3EPiEwr0IkXmv6CYvLtMwxZWGED1VlUv4sKtN2fr3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cp38-win_amd64.pyd" + } + }, + { + "key": "QKfNpHRIIHDkyN3jG7UT6oapxh4ka4k9CZM7Ud8_t9-4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cp38-win_amd64.pyd" + } + }, + { + "key": "QK4YNTSm1-d_2Nzg-QP1wemC4EvBRNLJtwZ6pTFahVKM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cp38-win_amd64.pyd" + } + }, + { + "key": "QK3ouuppBRsCR1ZBB1WoNObDS3M36gJmQOzNfsWziVSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cp38-win_amd64.pyd" + } + }, + { + "key": "QjXQAlAAZ-rBq3dUX1k_usTIyx5Rh0RG9jj_MEG2fSE0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cp38-win_amd64.pyd" + } + }, + { + "key": "QJSBnTHNgh9zQpoPF2AgafV0xUztGy1iZbdP7gr7bL5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cp38-win_amd64.pyd" + } + }, + { + "key": "QjHRDO7P-Z3D1Qi01tEsiV1aHFS3ZDfj0kT8IRZT8VTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cp38-win_amd64.pyd" + } + }, + { + "key": "QjftRz1AF9qaUoRLCq-ZSBQY_8CgfHfDkQsoOWrJnGSk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QJ9XgsIak6brZHkfOS28R_mRDVJw1o8J8Q-J-K_PWErg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cp38-win_amd64.pyd" + } + }, + { + "key": "QiZYW9A3slPjiRa6ia_uZ7MKJqQCVwNOz8kDFni7T57M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cp38-win_amd64.pyd" + } + }, + { + "key": "Qiw-slBToqlylNOG1bh1iFlhqNWafBd0zVQ6Uc7o3s-E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cp38-win_amd64.pyd" + } + }, + { + "key": "QiudG6vJWp2QyeqUL6pWtfafps2hwdnZFV8E_jt_4phU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QiRJ55aTXPINJkXGtaRsBSNxqQrGiLZEiYIBWycA2DRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cp38-win_amd64.pyd" + } + }, + { + "key": "QinN0d7NL32BhSTF-cyi4XNdSNl2gWBmbZ81O_PlbJ-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cp38-win_amd64.pyd" + } + }, + { + "key": "QifxCg4ExVW_0Y4u-DD2kOYY-XKDtT5NXoOEDfGsfHP8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cp38-win_amd64.pyd" + } + }, + { + "key": "QI6-c84TwnmhMfEF2e6gGwOAxNDmH29hgdMG-jdGOFoU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cp38-win_amd64.pyd" + } + }, + { + "key": "Qi0-Tq4ufLgafi9yAi-NHGiSOB-RrYjmMX1VAEX9y1Ac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cp38-win_amd64.pyd" + } + }, + { + "key": "QI_g2LwQc6OUrKDm7MY3iVm-SWd9mE2jtF8cNe7f41Do", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cp38-win_amd64.pyd" + } + }, + { + "key": "QhZL6IlfTwVtHR3_0Hb1s_ga_syxkowZLq4Cqz9bj-qw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QhT3619tcfNk7xA4c-NnU7z83mkujhwAt-C9-XlLYC30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cp38-win_amd64.pyd" + } + }, + { + "key": "QhqvaYEBjPuuFwpJ2YJPo9qceRWVTMVZIiiatXzbZEKY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cp38-win_amd64.pyd" + } + }, + { + "key": "QhmYWNr5lDTi83FwSYRqk466aL5BnlxZqgrWUvMWTxhg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QhgfnOcWUGUlVq695d8i-rl2VWr_EWzcpmX0Roh82fEE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cp38-win_amd64.pyd" + } + }, + { + "key": "QhB2iH2c0xJLpI0vDIu9vWJQH_hw-0uXPw8uhsfRNkp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QGVauS3_o8EAlxZxT-uu_atVx7vm-TtimVD6hKmpJvRs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cp38-win_amd64.pyd" + } + }, + { + "key": "Qgmpz1mEAhleJMmh-abjLt-tP5on7f2lmcI4JNVeJCwg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cp38-win_amd64.pyd" + } + }, + { + "key": "QGj-NpC9XHvQcXltuTZmfxpONI0qXGcNFe9y01065vpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cp38-win_amd64.pyd" + } + }, + { + "key": "QGA90_MVj3iSOBJBeM9A0Dvt4ymEvOoan204LoP8qNB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cp38-win_amd64.pyd" + } + }, + { + "key": "QG02NHmsJ1Enx9PJElVXlabB03g2k8-QNsn19mazZJ6A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QFW6k-cL4GldakGy6tKhntH-NY92culnwEdRUcAIGSRg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cp38-win_amd64.pyd" + } + }, + { + "key": "QfTMPlUjfBX-g-OJK5ZYRZJ-ZwODLt5oP502UhOGYz8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cp38-win_amd64.pyd" + } + }, + { + "key": "QfNm4LZ2wWrBUYSb9BxbPW-8lDtP602mWayVfLF5-HvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cp38-win_amd64.pyd" + } + }, + { + "key": "Qfm5vS1ZBVWnsUrtGgOoamJ8WEEjsmzHK3RsIiZNSRGE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cp38-win_amd64.pyd" + } + }, + { + "key": "QFkuPTr8tCiTz2AyCYHg4qVal6UBpp_LFezmovZv5fvA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cp38-win_amd64.pyd" + } + }, + { + "key": "QfjqpPRPxlHpwBJ90P-VC7dLeAeueZ-2Q9B5f9C1pGJA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QFakRnbg-9aizD_uUwLqN1PmvHLLoC3uOMDn2RQtmiko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cp38-win_amd64.pyd" + } + }, + { + "key": "Qf7xOKuRCPV1P3gao8B6GPqPmi8NH7olJw4saYupUGA0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cp38-win_amd64.pyd" + } + }, + { + "key": "QF7h2e4Juu9byHYARsKX4-GEjnZ5slNxbJbL7g0opNVg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cp38-win_amd64.pyd" + } + }, + { + "key": "QF0-rZPRsqRymVewD82AYCLywPb0RwA7O5ubLJqhF488", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cp38-win_amd64.pyd" + } + }, + { + "key": "QeZ3pRWnN7woPo-IKD_OmqBA0pBKn9NjrqmYJtEfunQY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cp38-win_amd64.pyd" + } + }, + { + "key": "QeY_z2-bF7Kgi55k4sfY7s9qUio5016wJ4NYzndc9WAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cp38-win_amd64.pyd" + } + }, + { + "key": "QejEccopz9a1l7MbRPNr1TIxHetdrG-1vsq3fBBLvoS0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "QEg2UOAke8wvFJIVcg61-mINzecl3CF6jmlk0AyWz58s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cp38-win_amd64.pyd" + } + }, + { + "key": "QeEhrnIsRByHLosN-u73StdbnwM2Cea3aaCtwkujO2tk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cp38-win_amd64.pyd" + } + }, + { + "key": "QebFx6YsqRhqsS7tuseSEuyddPQdcBAvR9oZszMqSLxU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cp38-win_amd64.pyd" + } + }, + { + "key": "Qdy6jZMXtL5A9Nb86DfH93KRTJQxb0zobxyqvBOPDeoQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cp38-win_amd64.pyd" + } + }, + { + "key": "QDUnvSXg-gHlsWKwBIxn2YOWCVu7wjwFFqJNcncdJqp4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cp38-win_amd64.pyd" + } + }, + { + "key": "QDrp17WUPo4h1k0f-WNVfbydj0XAmI9im-Xp9Q9CwH1Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cp38-win_amd64.pyd" + } + }, + { + "key": "QDRabNLAPSba_IkxO4bLFNudiQg1feJPVEZJpeK50bSo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QDB42D2ljy1aQr0dYonH5stl9E-4aRMVO5hq-ZhDih9s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cp38-win_amd64.pyd" + } + }, + { + "key": "QD7iq5FZHK-QPyjiqa329AcmVT41t3V_CFkZtuQZIEvE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cp38-win_amd64.pyd" + } + }, + { + "key": "Qd4cqvU6CtkWisZ0SXtOcCtKZ6_3K1L1x1-DLvOWuk1s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cp38-win_amd64.pyd" + } + }, + { + "key": "QcUOADqa6_TJlspHYhHL9OvXquJiOMhKr7caYEAsxpiI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "QCls19Wj-hUhzOIYzgR4sWSnPuxO3SSLv-LAbHbGOtqM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cp38-win_amd64.pyd" + } + }, + { + "key": "QCIpE7GFUWonw4inM6Qih5LUcBi0c0i6ghgKeKP0KsYk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cp38-win_amd64.pyd" + } + }, + { + "key": "Qcf2Y4kIy4_hJMqRRHo0fd8OXDz7SI69mW2okdGYwxvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cp38-win_amd64.pyd" + } + }, + { + "key": "QCB2Ex9L6wWIX8e8YqnMJczidLxTUqIsQVv3KAnDdAJs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cp38-win_amd64.pyd" + } + }, + { + "key": "Qc4PLYhZAGJyyEjf8qEZY9PdHVViV6YQQjl8IoMyP1tk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cp38-win_amd64.pyd" + } + }, + { + "key": "QBLqErRJvuzW3Lpcwzsb4U7C4tIIKLUDfHi5dEkNeZXA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cp38-win_amd64.pyd" + } + }, + { + "key": "QbIPT_Ij3je1assR7vURcMmqNNNNvox6b1wrQx36He-0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cp38-win_amd64.pyd" + } + }, + { + "key": "QbDgRcEjZ-KERqo4Fd--5O6DzqVsluicavms5Hytfrcg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cp38-win_amd64.pyd" + } + }, + { + "key": "QBCaUEV2lgmH14Z9feXH4nh6whDTd5JIJcK-3UalGTv4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cp38-win_amd64.pyd" + } + }, + { + "key": "QBBW9TbgSanrIXCRhu6Kwu7SvzZF9ya8ULBTxTSMHbAI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cp38-win_amd64.pyd" + } + }, + { + "key": "Qb6gH70XnH2TXH95NfkLzaEV00aRR4gapbiOgC8a5058", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cp38-win_amd64.pyd" + } + }, + { + "key": "Qb6aN3iAqpqfBSBSNlIKmFCiLUGAgm6s-92p4prUCLxg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cp38-win_amd64.pyd" + } + }, + { + "key": "QazMWMLf6nLrpbOYfc2r2iDP0K9-pQ432dqf8B6KZjeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cp38-win_amd64.pyd" + } + }, + { + "key": "QaSFFEjzWWCWLAvXLIyG_T_gLxZoQbtn94hPSToq-8sw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cp38-win_amd64.pyd" + } + }, + { + "key": "QAPWE4cCU9flAuI1EkmP7Nrpp6MaSjUnYg-CzkWKCyLs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cp38-win_amd64.pyd" + } + }, + { + "key": "QapCRmoixKwmdLGRU9Os08qwqPBspaKkInWaKVt4gaco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cp38-win_amd64.pyd" + } + }, + { + "key": "QAnYxGkaQzob-jSIOOrcC_52D-wgz8gdRhMIsJvFKU5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cp38-win_amd64.pyd" + } + }, + { + "key": "Qa0fv-K-lwEQnhtcAbh-1ySvKF2E_Llt7ieP_aeTYjds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cp38-win_amd64.pyd" + } + }, + { + "key": "QA-bPIMTC2zIwWwlDnRcOGxK0i9htsL47dPnVwVL6Vs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "Q9rrbUMc1qbXtUAskq6md5xeiPvgx7Ud3MKhjygdHL3M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "Q9Nq_UEeV1_5ckXFxeTyHP_eVhVQBIzMUfsgr12x131I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cp38-win_amd64.pyd" + } + }, + { + "key": "Q9Nbm-OcPop6ATLnuUocJvz5ti0nSmWu2AqfaHpWNWTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "Q94UKvOOJ0uWCrJl8CPDmGf57Ldwh2_pau1wx-WNVygI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cp38-win_amd64.pyd" + } + }, + { + "key": "Q92KJtUI6mPOk4xnenZSthMfOFzltuHEn1LIUw0IAyOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cp38-win_amd64.pyd" + } + }, + { + "key": "Q85Zi_ctVdESoMVQWiBAObt2uKZPssMsgtrzlOD6NLXw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cp38-win_amd64.pyd" + } + }, + { + "key": "Q7Xl2VrDL5iFnyr0J5zs1-FwUD7hvchu1iGt0FaHy1go", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cp38-win_amd64.pyd" + } + }, + { + "key": "Q7tapR9q0KH9VUflK2vOhyp0ixdLlgKSTN3ou6BRjpzc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cp38-win_amd64.pyd" + } + }, + { + "key": "Q7mkw8I-XR23jAvNFsUpjURCgJrQ5a3PN1js_L7MRBaE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cp38-win_amd64.pyd" + } + }, + { + "key": "Q77KNKPHENJRkUwCoPpizHxEnIhs4-1yp6hmhL5RaHQg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cp38-win_amd64.pyd" + } + }, + { + "key": "Q65UT5MGMOQgEXhaoUxFSMCCpRWNtzuPQJK1w8TZCaHk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cp38-win_amd64.pyd" + } + }, + { + "key": "Q65aUb_RhfqIgcDYGvnekndn872nhHtHukT8OPbk9YlI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cp38-win_amd64.pyd" + } + }, + { + "key": "Q5UJV7InygsnbzV29FAJ9h3xed8MwanRQwS5xf_ZjSCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cp38-win_amd64.pyd" + } + }, + { + "key": "Q5NqVaR255HEOnJDckVnywiQJb5qTi6VKR7p5jvpke0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cp38-win_amd64.pyd" + } + }, + { + "key": "Q4lnXd3ZT7rP5vUQ8CJaxq3xzaXurLJZ2ygwh75n6U60", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cp38-win_amd64.pyd" + } + }, + { + "key": "Q4GxRSE1t1_EHm7QHCUHAI8Xb4rFiVdjhO4D90NTTiug", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cp38-win_amd64.pyd" + } + }, + { + "key": "Q4dfq1mw2ksK_iPnt-3EYzDp2DX-DoOjRwrdFNaRFAbs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cp38-win_amd64.pyd" + } + }, + { + "key": "Q4AQeWD7hChCIkbn-P4QcQqL5HX8mdtponjalm23ZOFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cp38-win_amd64.pyd" + } + }, + { + "key": "Q3Yzl9vLTLLhfLm_eC9bxX5Qjogo7KLbUdA8WIYiGVsk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cp38-win_amd64.pyd" + } + }, + { + "key": "Q3Waph3tX_EC7UxaFhFSUxdBmQvn0hu4N8AWlrqf62P4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cp38-win_amd64.pyd" + } + }, + { + "key": "Q3mpML1dFZgD6h2PORmlSZv8x6udidNw1K_0I5JdEnNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cp38-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp39-cp39-macosx-10-9-x86-64-whl", + "id": "15904524887", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 35775170, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QtYq4v_DGyVbNc25vRjgb9fMuoVtg5VwwV7Nbs83WaEg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QxnOZRkFBogARkobPCC8HfxXesywMRhQyg5DOspHZ_hY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QxnOZRkFBogARkobPCC8HfxXesywMRhQyg5DOspHZ_hY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QxnOZRkFBogARkobPCC8HfxXesywMRhQyg5DOspHZ_hY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QtYq4v_DGyVbNc25vRjgb9fMuoVtg5VwwV7Nbs83WaEg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QxnOZRkFBogARkobPCC8HfxXesywMRhQyg5DOspHZ_hY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QtYq4v_DGyVbNc25vRjgb9fMuoVtg5VwwV7Nbs83WaEg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QxnOZRkFBogARkobPCC8HfxXesywMRhQyg5DOspHZ_hY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QCHbgdK1u4IIUcW5FZmW2tA1vgIB7XZs7WZNn5wiJ_yM", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZZO5c3E5rMIJeAD6mZsh7USIuDcd2Npgyi8a8SYrcqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-39-darwin.so" + } + }, + { + "key": "QZTrfGTJD5Kf7lXlVJDP1yDs0RcX0c7loUnvyePFqoDY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-39-darwin.so" + } + }, + { + "key": "QZRYeRGPiYmCW9Npl17_R37H2JuJNRUq509yJAW2Nm-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-39-darwin.so" + } + }, + { + "key": "QZqhlBFc_wiKCsk6BodwHBFNx8uC1ykhJcpdaBuD4-DY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-39-darwin.so" + } + }, + { + "key": "QZoUodlFKSwW6S8QjDr6L9E_eqdfbp0bDkn1atCjm6xk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-39-darwin.so" + } + }, + { + "key": "QZMs_oA3lm5CCB03e8oE_-Lcj6i5hDDopZfUAK6AwWkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QZfYQST7Q-8s3eX1AFGDzQFaLUtqIxOioncksYutYgxc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QZF1rlSgQjA4WYStF8JYWo-Ap0OwjBLYaDzeWHtyJHdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-39-darwin.so" + } + }, + { + "key": "QZF-bqTyCS1hAJqCab-Vz1ioY1BBf3e1kd6U-aWm0Cqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-39-darwin.so" + } + }, + { + "key": "QZcW88WkHkD5-mLX441elOu-EGBW2-3D7xZUKNQImVro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-39-darwin.so" + } + }, + { + "key": "QZCMUCWiPcDTt46G8u28G4IB6gTrYC68o030wbE7nfrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-39-darwin.so" + } + }, + { + "key": "QYtcA1WuKSH7YgCzxjcYApzoBUuyN1d-mKQ_av9elIf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-39-darwin.so" + } + }, + { + "key": "QYRQ7xpQBKazYLZmkW82cT5q8nYri4bGUoDwaknRkRiw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-39-darwin.so" + } + }, + { + "key": "QYQVm3Johzp0seHvpFQx0CCsmXmbhVt_sMR5bRsiLN8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-39-darwin.so" + } + }, + { + "key": "QYpHy7G97ay22fWfX_Skg7o1ySIj089xm7fKTFMKNNik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-39-darwin.so" + } + }, + { + "key": "QYOjIxellLWVA1Bc6CqQyZWg6yF92MU_qkEng7_YJtxI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-39-darwin.so" + } + }, + { + "key": "Qyo37SNT966rBAlEqM8-rlE3qsvCcvfUbm1lMetgYdno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-39-darwin.so" + } + }, + { + "key": "QYEpKo3U-tj4ixD3WE2h6OeXB4ZEP5Uj0ZKmvi632s70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-39-darwin.so" + } + }, + { + "key": "QyapUqH671ruV7k5p_OxT3ZcM-Gd1fY3OWNlFZaTvnII", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-39-darwin.so" + } + }, + { + "key": "Qy0sOYI32MFNmNf9b3onyNtdGzqvwfdn_wa2gmSUVrFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-39-darwin.so" + } + }, + { + "key": "QXvq7WshTIYuz1r0G-KGA1dhZrfhxruUpO8x_V5OX7Ek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-39-darwin.so" + } + }, + { + "key": "QXuiX2PMfkFv1qS7YXR8QY7BnpVmYkEIreSXXcwjgJmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-39-darwin.so" + } + }, + { + "key": "QXpUqny3sV2eR3D7o4TNqvXz4-bvZsbZYus5XOnr_c8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-39-darwin.so" + } + }, + { + "key": "QxNuZzGJ3pRXQFF8kKQdrsFz1uZiIaZNyEa9Yen6imOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-39-darwin.so" + } + }, + { + "key": "QxNaFklRazDKMJ0QU0zI5Ii6ElHn0bOldj0lGPOlvpgI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-39-darwin.so" + } + }, + { + "key": "Qxl5gFAohzam3TRWbUEUaHrBEpDP3xoQk2E_aeLZ48SE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-39-darwin.so" + } + }, + { + "key": "QWv09MaMua7OzNoyknpTabDM9bOGkr_Aw9xqbAQAA_qY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-39-darwin.so" + } + }, + { + "key": "QwRD9eqA4mRhMr9AhK4_uXXc6suo4l1l5FmoOU66wD4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-39-darwin.so" + } + }, + { + "key": "QWP-U-zY6ZwYSGyXeyR-wypLOKPam-QNW1Mlgoz-KcoY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QWKdO_k80YNS3Pdk-EMQilskKcrgYQEsOT7qBnjsPNro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-39-darwin.so" + } + }, + { + "key": "QwjqQWIE626EDgHgxBjergwD2d0-jmCAPlyGEi5VnRkE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-39-darwin.so" + } + }, + { + "key": "QwgqH9cf6UPUjmm-LDop93YaTLJdSx9KwLLI8YSCt3jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-39-darwin.so" + } + }, + { + "key": "QW2kIFncYcnuwYQxLHuPZG-SA-m-b2lv8S1KKJWx6mEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-39-darwin.so" + } + }, + { + "key": "Qvy1_aMBsHBh9SAIHCL4liFa3-qbSZEIysz-yFwo0sU0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-39-darwin.so" + } + }, + { + "key": "QVGX0SKlOAZNnR0y3gr5Cz6lTREs20Ar3Jwz02wnR_8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-39-darwin.so" + } + }, + { + "key": "QVbqu8UXkZGIROq3LBO5sPL0jzbghafMrS-7wNzwUtCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-39-darwin.so" + } + }, + { + "key": "QV8fAmQT4vUBa340vsGH8iP50HP3E91aBleeLgHdkj98", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-39-darwin.so" + } + }, + { + "key": "Qv7SSoAB18GxwdxAIBjrJseN8oCP3s_znuUKezM-htCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-39-darwin.so" + } + }, + { + "key": "QUVe9gL35E80QWDFQTX_wD3QlRwvuorRsnUgm5rqgwHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-39-darwin.so" + } + }, + { + "key": "QUSONP8X2stVcHVfPElh2BcP-WG6MTqMnhfZq0r8FuXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-39-darwin.so" + } + }, + { + "key": "QuRRdH90yee8OJSAkK-c_fB5phqow2nDn_RdGnKjatYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-39-darwin.so" + } + }, + { + "key": "QUQPOUeOUqMcCICVRrisYKTgT4pXe5THpix85Th2rF5k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-39-darwin.so" + } + }, + { + "key": "QUGzlwoOwOv8m3uhFivyMmhayULtxX3y5kyD_6aRbeoI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-39-darwin.so" + } + }, + { + "key": "QTX_l3AabScJluzLH3H4EIZLoNW42s6vdjFD4kZ7XlkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-39-darwin.so" + } + }, + { + "key": "QtsbUve5RqgZuIA624bU7oWSAmzogd7ERy1Ep08BuSbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-39-darwin.so" + } + }, + { + "key": "QTQlweDJys__1upVMtu_82971Xw5-JFWu4gdFFy4RIek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-39-darwin.so" + } + }, + { + "key": "QTMIRZ7dNYk4oT-fxvIOHzsUUDSAdhsFeu8g8WAB05yU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-39-darwin.so" + } + }, + { + "key": "QTMDSLLVFL7MUv6EGUm3lyBrQM-iy3gukcFxPM7WyYEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-39-darwin.so" + } + }, + { + "key": "QTkarx3lLZYwob_hepzXGNr7XbclcD3fyLkE3s_Mnzrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-39-darwin.so" + } + }, + { + "key": "QtGMSl6wHexCLmGAAXBTmQH2eewJMRVZ79E4fhErUMpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QsPiQz8gu-SKv9YOomrAX4UZDtgoztnDauodUe_flFi8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-39-darwin.so" + } + }, + { + "key": "QSKYt_8yKNEY_C508Koa1l_c8CKIf-1dadtmaJX9Hcms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-39-darwin.so" + } + }, + { + "key": "QSKOWsUkNXtMnKFWiImVXpzntr67GFhoGDbeBUthIeN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-39-darwin.so" + } + }, + { + "key": "QsjqvLEy5T2x0b_ER0v51U5Vcb-d7-N4r9HZFnEnqUYA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-39-darwin.so" + } + }, + { + "key": "QscZkd39Vw7cwb2b03QzuYXiKwpBV3GwjdgaS5c_kUnE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-39-darwin.so" + } + }, + { + "key": "QrZwxl5X4ZDdCwlINpAfvYIphZRGol3k_ALreSNzwZiE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-39-darwin.so" + } + }, + { + "key": "QrYVO-hR-b47sc4KFM1eJinr2oGQC9-nJXGXCgjwt5VA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-39-darwin.so" + } + }, + { + "key": "QR67qZ2wdNPhe2MlUUvB9UcVoA0SuUAtNJf2uJ-6StRw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-39-darwin.so" + } + }, + { + "key": "QR4ShZu885auM5pZiqeetsPueKkSuo5AZi5r4gisqq38", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-39-darwin.so" + } + }, + { + "key": "QR482g_SC1x8f97S31sAKMtXRreX0mOm217lI6iLv-Lw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-39-darwin.so" + } + }, + { + "key": "Qr0ZwJfZ-VG6uZUAhGcSCjKXdvnY-8yFRfbDar_ua5Oo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-39-darwin.so" + } + }, + { + "key": "Qr_M1ZcvCyYBDfXqCOdVVzugi0TKAJjz533C6LEIWiFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-39-darwin.so" + } + }, + { + "key": "QQX-N09p3ec2MVn6ZQKKAN79KcqSTkcKuvEztwuEx0eU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-39-darwin.so" + } + }, + { + "key": "QqUWVPNQVJzZL66EgWPfgwA6yiGxL_yl38wRB8h-OJhQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-39-darwin.so" + } + }, + { + "key": "QqTpz658mrR83JEqo1xuVfluDa4WoqWt5SKbExQZ9Ne0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-39-darwin.so" + } + }, + { + "key": "QqiIsnVdlsewYjC2KzFzX75LDuvzYvbDC9YqM6z0M-g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-39-darwin.so" + } + }, + { + "key": "QqE6YHIA7i-ecNkv2JOQBgux9-3TI6XDysjW1geWQTTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QQbDXOAxeSFH8H9Sku1cgOeunlpZ1ug6BLNe9VwIZ-5Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-39-darwin.so" + } + }, + { + "key": "QQ7CeIq7N4SUNIvjUOklk9YcZgp1VS7KNyeLb8aNVExM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-39-darwin.so" + } + }, + { + "key": "QQ5QI3mHNUU_anDjdvAiRvXyg49smrLnGqW6-uG1Et0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-39-darwin.so" + } + }, + { + "key": "QpZZ6OeMLCF4qZJkd0ZB1O7eypEx9rskcYmzdkgwJIXo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Qps8wKc4w9K8Bxct5hVXJSsKyAiSmoczlcfeDyt_opS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-39-darwin.so" + } + }, + { + "key": "QOxit5AV2cBfKrCxrDxUF24VFFgbUGRwi-zJElleHDt0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-39-darwin.so" + } + }, + { + "key": "QoTwJYvPicUmzBeE-Kz5fmsm5bs_IP2dLdA70hQR3OqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-39-darwin.so" + } + }, + { + "key": "QOjgDUqMZII_R6ZWywHy4mbQgYqehAaOeBUPVwvmZLU0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-39-darwin.so" + } + }, + { + "key": "QOjEt8sYVgRvwE11GLLSsyVL54N_q36VWEY50hfQmz34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-39-darwin.so" + } + }, + { + "key": "QOhqzefYZJLeCSemyVayu7rtKxugnsbL48ZImI1EJKFE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-39-darwin.so" + } + }, + { + "key": "QNqiwTRibwTcYStczGd5npBZolHSlIjva78tgtxDfVNk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-39-darwin.so" + } + }, + { + "key": "QN8YK9kjtQU5I2bh0eJGScvSud5me5Gt5qGw6fRKy2EA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-39-darwin.so" + } + }, + { + "key": "QN5-huIxuEnSRnrPw1GIsxjGELxMprjltaB5pDsUvYvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-39-darwin.so" + } + }, + { + "key": "Qn3e1Z2x-G1UsgaQ-JpkDOgKife-mK4yb9BzEA1PjYEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QMyoxWVzpK2u2QIIewlK98fuvhMSN1zgLDNme-l36kuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-39-darwin.so" + } + }, + { + "key": "Qmswe3AO-gnYNtEDOZtvoo5KOIfZMS0W2mF9fBdEGP3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-39-darwin.so" + } + }, + { + "key": "QmrmlFBe4t9SGhG8t7zexaQoNX6HgXuW-Jb865BS83Ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-39-darwin.so" + } + }, + { + "key": "QmM0rIvTTtgARP82VwYKkoRptfiEimHwIUdG4GtTVPF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-39-darwin.so" + } + }, + { + "key": "QM9ctKwFfM527okJdMd0D1T9bm1a2AYkWmQyBgQUppxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-39-darwin.so" + } + }, + { + "key": "QlweKH3IDsFejNoc1Zy0fcJ4VyxJaQpBbxC_ojCMRQnE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-39-darwin.so" + } + }, + { + "key": "QlSNU6roT_yecrnTX9hKaWELRBLRJo0a02L2CIxDuyoc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-39-darwin.so" + } + }, + { + "key": "QLO6FSmRz-38wGs0Pj1Cgb6YkzHGxJf4QmIaMBA9QDiE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-39-darwin.so" + } + }, + { + "key": "QLNSeLUO7bwk63bWEe6zLIurp1ueHKm-EeEpVxRztv5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-39-darwin.so" + } + }, + { + "key": "QLm50UeCpT7TxZfcRaXa-urPu4RMYYvDYI4gfOK6IzpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-39-darwin.so" + } + }, + { + "key": "QLCkOqGw4rgZ2Nd6bQVVOJ7lRsXb6ACpkeHyBlgP2Ppo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-39-darwin.so" + } + }, + { + "key": "QL9R1sbsCg9Ku8tecJmMW6IDtkKA496PdDv9PZnBTqp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-39-darwin.so" + } + }, + { + "key": "QL6xlkF1zYSWsd4Ttlsss6bSJLMQQEM0lWVEMaJP4i5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-39-darwin.so" + } + }, + { + "key": "QkzYOaxjnpvwZo-b_BnzNIaahsS-4vTW-v3HmHm-0W1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-39-darwin.so" + } + }, + { + "key": "QknM8n-pshLliq7kYVcz9ybq_d__eyoWEAbQHFQ_rHo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-39-darwin.so" + } + }, + { + "key": "QKEwgLv4c3CdhNqwO-jk2iykGsja-7V6YBbzrcqsa8jQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-39-darwin.so" + } + }, + { + "key": "QK7VgE3jrxZ2ExXZm0oLT7Ia0JHvibXlPXaobTvsdjKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-39-darwin.so" + } + }, + { + "key": "QK4jdwzcu3ngxe32v5wCx_f4DrH6Zg1sDwBbPIR4133Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-39-darwin.so" + } + }, + { + "key": "QJxwWgWcaFCWFgSNRPljjZe7_gxGAuYOFzesznoM-fKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-39-darwin.so" + } + }, + { + "key": "QJp7KR36OxUWfBMFOrTNdpMkAMjPd6Pp6jdl1PAShcSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-39-darwin.so" + } + }, + { + "key": "QJNyoGtr9kkn2A4WeSbBEyMdP-YL4V4M51Kblsc5aJwQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-39-darwin.so" + } + }, + { + "key": "QJKtdFNr5ZfBzeuTaxCHBtLa-tZY7WK8nAwm4Hqfcjjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-39-darwin.so" + } + }, + { + "key": "QJAPK5rs_1rZ8ZgDPlpRR7Go4_80IbNOISsrgyQBlFAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-39-darwin.so" + } + }, + { + "key": "QJ0kCuIjEmdIuxbEL43SjkbgQ1Ne4EM_Lm3rK3ccSV2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-39-darwin.so" + } + }, + { + "key": "Qiv51a0zYeVIIBh02U-_OjkcUrNdAJm42f7aBOMPeSnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-39-darwin.so" + } + }, + { + "key": "QiqF7MfmkQzQ9lyXImQur4PfBs7q_lErempX125Yj5-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-39-darwin.so" + } + }, + { + "key": "QiLRtxLYVU-AJrKULq6I7HpMPZOGQ43LU_BfhUMtJ9zU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-39-darwin.so" + } + }, + { + "key": "QI5ii3-iHF15OUp8lbv31JSHo4MwWl9GBnHVU8hROmd4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-39-darwin.so" + } + }, + { + "key": "Qi1DonTaWGKOg_WwWPPQB1qM7eFHfWAID6G2pjafZmxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-39-darwin.so" + } + }, + { + "key": "QI_8THZBI-2r9esx9IjS6UpViCAq0PV1PRqUZYYjWRto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-39-darwin.so" + } + }, + { + "key": "QhpS7LqhZNuOuNmWrvNG_1O2W68MxTg3dyCSKUNUL7WI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-39-darwin.so" + } + }, + { + "key": "QhEybVXfU3PuuMrmq08WQOEXnqHC-AR09ZcaAuXAr8_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-39-darwin.so" + } + }, + { + "key": "QheEt1Mi0eE_SnU0ke4cAe7EWcfSjfKxjLfKhcHgvaMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-39-darwin.so" + } + }, + { + "key": "QhAvTqdAQOfqmDvt7yiQiJxC-WjVgEMyBLYN2GGMGIak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-39-darwin.so" + } + }, + { + "key": "Qh13xaMcx_50k3kUUhuxybxVc0x34wpnMM5GDZ7cttB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-39-darwin.so" + } + }, + { + "key": "QH-1UtuheDmsT7x7iAbXbhTXF0-pZd0YmokQd1KLPHzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-39-darwin.so" + } + }, + { + "key": "Qh_xIWsQI9GuvuimL4_-qiAlOCHnewyLY2U8ugfcVGhk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-39-darwin.so" + } + }, + { + "key": "QgQjYsrcReuezNpB7MdUmMQBA2eSsQlTvG5dd2o7NtvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-39-darwin.so" + } + }, + { + "key": "QgQB-SCXjs96B3jbTukt6gtdbLMpRS7XrMzYGmLigNGM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QGahUPDaCTLk8Ncqz4ABoRn4juRFmw6jRdz3rTdjCenE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-39-darwin.so" + } + }, + { + "key": "QFvHDdYMegFqeLiqd--aj31R_Z4VZVBA572fSjcDclhY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-39-darwin.so" + } + }, + { + "key": "QFujqVwpOjmuxDydZzMZAkaMWSEjMeWg0T4C0oJzKurA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-39-darwin.so" + } + }, + { + "key": "Qfnf6rj57xdJyCNH7gpLJ-_b9VQG6Q56bg3MGJxltEhc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-39-darwin.so" + } + }, + { + "key": "QfLhw0J8PJGuNCBDFYDEO3KRDxmei3wjb7QcOBUUyDwU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-39-darwin.so" + } + }, + { + "key": "QfJDr-djHr83CgF4JX_Wpq0VCmdjnovkoxVIkGZ53-ak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-39-darwin.so" + } + }, + { + "key": "QfIq8bDkEOYFjsjY9DtF0vAwXwWW7PiJSwQlYkV4QK8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-39-darwin.so" + } + }, + { + "key": "QFevNvQF7oktGGjwWehXF8q1HmCWABN6QL5a6LIS0tmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-39-darwin.so" + } + }, + { + "key": "QFB7B-gXBPgsXcGVg-7gSGK2f88hSUDxm5nBDOBsxB7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-39-darwin.so" + } + }, + { + "key": "QER_yV3_ihE5CR0b9fJbixWw2B_9o0xGQl7RbO1hchAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-39-darwin.so" + } + }, + { + "key": "QEMZ-5sGFgzue86ym23eTvzSzXfAtb-WssjvEWSohFqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-39-darwin.so" + } + }, + { + "key": "QE7mk5w-QgS72M5HE8xhMwXIy5KYcb1e4hkKpQOhvWzk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-39-darwin.so" + } + }, + { + "key": "Qe39UobsMbHMccXM_WPrjJ3aV5JlI4NQhuXqKOsqiZVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-39-darwin.so" + } + }, + { + "key": "QDRd961BTd8pOsqJ5gMdJ78I9LPC085AgKf9KstLOebI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-39-darwin.so" + } + }, + { + "key": "QdM_ikIDI3d2TosAl_raoz8kDkNcPADYWHVjAloaeXq0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-39-darwin.so" + } + }, + { + "key": "QD2TsFXWU6yYXaMcX32X6pwQcFoUHg6NurMYetnpqxEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-39-darwin.so" + } + }, + { + "key": "Qcvw8pGosceQr_lVYMocp28KdQE78WAovPDsjdfF0Duc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-39-darwin.so" + } + }, + { + "key": "QCSWz0NXJfYSV63xdKDoHARkCKPHnNACM-48WMAgsMBI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-39-darwin.so" + } + }, + { + "key": "Qcry5ZBR1WxYwOpbwHraVfJSHjpfGCmEywXaeeNE-d6g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-39-darwin.so" + } + }, + { + "key": "QcrPTV2F2MbTYP1iBun8n3fcl28srgh6Djw3FBpSuzMw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-39-darwin.so" + } + }, + { + "key": "QCrCQ39Lqye9t5GldVJ40NyWtTyZd-BExv_19nXLrkXM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-39-darwin.so" + } + }, + { + "key": "QCQ7ZLkLdYuGL6ru-S1xgduf_3TX2ubyiQO0SfUrabJE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-39-darwin.so" + } + }, + { + "key": "QcQ-CQ0qU2UBBqjZNqnQJD1Fwtp6IMEuB9hfVUh2t6TQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-39-darwin.so" + } + }, + { + "key": "QCKOH0wjo3PJ_4V1ReW0t52CoIS5s8pX4C_tgbnbZ_Cs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-39-darwin.so" + } + }, + { + "key": "QCGBrE2VKsOr-FkUAfkVZe9z7taGw95Zk5rumJbC2a68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-39-darwin.so" + } + }, + { + "key": "QCEzJZ-UhdjCmpaOz_shV1V3b3O0_H3EY_edvEvOS5gU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-39-darwin.so" + } + }, + { + "key": "QCcmkLF6Bl4FnmlqYdwJFrR5Y89tgYZo0kbXZJmpijqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-39-darwin.so" + } + }, + { + "key": "QByx3-CTZ1VvUk-6UHVXjm-eA2S1A7s-Tkzubq3NygHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-39-darwin.so" + } + }, + { + "key": "QbUKBRbH7wHpM4-5NONdFAtbmcREdR2tz_YcgfQBh1sk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-39-darwin.so" + } + }, + { + "key": "QbqyUSZqrLV-XKHRKnkGo6JgXCM045T4Sbia5Wn_n63s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-39-darwin.so" + } + }, + { + "key": "QbdncfmthIxxJqGLOG8nZMBI1j9H7AmvnKZbptHh0CHM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-39-darwin.so" + } + }, + { + "key": "QB1V72wPVR_8Uw8ZLD0UIrrt32XShIwY7yDMvmoqrvTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-39-darwin.so" + } + }, + { + "key": "QAxJHgVAsOH1QJDoY1HCUGXk2PXC9108Kcns--2cwIsw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-39-darwin.so" + } + }, + { + "key": "QAs0gUPFHz441NWis6XFIqLSvL3cXFo6k-IUFvy_Dv_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-39-darwin.so" + } + }, + { + "key": "QAQ9IDwzf_Wl-W5xWs5JCmNraboa20z-5Paxu91I6Owk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-39-darwin.so" + } + }, + { + "key": "QAPVL4--_bVA9HP4ahQETRmVWqR5laVca_8IFtYLL3sQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-39-darwin.so" + } + }, + { + "key": "QapRfyS5ZC_eTLjisTm-31g7MG7Sl8GO3USKYtdjYuYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-39-darwin.so" + } + }, + { + "key": "QAn643LRG0bi3i2AQc4aRDrU5uhH13rhL3p5HCttSawI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-39-darwin.so" + } + }, + { + "key": "QAmiB56uGyTHrODsfnYXzgYJAftFRA2DiYJkMKSQtI88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-39-darwin.so" + } + }, + { + "key": "QaK1glvmoVrWitH3qogCvGxRWC6g7n7Y9LQi-r5Cgcw8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-39-darwin.so" + } + }, + { + "key": "QA3ZWFw5xla5is9edA8VblaGJCgghJicAZJ4IjK5ftyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-39-darwin.so" + } + }, + { + "key": "Q9xfBeN-xIlsBPwEuBYFzzVzlmPGnvaRRiERY2m0ZdiI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q9UpBON--iN5OeUrKOxdN-LwB-wUZYmEgbSwZduZXDqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-39-darwin.so" + } + }, + { + "key": "Q8X5hbzFotHAAnCx4vCWMEoVHkBp_KUPyYoijuKCIRa4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-39-darwin.so" + } + }, + { + "key": "Q8SVWgTFRL4PTFGO8NeAhvmM4aJlpQbJlLQumbs-jCjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q8HR9vVlyae_5PVaYwlTYEfwAopmWkjtZF0jkEER4zn4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-39-darwin.so" + } + }, + { + "key": "Q84foIDvcZ5DgU-ta6Vf8zjGgjXxeC-ZjEER_97rQvGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-39-darwin.so" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QxnOZRkFBogARkobPCC8HfxXesywMRhQyg5DOspHZ_hY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QG66fcG5oyU5yS9RM6xuVnac9o9CEQFR6PKM9Q_apwyM", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q80sNk8pGfyz3bq9jf1ChL-ZhbFBlDBCDyAZ8FV2VRkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-39-darwin.so" + } + }, + { + "key": "Q80NVie8usjWiOsygIP_LtXph5DozBMfEqT39Ka36UDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-39-darwin.so" + } + }, + { + "key": "Q7Hf2cESnl4WwQuqP9ZPgXLe3CBx-5ff83xrGPCggGEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-39-darwin.so" + } + }, + { + "key": "Q6syl5kML8qipTEGzWcTzw9EZu0Yiwt-9knGICp7IHcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-39-darwin.so" + } + }, + { + "key": "Q6nJyBw59nImWWiA9k3W3tlnPVnGi-ECTLUGjDOxfzHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-39-darwin.so" + } + }, + { + "key": "Q6IjboadNWc3L3KJImL1xJZm2ZI-EIuybGZ1ETfJyc24", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-39-darwin.so" + } + }, + { + "key": "Q6Bwq2VZJDtb3supDc1r9a68vAAPpMyy28mXUpqVJnIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-39-darwin.so" + } + }, + { + "key": "Q5WpnOBdIVZuF5vxNtTlvIq7POy5aRJpxx6Hw0ToaxWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-39-darwin.so" + } + }, + { + "key": "Q5r1YSDsE12WmrraSHEc0iS6-BbLXMUrahRHsEG6yEws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-39-darwin.so" + } + }, + { + "key": "Q5PvCPTDY0vTU87lCjuoDcabdI3f0nS7bGacP3-JnIn8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-39-darwin.so" + } + }, + { + "key": "Q4VAvUyp6Vo6BgPvEbkdW2HCsR5PONM_5-ak_PXv2eQw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-39-darwin.so" + } + }, + { + "key": "Q4AZwS7SJDqU-MB7RHb633zZQCscRxyUXpDtmbOFx-sE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-39-darwin.so" + } + }, + { + "key": "Q4465Wg9OUwr_aYZYi0MAupGfaUzf_ib-cYs4VcxWnGk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-39-darwin.so" + } + }, + { + "key": "Q3x4qxO5kU0kuhneNtI89hoTZS-pjeUrviKLQEbyRo0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-39-darwin.so" + } + }, + { + "key": "Q3VcL_aZBLbZMOsWp3yC0deQSPlTVwPRMeoEMarNOiOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-39-darwin.so" + } + }, + { + "key": "Q3QyvLpAmTJ4AHeHdxUYY-LbNhKgJOOm8FQXb-m_zKnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-39-darwin.so" + } + }, + { + "key": "Q3N7Vk-o8q-hbjL29--KsxLzdCuLtAgEr0NLOp_lJKGw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-39-darwin.so" + } + }, + { + "key": "Q3dfu2Cp699PexdADu9wZ4czGNljo-8JRUbLpSADlKQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-39-darwin.so" + } + }, + { + "key": "Q2VdDmHc8tvhVHP2Frk4s5uk4DTVDecWEtJbIWdjKNr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-39-darwin.so" + } + }, + { + "key": "Q2p_jnHjQA1ezDtWKHeYYCIr4AsWxrIoSRxHuLVSufm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-39-darwin.so" + } + }, + { + "key": "Q2LRqGmKEDOtupgOq4N5LAE8A6d_6U80AA4r52HJBz2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-39-darwin.so" + } + }, + { + "key": "Q2bAZefR7iSRbZg89fWnCXm1Qg6ZoZ11ZF4eF1Ca5jKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-39-darwin.so" + } + }, + { + "key": "Q1v0jYpZB867UGs1ytQhO25DXJdKe_-FefY9YscUteeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-39-darwin.so" + } + }, + { + "key": "Q1RqwuhVnQFC6omcHoKVweD_iz8WcTn2iq09j6qJvz0U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-39-darwin.so" + } + }, + { + "key": "Q1jxjgr_V6SkTj_cvv9DGPAKEA_5VVKG1AmjNQn_kR_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q1dH1pZyuwGQ8xCGhAdxFVSJq-2yBpp5lUopxk2wiY7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-39-darwin.so" + } + }, + { + "key": "Q1afPMcctakQlLy2mR6nvWPbMB6cimx6xL2fDOGV0zYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-39-darwin.so" + } + }, + { + "key": "Q0W6Ly7BkWGbEe1238sa_mzgH9DTQb3ezIoZ0HVwpKjo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-39-darwin.so" + } + }, + { + "key": "Q0rNy4LXttihaHE8kHBAoZKUNIrbcXvI4BMfcoEKflDQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-39-darwin.so" + } + }, + { + "key": "Q0Lcm1HUw81pVj4acFGkz-G8VCBM-De8jIqIULCuO4rU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-39-darwin.so" + } + }, + { + "key": "Q0bBypzUHcfw4qv-ect3wWGHU4jyB1u_Gi1HsE_9mTNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-39-darwin.so" + } + }, + { + "key": "Q01stUE8FtaXA8G85w9hhf5UGwrzx67tgXsY0LlqpqMU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-39-darwin.so" + } + }, + { + "key": "Q-X4QfqFlu9J_XsxXvOTYSNPbwCidYdzav4RpUwso3eY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-39-darwin.so" + } + }, + { + "key": "Q-WCYerTkGf_tYaebC3cS2NBZtLbW9_Q6U9A5ecit40A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-39-darwin.so" + } + }, + { + "key": "Q-vosJsog-po_OwB1XzVZkgT14kfkRVgIroy3cWb04zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-39-darwin.so" + } + }, + { + "key": "Q-szfZ_HJvpRdvyvbtak0GhLzI5T6xSvtZ0XZCTOOhgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q-ONVSHTKXZVWXDKg5OHny8xhYvuqDEzyVJvSeMCI8hU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-39-darwin.so" + } + }, + { + "key": "Q-nUWy24b4wvYQPTAYABGbhFsYWNcqmiMBwIHyWL-mH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-39-darwin.so" + } + }, + { + "key": "Q-nHhM5v7jIH5YdLY9GJ6U-8G3suGv3766IIKUmZOKXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-39-darwin.so" + } + }, + { + "key": "Q-_3vf4kVWAsNiinDEpoM6y8AR9EL0cBx7OzmRl3jGD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-39-darwin.so" + } + }, + { + "key": "Q_4ueE_Av8icAfsiSDLZ--UmxxCDcDsAIAJcLUQh8y6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-39-darwin.so" + } + }, + { + "key": "QgxtWlsQEV7piMf_XvGKNwYm-7Uj4smE9uONqYqXd_3A", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp39-cp39-macosx-11-0-arm64-whl", + "id": "15904524888", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45923192, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QTkarx3lLZYwob_hepzXGNr7XbclcD3fyLkE3s_Mnzrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-39-darwin.so" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf81ABAXKC5ZdzglhcPMVXgENO_4SnNla8vX8kPZH7I4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf81ABAXKC5ZdzglhcPMVXgENO_4SnNla8vX8kPZH7I4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "Qtf2fxpOKPQrqB1EOvu3jDR5mIRfBnB6_N76dpwmdBK4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qf81ABAXKC5ZdzglhcPMVXgENO_4SnNla8vX8kPZH7I4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf81ABAXKC5ZdzglhcPMVXgENO_4SnNla8vX8kPZH7I4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qtf2fxpOKPQrqB1EOvu3jDR5mIRfBnB6_N76dpwmdBK4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf81ABAXKC5ZdzglhcPMVXgENO_4SnNla8vX8kPZH7I4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qtf2fxpOKPQrqB1EOvu3jDR5mIRfBnB6_N76dpwmdBK4", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qf81ABAXKC5ZdzglhcPMVXgENO_4SnNla8vX8kPZH7I4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QWDoXlG73p7hRRfnI_G1b6lMcofUazxvQChX_FZzES4I", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q2xw1gka8wSVpTaTw9BF7MDHF8iRnBH00ZuRMaNfKWWo", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qp1wck604TnJ9wIRlKL8ZqzP7ZeJeK0rr8hvMmaa85T0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZZO5c3E5rMIJeAD6mZsh7USIuDcd2Npgyi8a8SYrcqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-39-darwin.so" + } + }, + { + "key": "QZTrfGTJD5Kf7lXlVJDP1yDs0RcX0c7loUnvyePFqoDY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-39-darwin.so" + } + }, + { + "key": "QZRYeRGPiYmCW9Npl17_R37H2JuJNRUq509yJAW2Nm-U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-39-darwin.so" + } + }, + { + "key": "QZqhlBFc_wiKCsk6BodwHBFNx8uC1ykhJcpdaBuD4-DY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-39-darwin.so" + } + }, + { + "key": "QZoUodlFKSwW6S8QjDr6L9E_eqdfbp0bDkn1atCjm6xk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-39-darwin.so" + } + }, + { + "key": "QZMs_oA3lm5CCB03e8oE_-Lcj6i5hDDopZfUAK6AwWkg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QZfYQST7Q-8s3eX1AFGDzQFaLUtqIxOioncksYutYgxc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QZF1rlSgQjA4WYStF8JYWo-Ap0OwjBLYaDzeWHtyJHdM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-39-darwin.so" + } + }, + { + "key": "QZF-bqTyCS1hAJqCab-Vz1ioY1BBf3e1kd6U-aWm0Cqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-39-darwin.so" + } + }, + { + "key": "QZcW88WkHkD5-mLX441elOu-EGBW2-3D7xZUKNQImVro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-39-darwin.so" + } + }, + { + "key": "QZCMUCWiPcDTt46G8u28G4IB6gTrYC68o030wbE7nfrI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-39-darwin.so" + } + }, + { + "key": "QYtcA1WuKSH7YgCzxjcYApzoBUuyN1d-mKQ_av9elIf0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-39-darwin.so" + } + }, + { + "key": "QYRQ7xpQBKazYLZmkW82cT5q8nYri4bGUoDwaknRkRiw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-39-darwin.so" + } + }, + { + "key": "QYQVm3Johzp0seHvpFQx0CCsmXmbhVt_sMR5bRsiLN8c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-39-darwin.so" + } + }, + { + "key": "QYpHy7G97ay22fWfX_Skg7o1ySIj089xm7fKTFMKNNik", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-39-darwin.so" + } + }, + { + "key": "QYOjIxellLWVA1Bc6CqQyZWg6yF92MU_qkEng7_YJtxI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-39-darwin.so" + } + }, + { + "key": "Qyo37SNT966rBAlEqM8-rlE3qsvCcvfUbm1lMetgYdno", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-39-darwin.so" + } + }, + { + "key": "QYEpKo3U-tj4ixD3WE2h6OeXB4ZEP5Uj0ZKmvi632s70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-39-darwin.so" + } + }, + { + "key": "QyapUqH671ruV7k5p_OxT3ZcM-Gd1fY3OWNlFZaTvnII", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-39-darwin.so" + } + }, + { + "key": "Qy0sOYI32MFNmNf9b3onyNtdGzqvwfdn_wa2gmSUVrFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-39-darwin.so" + } + }, + { + "key": "QXvq7WshTIYuz1r0G-KGA1dhZrfhxruUpO8x_V5OX7Ek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-39-darwin.so" + } + }, + { + "key": "QXuiX2PMfkFv1qS7YXR8QY7BnpVmYkEIreSXXcwjgJmk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-39-darwin.so" + } + }, + { + "key": "QXpUqny3sV2eR3D7o4TNqvXz4-bvZsbZYus5XOnr_c8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-39-darwin.so" + } + }, + { + "key": "QxNuZzGJ3pRXQFF8kKQdrsFz1uZiIaZNyEa9Yen6imOU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-39-darwin.so" + } + }, + { + "key": "QxNaFklRazDKMJ0QU0zI5Ii6ElHn0bOldj0lGPOlvpgI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-39-darwin.so" + } + }, + { + "key": "Qxl5gFAohzam3TRWbUEUaHrBEpDP3xoQk2E_aeLZ48SE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-39-darwin.so" + } + }, + { + "key": "QWv09MaMua7OzNoyknpTabDM9bOGkr_Aw9xqbAQAA_qY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-39-darwin.so" + } + }, + { + "key": "QwRD9eqA4mRhMr9AhK4_uXXc6suo4l1l5FmoOU66wD4M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-39-darwin.so" + } + }, + { + "key": "QWP-U-zY6ZwYSGyXeyR-wypLOKPam-QNW1Mlgoz-KcoY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QWKdO_k80YNS3Pdk-EMQilskKcrgYQEsOT7qBnjsPNro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-39-darwin.so" + } + }, + { + "key": "QwjqQWIE626EDgHgxBjergwD2d0-jmCAPlyGEi5VnRkE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-39-darwin.so" + } + }, + { + "key": "QwgqH9cf6UPUjmm-LDop93YaTLJdSx9KwLLI8YSCt3jg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-39-darwin.so" + } + }, + { + "key": "QW2kIFncYcnuwYQxLHuPZG-SA-m-b2lv8S1KKJWx6mEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-39-darwin.so" + } + }, + { + "key": "Qvy1_aMBsHBh9SAIHCL4liFa3-qbSZEIysz-yFwo0sU0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-39-darwin.so" + } + }, + { + "key": "QVGX0SKlOAZNnR0y3gr5Cz6lTREs20Ar3Jwz02wnR_8Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-39-darwin.so" + } + }, + { + "key": "QVbqu8UXkZGIROq3LBO5sPL0jzbghafMrS-7wNzwUtCU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-39-darwin.so" + } + }, + { + "key": "QV8fAmQT4vUBa340vsGH8iP50HP3E91aBleeLgHdkj98", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-39-darwin.so" + } + }, + { + "key": "Qv7SSoAB18GxwdxAIBjrJseN8oCP3s_znuUKezM-htCw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-39-darwin.so" + } + }, + { + "key": "QUVe9gL35E80QWDFQTX_wD3QlRwvuorRsnUgm5rqgwHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-39-darwin.so" + } + }, + { + "key": "QUSONP8X2stVcHVfPElh2BcP-WG6MTqMnhfZq0r8FuXg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-39-darwin.so" + } + }, + { + "key": "QuRRdH90yee8OJSAkK-c_fB5phqow2nDn_RdGnKjatYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-39-darwin.so" + } + }, + { + "key": "QUQPOUeOUqMcCICVRrisYKTgT4pXe5THpix85Th2rF5k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-39-darwin.so" + } + }, + { + "key": "QUGzlwoOwOv8m3uhFivyMmhayULtxX3y5kyD_6aRbeoI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-39-darwin.so" + } + }, + { + "key": "QTX_l3AabScJluzLH3H4EIZLoNW42s6vdjFD4kZ7XlkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-39-darwin.so" + } + }, + { + "key": "QtsbUve5RqgZuIA624bU7oWSAmzogd7ERy1Ep08BuSbg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-39-darwin.so" + } + }, + { + "key": "QTQlweDJys__1upVMtu_82971Xw5-JFWu4gdFFy4RIek", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-39-darwin.so" + } + }, + { + "key": "QTMIRZ7dNYk4oT-fxvIOHzsUUDSAdhsFeu8g8WAB05yU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-39-darwin.so" + } + }, + { + "key": "QTMDSLLVFL7MUv6EGUm3lyBrQM-iy3gukcFxPM7WyYEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-39-darwin.so" + } + }, + { + "key": "Q7Hf2cESnl4WwQuqP9ZPgXLe3CBx-5ff83xrGPCggGEQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-39-darwin.so" + } + }, + { + "key": "QtGMSl6wHexCLmGAAXBTmQH2eewJMRVZ79E4fhErUMpE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QsPiQz8gu-SKv9YOomrAX4UZDtgoztnDauodUe_flFi8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-39-darwin.so" + } + }, + { + "key": "QSKYt_8yKNEY_C508Koa1l_c8CKIf-1dadtmaJX9Hcms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-39-darwin.so" + } + }, + { + "key": "QSKOWsUkNXtMnKFWiImVXpzntr67GFhoGDbeBUthIeN4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-39-darwin.so" + } + }, + { + "key": "QsjqvLEy5T2x0b_ER0v51U5Vcb-d7-N4r9HZFnEnqUYA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-39-darwin.so" + } + }, + { + "key": "QscZkd39Vw7cwb2b03QzuYXiKwpBV3GwjdgaS5c_kUnE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-39-darwin.so" + } + }, + { + "key": "QrZwxl5X4ZDdCwlINpAfvYIphZRGol3k_ALreSNzwZiE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-39-darwin.so" + } + }, + { + "key": "QrYVO-hR-b47sc4KFM1eJinr2oGQC9-nJXGXCgjwt5VA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-39-darwin.so" + } + }, + { + "key": "QR67qZ2wdNPhe2MlUUvB9UcVoA0SuUAtNJf2uJ-6StRw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-39-darwin.so" + } + }, + { + "key": "QR4ShZu885auM5pZiqeetsPueKkSuo5AZi5r4gisqq38", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-39-darwin.so" + } + }, + { + "key": "QR482g_SC1x8f97S31sAKMtXRreX0mOm217lI6iLv-Lw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-39-darwin.so" + } + }, + { + "key": "Qr0ZwJfZ-VG6uZUAhGcSCjKXdvnY-8yFRfbDar_ua5Oo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-39-darwin.so" + } + }, + { + "key": "Qr_M1ZcvCyYBDfXqCOdVVzugi0TKAJjz533C6LEIWiFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-39-darwin.so" + } + }, + { + "key": "QQX-N09p3ec2MVn6ZQKKAN79KcqSTkcKuvEztwuEx0eU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-39-darwin.so" + } + }, + { + "key": "QqUWVPNQVJzZL66EgWPfgwA6yiGxL_yl38wRB8h-OJhQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-39-darwin.so" + } + }, + { + "key": "QqTpz658mrR83JEqo1xuVfluDa4WoqWt5SKbExQZ9Ne0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-39-darwin.so" + } + }, + { + "key": "QqiIsnVdlsewYjC2KzFzX75LDuvzYvbDC9YqM6z0M-g4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-39-darwin.so" + } + }, + { + "key": "QqE6YHIA7i-ecNkv2JOQBgux9-3TI6XDysjW1geWQTTE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QQbDXOAxeSFH8H9Sku1cgOeunlpZ1ug6BLNe9VwIZ-5Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-39-darwin.so" + } + }, + { + "key": "QQ7CeIq7N4SUNIvjUOklk9YcZgp1VS7KNyeLb8aNVExM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-39-darwin.so" + } + }, + { + "key": "QQ5QI3mHNUU_anDjdvAiRvXyg49smrLnGqW6-uG1Et0A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-39-darwin.so" + } + }, + { + "key": "QpZZ6OeMLCF4qZJkd0ZB1O7eypEx9rskcYmzdkgwJIXo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Qps8wKc4w9K8Bxct5hVXJSsKyAiSmoczlcfeDyt_opS4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-39-darwin.so" + } + }, + { + "key": "QOxit5AV2cBfKrCxrDxUF24VFFgbUGRwi-zJElleHDt0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-39-darwin.so" + } + }, + { + "key": "QoTwJYvPicUmzBeE-Kz5fmsm5bs_IP2dLdA70hQR3OqY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-39-darwin.so" + } + }, + { + "key": "QOjgDUqMZII_R6ZWywHy4mbQgYqehAaOeBUPVwvmZLU0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-39-darwin.so" + } + }, + { + "key": "QOjEt8sYVgRvwE11GLLSsyVL54N_q36VWEY50hfQmz34", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-39-darwin.so" + } + }, + { + "key": "QOhqzefYZJLeCSemyVayu7rtKxugnsbL48ZImI1EJKFE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-39-darwin.so" + } + }, + { + "key": "QNqiwTRibwTcYStczGd5npBZolHSlIjva78tgtxDfVNk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-39-darwin.so" + } + }, + { + "key": "QN8YK9kjtQU5I2bh0eJGScvSud5me5Gt5qGw6fRKy2EA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-39-darwin.so" + } + }, + { + "key": "QN5-huIxuEnSRnrPw1GIsxjGELxMprjltaB5pDsUvYvg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-39-darwin.so" + } + }, + { + "key": "Qn3e1Z2x-G1UsgaQ-JpkDOgKife-mK4yb9BzEA1PjYEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QMyoxWVzpK2u2QIIewlK98fuvhMSN1zgLDNme-l36kuU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-39-darwin.so" + } + }, + { + "key": "Qmswe3AO-gnYNtEDOZtvoo5KOIfZMS0W2mF9fBdEGP3g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-39-darwin.so" + } + }, + { + "key": "QmrmlFBe4t9SGhG8t7zexaQoNX6HgXuW-Jb865BS83Ho", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-39-darwin.so" + } + }, + { + "key": "QmM0rIvTTtgARP82VwYKkoRptfiEimHwIUdG4GtTVPF4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-39-darwin.so" + } + }, + { + "key": "QM9ctKwFfM527okJdMd0D1T9bm1a2AYkWmQyBgQUppxw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-39-darwin.so" + } + }, + { + "key": "QlweKH3IDsFejNoc1Zy0fcJ4VyxJaQpBbxC_ojCMRQnE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-39-darwin.so" + } + }, + { + "key": "QlSNU6roT_yecrnTX9hKaWELRBLRJo0a02L2CIxDuyoc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-39-darwin.so" + } + }, + { + "key": "QLO6FSmRz-38wGs0Pj1Cgb6YkzHGxJf4QmIaMBA9QDiE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-39-darwin.so" + } + }, + { + "key": "QLNSeLUO7bwk63bWEe6zLIurp1ueHKm-EeEpVxRztv5M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-39-darwin.so" + } + }, + { + "key": "QLm50UeCpT7TxZfcRaXa-urPu4RMYYvDYI4gfOK6IzpM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-39-darwin.so" + } + }, + { + "key": "QLCkOqGw4rgZ2Nd6bQVVOJ7lRsXb6ACpkeHyBlgP2Ppo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-39-darwin.so" + } + }, + { + "key": "QL9R1sbsCg9Ku8tecJmMW6IDtkKA496PdDv9PZnBTqp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-39-darwin.so" + } + }, + { + "key": "QL6xlkF1zYSWsd4Ttlsss6bSJLMQQEM0lWVEMaJP4i5E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-39-darwin.so" + } + }, + { + "key": "QkzYOaxjnpvwZo-b_BnzNIaahsS-4vTW-v3HmHm-0W1A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-39-darwin.so" + } + }, + { + "key": "QknM8n-pshLliq7kYVcz9ybq_d__eyoWEAbQHFQ_rHo8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-39-darwin.so" + } + }, + { + "key": "QKEwgLv4c3CdhNqwO-jk2iykGsja-7V6YBbzrcqsa8jQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-39-darwin.so" + } + }, + { + "key": "QK7VgE3jrxZ2ExXZm0oLT7Ia0JHvibXlPXaobTvsdjKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-39-darwin.so" + } + }, + { + "key": "QK4jdwzcu3ngxe32v5wCx_f4DrH6Zg1sDwBbPIR4133Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-39-darwin.so" + } + }, + { + "key": "QJxwWgWcaFCWFgSNRPljjZe7_gxGAuYOFzesznoM-fKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-39-darwin.so" + } + }, + { + "key": "QJp7KR36OxUWfBMFOrTNdpMkAMjPd6Pp6jdl1PAShcSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-39-darwin.so" + } + }, + { + "key": "QJNyoGtr9kkn2A4WeSbBEyMdP-YL4V4M51Kblsc5aJwQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-39-darwin.so" + } + }, + { + "key": "QJKtdFNr5ZfBzeuTaxCHBtLa-tZY7WK8nAwm4Hqfcjjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-39-darwin.so" + } + }, + { + "key": "QJAPK5rs_1rZ8ZgDPlpRR7Go4_80IbNOISsrgyQBlFAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-39-darwin.so" + } + }, + { + "key": "QJ0kCuIjEmdIuxbEL43SjkbgQ1Ne4EM_Lm3rK3ccSV2w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-39-darwin.so" + } + }, + { + "key": "Qiv51a0zYeVIIBh02U-_OjkcUrNdAJm42f7aBOMPeSnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-39-darwin.so" + } + }, + { + "key": "QiqF7MfmkQzQ9lyXImQur4PfBs7q_lErempX125Yj5-A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-39-darwin.so" + } + }, + { + "key": "QiLRtxLYVU-AJrKULq6I7HpMPZOGQ43LU_BfhUMtJ9zU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-39-darwin.so" + } + }, + { + "key": "QI5ii3-iHF15OUp8lbv31JSHo4MwWl9GBnHVU8hROmd4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-39-darwin.so" + } + }, + { + "key": "Qi1DonTaWGKOg_WwWPPQB1qM7eFHfWAID6G2pjafZmxs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-39-darwin.so" + } + }, + { + "key": "QI_8THZBI-2r9esx9IjS6UpViCAq0PV1PRqUZYYjWRto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-39-darwin.so" + } + }, + { + "key": "QhpS7LqhZNuOuNmWrvNG_1O2W68MxTg3dyCSKUNUL7WI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-39-darwin.so" + } + }, + { + "key": "QhEybVXfU3PuuMrmq08WQOEXnqHC-AR09ZcaAuXAr8_w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-39-darwin.so" + } + }, + { + "key": "QheEt1Mi0eE_SnU0ke4cAe7EWcfSjfKxjLfKhcHgvaMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-39-darwin.so" + } + }, + { + "key": "QhAvTqdAQOfqmDvt7yiQiJxC-WjVgEMyBLYN2GGMGIak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-39-darwin.so" + } + }, + { + "key": "Qh13xaMcx_50k3kUUhuxybxVc0x34wpnMM5GDZ7cttB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-39-darwin.so" + } + }, + { + "key": "QH-1UtuheDmsT7x7iAbXbhTXF0-pZd0YmokQd1KLPHzY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-39-darwin.so" + } + }, + { + "key": "Qh_xIWsQI9GuvuimL4_-qiAlOCHnewyLY2U8ugfcVGhk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-39-darwin.so" + } + }, + { + "key": "QgQjYsrcReuezNpB7MdUmMQBA2eSsQlTvG5dd2o7NtvY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-39-darwin.so" + } + }, + { + "key": "QgQB-SCXjs96B3jbTukt6gtdbLMpRS7XrMzYGmLigNGM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-39-darwin.so" + } + }, + { + "key": "QGahUPDaCTLk8Ncqz4ABoRn4juRFmw6jRdz3rTdjCenE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-39-darwin.so" + } + }, + { + "key": "QFvHDdYMegFqeLiqd--aj31R_Z4VZVBA572fSjcDclhY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-39-darwin.so" + } + }, + { + "key": "QFujqVwpOjmuxDydZzMZAkaMWSEjMeWg0T4C0oJzKurA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-39-darwin.so" + } + }, + { + "key": "Qfnf6rj57xdJyCNH7gpLJ-_b9VQG6Q56bg3MGJxltEhc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-39-darwin.so" + } + }, + { + "key": "QfLhw0J8PJGuNCBDFYDEO3KRDxmei3wjb7QcOBUUyDwU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-39-darwin.so" + } + }, + { + "key": "QfJDr-djHr83CgF4JX_Wpq0VCmdjnovkoxVIkGZ53-ak", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-39-darwin.so" + } + }, + { + "key": "QfIq8bDkEOYFjsjY9DtF0vAwXwWW7PiJSwQlYkV4QK8I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-39-darwin.so" + } + }, + { + "key": "QFevNvQF7oktGGjwWehXF8q1HmCWABN6QL5a6LIS0tmQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-39-darwin.so" + } + }, + { + "key": "QFB7B-gXBPgsXcGVg-7gSGK2f88hSUDxm5nBDOBsxB7E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-39-darwin.so" + } + }, + { + "key": "QER_yV3_ihE5CR0b9fJbixWw2B_9o0xGQl7RbO1hchAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-39-darwin.so" + } + }, + { + "key": "QEMZ-5sGFgzue86ym23eTvzSzXfAtb-WssjvEWSohFqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-39-darwin.so" + } + }, + { + "key": "QE7mk5w-QgS72M5HE8xhMwXIy5KYcb1e4hkKpQOhvWzk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-39-darwin.so" + } + }, + { + "key": "Qe39UobsMbHMccXM_WPrjJ3aV5JlI4NQhuXqKOsqiZVU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-39-darwin.so" + } + }, + { + "key": "QDRd961BTd8pOsqJ5gMdJ78I9LPC085AgKf9KstLOebI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-39-darwin.so" + } + }, + { + "key": "QdM_ikIDI3d2TosAl_raoz8kDkNcPADYWHVjAloaeXq0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-39-darwin.so" + } + }, + { + "key": "QD2TsFXWU6yYXaMcX32X6pwQcFoUHg6NurMYetnpqxEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-39-darwin.so" + } + }, + { + "key": "Qcvw8pGosceQr_lVYMocp28KdQE78WAovPDsjdfF0Duc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-39-darwin.so" + } + }, + { + "key": "QCSWz0NXJfYSV63xdKDoHARkCKPHnNACM-48WMAgsMBI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-39-darwin.so" + } + }, + { + "key": "Qcry5ZBR1WxYwOpbwHraVfJSHjpfGCmEywXaeeNE-d6g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-39-darwin.so" + } + }, + { + "key": "QcrPTV2F2MbTYP1iBun8n3fcl28srgh6Djw3FBpSuzMw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-39-darwin.so" + } + }, + { + "key": "QCrCQ39Lqye9t5GldVJ40NyWtTyZd-BExv_19nXLrkXM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-39-darwin.so" + } + }, + { + "key": "QCQ7ZLkLdYuGL6ru-S1xgduf_3TX2ubyiQO0SfUrabJE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-39-darwin.so" + } + }, + { + "key": "QcQ-CQ0qU2UBBqjZNqnQJD1Fwtp6IMEuB9hfVUh2t6TQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-39-darwin.so" + } + }, + { + "key": "QCKOH0wjo3PJ_4V1ReW0t52CoIS5s8pX4C_tgbnbZ_Cs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-39-darwin.so" + } + }, + { + "key": "QCGBrE2VKsOr-FkUAfkVZe9z7taGw95Zk5rumJbC2a68", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-39-darwin.so" + } + }, + { + "key": "QCEzJZ-UhdjCmpaOz_shV1V3b3O0_H3EY_edvEvOS5gU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-39-darwin.so" + } + }, + { + "key": "QCcmkLF6Bl4FnmlqYdwJFrR5Y89tgYZo0kbXZJmpijqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-39-darwin.so" + } + }, + { + "key": "QByx3-CTZ1VvUk-6UHVXjm-eA2S1A7s-Tkzubq3NygHA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-39-darwin.so" + } + }, + { + "key": "QbUKBRbH7wHpM4-5NONdFAtbmcREdR2tz_YcgfQBh1sk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-39-darwin.so" + } + }, + { + "key": "QbqyUSZqrLV-XKHRKnkGo6JgXCM045T4Sbia5Wn_n63s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-39-darwin.so" + } + }, + { + "key": "QbdncfmthIxxJqGLOG8nZMBI1j9H7AmvnKZbptHh0CHM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-39-darwin.so" + } + }, + { + "key": "QB1V72wPVR_8Uw8ZLD0UIrrt32XShIwY7yDMvmoqrvTM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-39-darwin.so" + } + }, + { + "key": "QAxJHgVAsOH1QJDoY1HCUGXk2PXC9108Kcns--2cwIsw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-39-darwin.so" + } + }, + { + "key": "QAs0gUPFHz441NWis6XFIqLSvL3cXFo6k-IUFvy_Dv_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-39-darwin.so" + } + }, + { + "key": "QAQ9IDwzf_Wl-W5xWs5JCmNraboa20z-5Paxu91I6Owk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-39-darwin.so" + } + }, + { + "key": "QAPVL4--_bVA9HP4ahQETRmVWqR5laVca_8IFtYLL3sQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-39-darwin.so" + } + }, + { + "key": "QapRfyS5ZC_eTLjisTm-31g7MG7Sl8GO3USKYtdjYuYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-39-darwin.so" + } + }, + { + "key": "QAn643LRG0bi3i2AQc4aRDrU5uhH13rhL3p5HCttSawI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-39-darwin.so" + } + }, + { + "key": "QAmiB56uGyTHrODsfnYXzgYJAftFRA2DiYJkMKSQtI88", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-39-darwin.so" + } + }, + { + "key": "QaK1glvmoVrWitH3qogCvGxRWC6g7n7Y9LQi-r5Cgcw8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-39-darwin.so" + } + }, + { + "key": "QA3ZWFw5xla5is9edA8VblaGJCgghJicAZJ4IjK5ftyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-39-darwin.so" + } + }, + { + "key": "Q9xfBeN-xIlsBPwEuBYFzzVzlmPGnvaRRiERY2m0ZdiI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q9UpBON--iN5OeUrKOxdN-LwB-wUZYmEgbSwZduZXDqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-39-darwin.so" + } + }, + { + "key": "Q8X5hbzFotHAAnCx4vCWMEoVHkBp_KUPyYoijuKCIRa4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-39-darwin.so" + } + }, + { + "key": "Q8SVWgTFRL4PTFGO8NeAhvmM4aJlpQbJlLQumbs-jCjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q8HR9vVlyae_5PVaYwlTYEfwAopmWkjtZF0jkEER4zn4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-39-darwin.so" + } + }, + { + "key": "Q84foIDvcZ5DgU-ta6Vf8zjGgjXxeC-ZjEER_97rQvGI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-39-darwin.so" + } + }, + { + "key": "Q80sNk8pGfyz3bq9jf1ChL-ZhbFBlDBCDyAZ8FV2VRkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-39-darwin.so" + } + }, + { + "key": "Q80NVie8usjWiOsygIP_LtXph5DozBMfEqT39Ka36UDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-39-darwin.so" + } + }, + { + "key": "Q_4ueE_Av8icAfsiSDLZ--UmxxCDcDsAIAJcLUQh8y6w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-39-darwin.so" + } + }, + { + "key": "Q-_3vf4kVWAsNiinDEpoM6y8AR9EL0cBx7OzmRl3jGD4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-39-darwin.so" + } + }, + { + "key": "Q-nHhM5v7jIH5YdLY9GJ6U-8G3suGv3766IIKUmZOKXU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-39-darwin.so" + } + }, + { + "key": "Q-nUWy24b4wvYQPTAYABGbhFsYWNcqmiMBwIHyWL-mH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-39-darwin.so" + } + }, + { + "key": "Q-ONVSHTKXZVWXDKg5OHny8xhYvuqDEzyVJvSeMCI8hU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-39-darwin.so" + } + }, + { + "key": "Q-szfZ_HJvpRdvyvbtak0GhLzI5T6xSvtZ0XZCTOOhgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q-vosJsog-po_OwB1XzVZkgT14kfkRVgIroy3cWb04zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-39-darwin.so" + } + }, + { + "key": "Q-WCYerTkGf_tYaebC3cS2NBZtLbW9_Q6U9A5ecit40A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-39-darwin.so" + } + }, + { + "key": "Q-X4QfqFlu9J_XsxXvOTYSNPbwCidYdzav4RpUwso3eY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-39-darwin.so" + } + }, + { + "key": "Q01stUE8FtaXA8G85w9hhf5UGwrzx67tgXsY0LlqpqMU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-39-darwin.so" + } + }, + { + "key": "Q0bBypzUHcfw4qv-ect3wWGHU4jyB1u_Gi1HsE_9mTNw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-39-darwin.so" + } + }, + { + "key": "Q0Lcm1HUw81pVj4acFGkz-G8VCBM-De8jIqIULCuO4rU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-39-darwin.so" + } + }, + { + "key": "Q0rNy4LXttihaHE8kHBAoZKUNIrbcXvI4BMfcoEKflDQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-39-darwin.so" + } + }, + { + "key": "Q0W6Ly7BkWGbEe1238sa_mzgH9DTQb3ezIoZ0HVwpKjo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-39-darwin.so" + } + }, + { + "key": "Q1afPMcctakQlLy2mR6nvWPbMB6cimx6xL2fDOGV0zYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-39-darwin.so" + } + }, + { + "key": "Q1dH1pZyuwGQ8xCGhAdxFVSJq-2yBpp5lUopxk2wiY7U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-39-darwin.so" + } + }, + { + "key": "Q1jxjgr_V6SkTj_cvv9DGPAKEA_5VVKG1AmjNQn_kR_c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-39-darwin.so" + } + }, + { + "key": "Q1RqwuhVnQFC6omcHoKVweD_iz8WcTn2iq09j6qJvz0U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-39-darwin.so" + } + }, + { + "key": "Q1v0jYpZB867UGs1ytQhO25DXJdKe_-FefY9YscUteeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-39-darwin.so" + } + }, + { + "key": "Q2bAZefR7iSRbZg89fWnCXm1Qg6ZoZ11ZF4eF1Ca5jKE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-39-darwin.so" + } + }, + { + "key": "Q2LRqGmKEDOtupgOq4N5LAE8A6d_6U80AA4r52HJBz2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-39-darwin.so" + } + }, + { + "key": "Q2p_jnHjQA1ezDtWKHeYYCIr4AsWxrIoSRxHuLVSufm0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-39-darwin.so" + } + }, + { + "key": "Q2VdDmHc8tvhVHP2Frk4s5uk4DTVDecWEtJbIWdjKNr4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-39-darwin.so" + } + }, + { + "key": "Q3dfu2Cp699PexdADu9wZ4czGNljo-8JRUbLpSADlKQk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-39-darwin.so" + } + }, + { + "key": "Q3N7Vk-o8q-hbjL29--KsxLzdCuLtAgEr0NLOp_lJKGw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-39-darwin.so" + } + }, + { + "key": "Q3QyvLpAmTJ4AHeHdxUYY-LbNhKgJOOm8FQXb-m_zKnU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-39-darwin.so" + } + }, + { + "key": "Q3VcL_aZBLbZMOsWp3yC0deQSPlTVwPRMeoEMarNOiOw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-39-darwin.so" + } + }, + { + "key": "Q3x4qxO5kU0kuhneNtI89hoTZS-pjeUrviKLQEbyRo0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-39-darwin.so" + } + }, + { + "key": "Q4465Wg9OUwr_aYZYi0MAupGfaUzf_ib-cYs4VcxWnGk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-39-darwin.so" + } + }, + { + "key": "Q4AZwS7SJDqU-MB7RHb633zZQCscRxyUXpDtmbOFx-sE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-39-darwin.so" + } + }, + { + "key": "Q4VAvUyp6Vo6BgPvEbkdW2HCsR5PONM_5-ak_PXv2eQw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-39-darwin.so" + } + }, + { + "key": "Q5PvCPTDY0vTU87lCjuoDcabdI3f0nS7bGacP3-JnIn8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-39-darwin.so" + } + }, + { + "key": "Q5r1YSDsE12WmrraSHEc0iS6-BbLXMUrahRHsEG6yEws", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-39-darwin.so" + } + }, + { + "key": "Q5WpnOBdIVZuF5vxNtTlvIq7POy5aRJpxx6Hw0ToaxWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-39-darwin.so" + } + }, + { + "key": "Q6Bwq2VZJDtb3supDc1r9a68vAAPpMyy28mXUpqVJnIg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-39-darwin.so" + } + }, + { + "key": "Q6IjboadNWc3L3KJImL1xJZm2ZI-EIuybGZ1ETfJyc24", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-39-darwin.so" + } + }, + { + "key": "Q6nJyBw59nImWWiA9k3W3tlnPVnGi-ECTLUGjDOxfzHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-39-darwin.so" + } + }, + { + "key": "Q6syl5kML8qipTEGzWcTzw9EZu0Yiwt-9knGICp7IHcU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-39-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-manylinux-2-28-x86-64-whl", + "id": "15904524889", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 42221302, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QalX9FUKp0icg7_OlI8dM3paIp-I6VnQ9F6hsp55XnO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qaovp9ZgpurFjYQZ0Ov3oy4tIYMjx1v6eUrTnQp8h5wQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qaxhd_hoMYfshrLxBus3g7u8JauWg6EhrF0QL0QRGu1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb0YduZU34argGsGssneQV9FI7b5wUMKVsbSKF6aWBAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb2hDmQQgMEphoh2MOLddK69tFpuMmk5xq0UlxGhoz5U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QBTLW-weLwH95WQYR0-s-Eli4hQokVWH4U2s9yWaWvV8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QBUNjAQYMeD1N0i0JsqxzYg75cvUkLGRQqWPGH9tVIFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QC6E9-w28cmy2EBhaIWsiopYVNeoNS8fWUnrpYR7SfZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QCDI6bQZ3U32mkxTHorfjAG6sQdlMHAmvDyHV11X4Izc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QcnyWXsu9WYRk0b88m635aNnNy5-lJs5PhJZG6jUClYU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QCpevjxCLjAPaLnf7DKWq5mUyTLY9g4G457Oblrvuhc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QDCE-ofTYx-4iB63ICLoOdHQpBeCH8TGs19HlOWRd88I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QdfGU7Z1gAsRUm8CghnPZaU7ULy9gVB3uCasrhk6lIeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QdOjjyLFmRuhqbhZG3OrvBLf9N-8nOulh80CoBWtDI30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QDoNPsVPmoVuVzmE4ZGQVMs23eHNGpZGPA-_aFtO0Jr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QDOO_aDQAr6x3WaGWULqXDg2zyJdMp21GuVPrDkAGor8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QEB0s0wH4qpofb5nEmJpDuGX1mUEShdagpbgI7dn-tFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QeCs5BAKzJ-ptVx5qiCPRpbLbW3CkRumDxGMiM1m0xgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QEf-47xtAAOTS6y0yIcB5wmyu0J-UpZwTk5oVLHhIrKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QeiF_gtmuCFf-Qa7eAniyI2nkXgg66ctM9xMqMo5HOo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QElbRPld5H_LoPGFK2ZveVaZNP_i4RENydsfZZr7Hwmc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qepp-o5yjuoeXfQ3hskH_HZfjN2skIRc6LC80ClsCq7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QeQ53klMlVRL_FLzqyFXwKCJE3Wtvavp_lut9XSnm06Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QEyrijnZ8FBD472A_drKFcXkQ4CoXsj2TEcBq8zPpwb0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QF2WjXQTwm7qwha1n_ipjnbLE16lF-j7Qdacsa5N3y3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QF8T2C5BoP-AVFZ4SVIr_SIdT0f-fwJhzN2CIp48NIsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFB_uHJlkBVY6ttbA3UbhKUGpRSDNau_9NWnPQeB7Bfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qfc49Iv5Wv_-yp-BZ4iDkUqs4oKASwRMCl0h3xWzC-Ks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QfcnInR9RIDwJEpWY6macFwZ_9SAd1UFftuWCAj9GOCo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFE-7OX7TfQl2wCDjZIOJhSgTfbZys5ZtTaU_6hPoVQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFFeOBg5Hinj08Vvf_Mkbzmj2LvbeVxqBJN8yKX91OWw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QfFnWy-F5OzSZyJKPTVc5TBlbGgRhDgbrCOEq_3Ke5ls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFo_5_LYgej6f4vBUU4eeiPdX9SuC4Up0_bgsY3SkEq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFXRanZ9wmI2n7pZUf42aL19-yYu9E3GRJZ8m1XF300U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QgEV5N2GwnonrhuGufYQJaMrY6M1kOKXDpvLjJkl5urs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QGjUqKC4Yuqq15snsQ8hz_D8jHmiB1VktcyzJL6r8-Lk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QgoOmROI0Lg5JDeMQHAfwixpMOLtpIqpbNM-n3c3jDx8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qgt5EPFDOjRJM6cHCUcOU2_KLsBfcHxbzwWwQAUudtEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QGwtm0SbP4-8EakOpkIKc4Fq7uQU_gHO0pW-p1bFeims", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qh_38smJHxblWCpZ-_beSCgQc8KwJwYQX54Y5y7QFRjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QhBAXZQMMjp_63QIdXiVhM-YLN1pRW7lYbeT_IlsAtYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QhELrAElkc9gO757XRnjsw2QyPxBCwM7goalC7a0K5ZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QHMSAxIbu5REcipDs98jc49RuIZIJpQLjpvDuwPEMHKQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QHmxyUGpiARS0yLjbGgAh4EUYe81q7L6LM86v9X3AY1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QHpfwv4s2meHoate1i_54emIs4jPQ4BJjJAjTgQ9nZDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QhrTg2FnIm5gSm1W9ixoH9I7ehUySA1DjrvVSh27LN-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIh9ozPRddnxqFF8L3dZVXlMvwapL7miHC2aErWQH9HA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIjOG9WnSkLiPr5ysblP2XOJ7z1jl3b6zgf_Kln6tkhM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIjZQvncxMEdvsBfsdavRHF9ioXhBEKjQzhTyAYb6Ct0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QImx2QC16grx2gzSgbDE7_2cCZ8dXzkevmiRvfXb-xp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIuPRyvFczVrkcfIcifSU_PjfdD3vFWzrZ8oIYb8uKyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIVVh_HglLjAVeCuCeCnKpF8NTyeUk9GRRjjqdmhr4CM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj4dYeyiQ0nMaPh1RREB07rFtFXYhjSrjsjsnFHjHZHo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJak23j7hSVZTNLZy0ir7nW38lhOJGiSRrziw8H3Fabw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJdYAQbz9iksPfi3WAndjfdUjxb4kPAxsIn5zdM5ZJe4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJvefDZhqKCpKgOeXirMLP7QrG77GL4d75yet0Yp9RbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk3g-lvNRoed2T8BuzjlbiQPu04R_ubKWedQ5GNewyOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk3tDIkG4GEUOACfVGDfoMzbsitPTFApldJAsyDRlJto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk3y5pPnA81kk3nI43KRwXFkgPSFYUnOlRQZd1erkU3I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QKBO-hEea8LazId1l8IE6GvmHhj5chi9Vq3XCsRVS5Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QKD09GgV7yeJ5OPvpgxZTmlMCvmd7K_h2-G4fPdXPrO0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QL74p69Fx7xkgm5BWHVz9ooeqIxVm5ZzIiOcJS5ILB60", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QlazUzU9HVrKHmQO_ODZ1a_hPL_2ZwY2QAK97zl-oYgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLcd0hm-i0rQ2mylBUnTOUta_BTWWq0L1QA7WYOAAdsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLF9fWhiVZFAyalpvwirbTWMwpQJz8q0m4h3CWMnq3zY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLfvYppp5mdbgxX2lunhzke6tmgFGKmfJZ_2lUYV-8ks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QlIaM5Xmlx3bFe8DTZfsGm6o8-pkTgqZ7FmqD21tfBEk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLJtMLcHg2iRc5pPIWvdHQv1Xg9gewMDYoz_TX8lbnlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLmXwbG3JE6qYV-XS25uzayAUJ6wj8LJUELgTN_YEal8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QluGeSXdpdYM7l7k3xAsSFKFYXolXuHtMFjJksDYerec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QlxcBppXsGXVaN4kj47gfQKtLfk0QkD9JMFj0K-fZor4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QmHkiaLk-lYinyqTKlKzUoV-09UqOM2R0g0uiHodhYCc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QMmfEnUzvfhyjA21b2taY9n08pSYJtBAngezj6AbdGuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qmn-naqGSi-N6dTTIeqR-8rV9TsF0xW9Y5bZKL8HeeJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QN9CWxJ0gvp1PP4l7_N0g2PJbzrz5MKxuObecpOr8Wjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QnAp24YFo0-yn8mKJ96hEnDU6U_-clvlRz5rv6ltW1po", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnc2Mol1uL7h1SghbPhXcKuKSJcdxb5veSnlLhFHLgdY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QnjiNOiRwEwinllJ2dmZ9vDegH-ggdf5HHdAa4yCdl2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnk_sz41FHBBnCAe_iRxnBPpMZ6tT-UevA4dH_V9VKSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QNYzxh6fMZZHUOAjZxkijtbU1HnfWaRi1wuH_OxKDPyM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QO-m95hHRJrCwV4x-hjFhU2DgQes3-dIXD_6I0iDzoj0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qo-SVvcvGkBW3K7WZq2HVgg4EhSJFjp_cRFKor1IRFQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qo683jyh_TPNIGC0bu47toYMhVfSiav_QhK2ItoiS9uo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QOB4cdTJOsj71Tq9SIn9RnHJ_zVwp08kYsaV1UahmKcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QobRr8ymBjAcmXM5OfDTdkdb2GNQNpDz_IkVqbIqoWeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QOUJBrCpbg-3_22atuwgDVDH65P0Z1GVlyNsAUWQ_kjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QoV4W9XI4K2ZGR1IVNLvu2AxCm5Uun3iAiFdcDbHv8qA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QOVgY44hyd5yzBVx0dqFbuhWhNyuUrYCMUz3G3nbJDRs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QoZWbrcNWvVbpeV4gRJ2BmTAtOxzmC3_CY6r9idmctok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qp4bYenk9nIaSElI6IArlLJp9Y4YKc3a-gn6pU7O2IJ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QpfVWmBwAc3J4yGEBaoUr8M_Fyqy_T-z277GdzTA7bcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QpOMJuPi9lDqf36hbWoLkbQjAO37gKVouoAnJLOGzkyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QPpgXyZcgtS2ibnR7jqYF0giuG7HraJWizeZ347hpJ6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QPQrTg2FFVP3UpusyUC6ndor1nhS6QxrlCDNHqhCMpSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QPR9GtCBEj0aXD-u5bM0fWuzL_o9LCd6g2igrxoCczBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QpXHo1yfIy_yCv0rVTFT6KpdktOBDDOFC2YqjCJOkRos", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq-hUiUUMCRPjAyIvGWSP10yClooyCznMmhVoT-KDoQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ7tKBCArGhXbty6eq6h1-Ow5bo8qieZcamfPXaQ4bDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQK-yIK6QqlQLriq_IXCmUAZP1n_jmOCrXfcea5_xPUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKkRchfxd4NeZn9mjL_xum-LmdZJzZ_mYS0zWEBUOQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQqL_eM61pdaRN6UJqYLTxuISwZLz2PmKqFITqfcjpLo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QqyogR02UErrNaeUFjDYuFDii9BJSCDufNFpU36HwFTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQzXmjpJfijUAFCQR5ljDLG0zjknyMBYJ98g_8bFmy04", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QRBTZmgMvX73Ni5qlfMmNgGu7Bo6mq0eSyvFhENGbrX8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QRPMSPVobkE_kO0UbJFWhYqdrMjdRauZaItGDYJRF2sw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs8yyfxWfHGZSj6JLbijUJJIEb_X7yY_hr4ZTEozdrj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsEDA_sNp6Ye6FGOF3EuFarYfKG5xQ6jKIHcJyr6vr6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QshB4T6POoMJ439AEsnIYQn_c5y6vCepMdcbPeEYeNEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsJBcMgcnZ6dLG0XK_jO7YQWDveDkOL4izB-ufPsU0KI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsLTffuXD3INl1j5VCptFqbyKCex5_Y7wBHQlpGPGtxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsqI0SsRGYAaqkNEl56mfWREzVet0fI35svRtuYfuyAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QSReIgQpCPNEhM_F7LCXYAhCilD8dh9ZSOcJxjBHf058", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QSSKb9e6_RysOsKOb2GT7Yaj4Ufs8xvGF9FrakjO-bJQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsuLdJXtibp03ZrEY5eMMOIU9PgijcKY3jr9Sa7ydz1U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsXKSUrXoGsiH761ivz1W1sp9zm1-UzF3Dt8Md_8Jhd4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QtAvArcpzQLeyL2XUwYedP3sRgVkzgqM89edHKQtwRtQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTAvUKBueQ4UsKAEZca8Qrrqt_IwlMcblJnwwZXKzAEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTLlGJzdTZyoBOGfVXvc8x7Ar6ZlG_cQMoPWZSRa7uQI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QtLWl4SiKRUOXhUavTOYIGjzTLQ6JvFsSsVBlqYuJnLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTm1znCPHYRXyzOba5pt0JQeRHg7FimYc9g48nBRTQa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTM5hSAWz3QsIjtOkIefVBiWiCZp-xzgFtIqIGW4xUrU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QtyFnbhwFX6wJJlYsVI-2p00dF9vH8F0JyWy_NfgHMDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QUBGjoKCmxsEAgZyUDpq2Weoss_rJfTwH0zN5g4jYJvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QUhTObGTUXsQXMF47lT5oBOyTiaOQSyjg61255_xA3zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QumXLbxmBphFSpY-ZMP3KDswMBqtD10ZD0PFKg2ZxH1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QuPkATjjlSJps_ZJwYpGIEv0Egus6t1y5JA8_q6MeZRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QUTqMFLzbzw1SW5VzqrkXoiYgkJAzgQ2HLn0CdC698-E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QV3iNe22cKL3lRbzLXikPRWLULxi2-kZmNACsFUOWNaQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qv4b8iS42j87XU6JBBX3lMAA-Wtul7-Tji4eltP5caJw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVA1UwBSn6qRcQwLRGseyiIL42P-ifYpadZrdsTvVRGE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVaRUDVw0GBYSTOPaLImB16BQf-OO95oYO_RVZS80rSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvcrCScAgNeJy1wfnMBiy9j5KXkf8LkbP3kFT2Nx0K8g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QViwcR01LZZFJS-1cWP0GqN_gY_g6490xEo-O3UIqa_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvKItwkPSuocogHWHeUUwjWHKvYwbIHVqk4owD9uPAjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVKnTh7k5Kpe95X2DngcPyQoycLOXD8Xw3ZxjQgze7-E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVtT0z1DCp1UfsYPgNsNos_2NGOWCteU0YyM-sv2lSvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVug0_p-z8RotUgMl56jgXaJZYpLtdS4NVlNk0q7LxHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvzM4ZYgWwh3n_QVTNlTt3dQKiiDsAQr7xjDKA_LF2-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qw0_wBGrUKXhKeuK3mBrj7O_6hTRS5GXtSF9i1D_ylAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWe3HcObVjNCroe6mtDy69r-HlP1N4E37_Uvpc7XwvLY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QwhImxKR2dg21xCf73nuz06bHcXBEqje4vQv5kUqCT78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QwkYbl1_HaPP7T0-Wl4wNh-FIf8QIScqnLMpPKqOYLoM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QwRgFMJ_jKNdbPdM-GI-uI6vYx0zbB5O7mHlhjKiBbKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWUHfnv1M6pFl0o1aDUVxbnn1P3vFfd1DRt3OEZpsWWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWUHqu6yIUK7TAOfpT-3_j1Wb8A97oDato_B5ggGD8FA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qwv8ugRyCul0XU4YXNWW8Dq60OrdY3kEF0yJniI_p9_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWxxAOecqIyng41RhQP36p6cAHieIBNvifnt5Tk-eICU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWYNa0zS7edcb7Tcqa2Kp-td2B-BZ6SiHXbnkKyXGzLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qx39k5YvjNFqoGHcXCsIjcBINnCSGSMidkL_ofHkvM-g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QXDJNKdv-58NducsmsX5H27tM-aSEnaBcjVYqbZ7eVL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QxYEmpXVGO9wWZJfUYKSVYuuE-7RYwTEudCRzd10AJnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QyJ18-DOajaJRKqh7-7GBbngIYADzPy9cWT3ZG7vcbGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QyNoaN3XxboTcZoXPH3m1G7WkxOYJwcpqEki41araQeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QYvx1KNmX2Lz2anpB9Wri7gfEYMM5K7oigk6LX6B28pM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QYxTpuawIpzRRzqhzFTNfJx6Ai4tPUSb9fkgAWDmO04E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QYXwKHe169KQRSOCYiKvZu5vUKYlsF4SbgCdLXcg1J54", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz_D4KhicLKiZJS1xeMrBv3-wy5vaTuZihi9cSK1DgqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz3DUbjI2ZbOYBG2KBIxZMI1V7h9DhEgMKvhHpXwiDCg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ6AyZE3xXQkDaC0YxcYsScqLjljnCggihTbWvDLpt0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz8VB9VWX3POQvTdEFFAR0ZPwl9KLUAzffHUbf9Y-DJY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZAwqjwwhKWGy8VfCLwrKC07XXG49yAtE214gUa901cI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZDStOhbNDF3-NOqm4ZjThzgGm5GFLvcR-sv8seAzH9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QzIqA-4DYfvQM4y8kWCRC2mT20dON2iS9LLa5eRW_M5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZr2TaakHkEa3gpWrH4AF_Ah4aMgJGq8VlUx3YaNEdpY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZRFI-yjYuKIBaYNNsDs9mfcEf0oqMhST9S8DyUuoGOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QzSiAU3xaL30aSBgsjvstXq560SxB4h6PPTBqDsbPyhA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZuIJHmQThn6QsXPYPJucSfsODS-clb0j5jEvHACqSgA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZxL3KM_w13xESmi4qrpL0Cm3DCzOeWYoJI7hW3k7SLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1tZFcIrytNyrsoAVOSJl-CpEwHoaLlSwufQWSf7wYgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QLq7HVXDElGiVlaxtztjb0o5x8jnuCiXK7M4VwqOrqWQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q1tZFcIrytNyrsoAVOSJl-CpEwHoaLlSwufQWSf7wYgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QLq7HVXDElGiVlaxtztjb0o5x8jnuCiXK7M4VwqOrqWQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q1tZFcIrytNyrsoAVOSJl-CpEwHoaLlSwufQWSf7wYgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q1tZFcIrytNyrsoAVOSJl-CpEwHoaLlSwufQWSf7wYgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QLq7HVXDElGiVlaxtztjb0o5x8jnuCiXK7M4VwqOrqWQ", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1tZFcIrytNyrsoAVOSJl-CpEwHoaLlSwufQWSf7wYgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QWrkaH0ZA-X1iZKPNakk_8U5cX0E3y4QquLSNsgPfjwo", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q1tZFcIrytNyrsoAVOSJl-CpEwHoaLlSwufQWSf7wYgc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QQsJTTL9Y5UXwCSaVSLBftGgcK6Q8L7eLlKCB9VJHB-8", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_4Zy3wDQpM7JFNJTp2N46Towenhy7AtsFiNmN2IVC0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_cPA4Aa314LPpPilcp2omm2TfnB0nYUvogMY5FJ5Aqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_K9X0N1yxYRs7xj5JjJrBlSIdTbmPrcQ1cMdPz6K-6Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_Q--UMaMXZadib_xwfkf3cW7HO2qdAU5fURfogwgALw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-TkS3vOMDiqRDSGN3mB-6XwsZIPXEJpE4iyLvfznhvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-wB6Q0zfLYI0E9otaLlhGIxkZ3gbrDOVTxy3pDppShk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-x2_0FJjzZZTfo9d6g8R9yxzdYHg9FD2ebrNE05eyTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0vhq5yWasQ-zCEITTdDHq4fIXtN0BlOAoRChrxJB5UQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1IV2VVDEsUsSfwlQs4W7nBzZ3H8oQJfCRHOfs1gFwms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1md2ymT_6Wo29LM-HGGvT8geYRVB455KXwxStQTmKw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2--TYE1__h9KWKWanIKKLoGcWHF4DGwzb33QZvV3oBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2558YYsHSeUNMgB5HIRWwhesMKda6oUqlEm8zjr78ME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2kSuzpSedoYFMxQAaqDVepBRruwtERXK19wWZP8joLQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2RcaU7SQ6NJ8GIL8Vinmq9td955-HgmNBB_1-bwC_tU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2vEUMKOSPTCVPTJ-qaeBx3xrJ2szHoxec83GH1ZCPLM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3wjzN8ZKtKNb0qnY0p_Fxk0fGiq6Fil7SpLM-k32EGU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q42GW-qtbukNOI61j9Co-kN-qZszsx7f2KBV-NMIpMbM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4hzIIK0XFaH1Gy8PG0sjw8SG03vSEwLryD9OhkIKX3E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4Lwg7FPNpnBvPOTGPF7UyB5WikqqQBA0ZshLQhfVARE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q54D5uI96SRb04WkEfcHHnQhO-4H1eJY0-ThU5U61JFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5csK4JzrSNL64fe5y2X5T-b-nRIe0H08lpDhLUWAvsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5d2AtssKdxLSMgQr5_jCKcwdYlWTfeQ0z8RQCuvN0H4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5utgRSgPgrh6RHtNZfF3_Ce90FQelPBh7CWqFYxVsXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6hLcm9lQCt4hamCmW6yYRP3jpvm_GHqqoI5RAHzSlvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6JvcC63124-CT0d73ouI17yguwap8XO04AGgfCpRzwc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6Oj9qLNndeOiwXmLS16KLxBCBMZCC3m_pOHgFcj8AXk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6YdN9si8G_-nfO-PfIXLOzZhKYuXH4JNA52a-vcHOs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q77WNTDxhrKInj0-BF4vanEKeQw0CvXXbRXF4qHqj5C8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4l1csa6PsmTzVlWIUfM8WYXtChDtW4eJLpsLEfxOjWc", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_2Oc-ep3y2eT3iQltamyLp0c3yiOaT1NB2gc1-m1TXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_3Pc16ychcQCRZwT9_9R6DYYIx0KkGHqCKWuPiZULcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7B6Tywzg2mUXnXVmYSMkMMOFURufzNSOltMIbM1QcLc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7ph62vgDc2WI5ZvB8kdi2rSMBinefQPfxHtdGCSMX2o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7vQ9T0YbyTElhSyVKpa5UduBLIWBNelsSoEpSYg6-k0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8ot98y5qgNq1v3axkVbbwDAymeRboMuRdgjCDXQdCrk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9RyOZBrqDYOvKpB50yw7PqxS8e2nHzzfzTTkd90qdsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9T_4Ula2lkL9MeRYRrWsyQIJn4MZN6gcNiL0xXKd5cI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9Z5NK9MaCSfC3rrHWz6474OapZ6DyhqwDDd4gFDn-dU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QAekuuGquv3yqhpxViwlCKaByPSvv4A68srX4aApcSGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QAkSuZTBetV5KQxDDyUtuBln2MMmTFwjuOwBIT87SZqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qalcl6fO8lvMZSf65hgkPmOVdQZVsIS1S8HMVYr0b6ck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-39-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp39-cp39-musllinux-1-1-x86-64-whl", + "id": "15904524890", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 45502755, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "QeQ53klMlVRL_FLzqyFXwKCJE3Wtvavp_lut9XSnm06Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFxxrJ0vzkg7NAMW18yGyrKYAgRgRhphnLEq4LMxjYog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFxxrJ0vzkg7NAMW18yGyrKYAgRgRhphnLEq4LMxjYog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QsGwAbJmNJaeHUeQ_ve7sYxBdRsPKXbta2WF0p43DGyA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QFxxrJ0vzkg7NAMW18yGyrKYAgRgRhphnLEq4LMxjYog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testoutput.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFxxrJ0vzkg7NAMW18yGyrKYAgRgRhphnLEq4LMxjYog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QsGwAbJmNJaeHUeQ_ve7sYxBdRsPKXbta2WF0p43DGyA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFxxrJ0vzkg7NAMW18yGyrKYAgRgRhphnLEq4LMxjYog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QsGwAbJmNJaeHUeQ_ve7sYxBdRsPKXbta2WF0p43DGyA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QFxxrJ0vzkg7NAMW18yGyrKYAgRgRhphnLEq4LMxjYog", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QzXJbpol4T3jWbx-Jj2jFoPgCErB2f8Xh9A4-sq5eN7Y", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9TMLziuaNS8fB4OaXzlB0sLf0cPS8o_AdSz_Iswt-hs", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qu5lAypLymObfPn9q3jdUUDGLYuJ-Q3A9_qCWUGXlS58", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZxL3KM_w13xESmi4qrpL0Cm3DCzOeWYoJI7hW3k7SLE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZuIJHmQThn6QsXPYPJucSfsODS-clb0j5jEvHACqSgA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QzSiAU3xaL30aSBgsjvstXq560SxB4h6PPTBqDsbPyhA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZRFI-yjYuKIBaYNNsDs9mfcEf0oqMhST9S8DyUuoGOQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZr2TaakHkEa3gpWrH4AF_Ah4aMgJGq8VlUx3YaNEdpY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QzIqA-4DYfvQM4y8kWCRC2mT20dON2iS9LLa5eRW_M5o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZDStOhbNDF3-NOqm4ZjThzgGm5GFLvcR-sv8seAzH9I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZAwqjwwhKWGy8VfCLwrKC07XXG49yAtE214gUa901cI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz8VB9VWX3POQvTdEFFAR0ZPwl9KLUAzffHUbf9Y-DJY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QZ6AyZE3xXQkDaC0YxcYsScqLjljnCggihTbWvDLpt0s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz3DUbjI2ZbOYBG2KBIxZMI1V7h9DhEgMKvhHpXwiDCg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qz_D4KhicLKiZJS1xeMrBv3-wy5vaTuZihi9cSK1DgqE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QYXwKHe169KQRSOCYiKvZu5vUKYlsF4SbgCdLXcg1J54", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QYxTpuawIpzRRzqhzFTNfJx6Ai4tPUSb9fkgAWDmO04E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QYvx1KNmX2Lz2anpB9Wri7gfEYMM5K7oigk6LX6B28pM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QyNoaN3XxboTcZoXPH3m1G7WkxOYJwcpqEki41araQeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QyJ18-DOajaJRKqh7-7GBbngIYADzPy9cWT3ZG7vcbGQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QxYEmpXVGO9wWZJfUYKSVYuuE-7RYwTEudCRzd10AJnw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QXDJNKdv-58NducsmsX5H27tM-aSEnaBcjVYqbZ7eVL4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qx39k5YvjNFqoGHcXCsIjcBINnCSGSMidkL_ofHkvM-g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWYNa0zS7edcb7Tcqa2Kp-td2B-BZ6SiHXbnkKyXGzLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWxxAOecqIyng41RhQP36p6cAHieIBNvifnt5Tk-eICU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qwv8ugRyCul0XU4YXNWW8Dq60OrdY3kEF0yJniI_p9_U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWUHqu6yIUK7TAOfpT-3_j1Wb8A97oDato_B5ggGD8FA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWUHfnv1M6pFl0o1aDUVxbnn1P3vFfd1DRt3OEZpsWWI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QwRgFMJ_jKNdbPdM-GI-uI6vYx0zbB5O7mHlhjKiBbKA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QwkYbl1_HaPP7T0-Wl4wNh-FIf8QIScqnLMpPKqOYLoM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QwhImxKR2dg21xCf73nuz06bHcXBEqje4vQv5kUqCT78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QWe3HcObVjNCroe6mtDy69r-HlP1N4E37_Uvpc7XwvLY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qw0_wBGrUKXhKeuK3mBrj7O_6hTRS5GXtSF9i1D_ylAk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvzM4ZYgWwh3n_QVTNlTt3dQKiiDsAQr7xjDKA_LF2-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVug0_p-z8RotUgMl56jgXaJZYpLtdS4NVlNk0q7LxHc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVtT0z1DCp1UfsYPgNsNos_2NGOWCteU0YyM-sv2lSvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVKnTh7k5Kpe95X2DngcPyQoycLOXD8Xw3ZxjQgze7-E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvKItwkPSuocogHWHeUUwjWHKvYwbIHVqk4owD9uPAjk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QViwcR01LZZFJS-1cWP0GqN_gY_g6490xEo-O3UIqa_A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QvcrCScAgNeJy1wfnMBiy9j5KXkf8LkbP3kFT2Nx0K8g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVaRUDVw0GBYSTOPaLImB16BQf-OO95oYO_RVZS80rSc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QVA1UwBSn6qRcQwLRGseyiIL42P-ifYpadZrdsTvVRGE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qv4b8iS42j87XU6JBBX3lMAA-Wtul7-Tji4eltP5caJw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QV3iNe22cKL3lRbzLXikPRWLULxi2-kZmNACsFUOWNaQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QUTqMFLzbzw1SW5VzqrkXoiYgkJAzgQ2HLn0CdC698-E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QuPkATjjlSJps_ZJwYpGIEv0Egus6t1y5JA8_q6MeZRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QumXLbxmBphFSpY-ZMP3KDswMBqtD10ZD0PFKg2ZxH1Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QUhTObGTUXsQXMF47lT5oBOyTiaOQSyjg61255_xA3zo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QUBGjoKCmxsEAgZyUDpq2Weoss_rJfTwH0zN5g4jYJvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QtyFnbhwFX6wJJlYsVI-2p00dF9vH8F0JyWy_NfgHMDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTM5hSAWz3QsIjtOkIefVBiWiCZp-xzgFtIqIGW4xUrU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTm1znCPHYRXyzOba5pt0JQeRHg7FimYc9g48nBRTQa0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QtLWl4SiKRUOXhUavTOYIGjzTLQ6JvFsSsVBlqYuJnLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTLlGJzdTZyoBOGfVXvc8x7Ar6ZlG_cQMoPWZSRa7uQI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QTAvUKBueQ4UsKAEZca8Qrrqt_IwlMcblJnwwZXKzAEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QtAvArcpzQLeyL2XUwYedP3sRgVkzgqM89edHKQtwRtQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsXKSUrXoGsiH761ivz1W1sp9zm1-UzF3Dt8Md_8Jhd4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsuLdJXtibp03ZrEY5eMMOIU9PgijcKY3jr9Sa7ydz1U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QSSKb9e6_RysOsKOb2GT7Yaj4Ufs8xvGF9FrakjO-bJQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QSReIgQpCPNEhM_F7LCXYAhCilD8dh9ZSOcJxjBHf058", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsqI0SsRGYAaqkNEl56mfWREzVet0fI35svRtuYfuyAY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsLTffuXD3INl1j5VCptFqbyKCex5_Y7wBHQlpGPGtxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsJBcMgcnZ6dLG0XK_jO7YQWDveDkOL4izB-ufPsU0KI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QshB4T6POoMJ439AEsnIYQn_c5y6vCepMdcbPeEYeNEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QsEDA_sNp6Ye6FGOF3EuFarYfKG5xQ6jKIHcJyr6vr6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qs8yyfxWfHGZSj6JLbijUJJIEb_X7yY_hr4ZTEozdrj8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QRPMSPVobkE_kO0UbJFWhYqdrMjdRauZaItGDYJRF2sw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QRBTZmgMvX73Ni5qlfMmNgGu7Bo6mq0eSyvFhENGbrX8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQzXmjpJfijUAFCQR5ljDLG0zjknyMBYJ98g_8bFmy04", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QqyogR02UErrNaeUFjDYuFDii9BJSCDufNFpU36HwFTU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQqL_eM61pdaRN6UJqYLTxuISwZLz2PmKqFITqfcjpLo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQKkRchfxd4NeZn9mjL_xum-LmdZJzZ_mYS0zWEBUOQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQK-yIK6QqlQLriq_IXCmUAZP1n_jmOCrXfcea5_xPUM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QQ7tKBCArGhXbty6eq6h1-Ow5bo8qieZcamfPXaQ4bDg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qq-hUiUUMCRPjAyIvGWSP10yClooyCznMmhVoT-KDoQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QpXHo1yfIy_yCv0rVTFT6KpdktOBDDOFC2YqjCJOkRos", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QPR9GtCBEj0aXD-u5bM0fWuzL_o9LCd6g2igrxoCczBA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QPQrTg2FFVP3UpusyUC6ndor1nhS6QxrlCDNHqhCMpSw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QPpgXyZcgtS2ibnR7jqYF0giuG7HraJWizeZ347hpJ6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QpOMJuPi9lDqf36hbWoLkbQjAO37gKVouoAnJLOGzkyY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QpfVWmBwAc3J4yGEBaoUr8M_Fyqy_T-z277GdzTA7bcQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qp4bYenk9nIaSElI6IArlLJp9Y4YKc3a-gn6pU7O2IJ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QoZWbrcNWvVbpeV4gRJ2BmTAtOxzmC3_CY6r9idmctok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QOVgY44hyd5yzBVx0dqFbuhWhNyuUrYCMUz3G3nbJDRs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QoV4W9XI4K2ZGR1IVNLvu2AxCm5Uun3iAiFdcDbHv8qA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QOUJBrCpbg-3_22atuwgDVDH65P0Z1GVlyNsAUWQ_kjg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QobRr8ymBjAcmXM5OfDTdkdb2GNQNpDz_IkVqbIqoWeo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QOB4cdTJOsj71Tq9SIn9RnHJ_zVwp08kYsaV1UahmKcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qo683jyh_TPNIGC0bu47toYMhVfSiav_QhK2ItoiS9uo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qo-SVvcvGkBW3K7WZq2HVgg4EhSJFjp_cRFKor1IRFQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QO-m95hHRJrCwV4x-hjFhU2DgQes3-dIXD_6I0iDzoj0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QNYzxh6fMZZHUOAjZxkijtbU1HnfWaRi1wuH_OxKDPyM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnk_sz41FHBBnCAe_iRxnBPpMZ6tT-UevA4dH_V9VKSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QnjiNOiRwEwinllJ2dmZ9vDegH-ggdf5HHdAa4yCdl2s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qnc2Mol1uL7h1SghbPhXcKuKSJcdxb5veSnlLhFHLgdY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QnAp24YFo0-yn8mKJ96hEnDU6U_-clvlRz5rv6ltW1po", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QN9CWxJ0gvp1PP4l7_N0g2PJbzrz5MKxuObecpOr8Wjw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qmn-naqGSi-N6dTTIeqR-8rV9TsF0xW9Y5bZKL8HeeJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QMmfEnUzvfhyjA21b2taY9n08pSYJtBAngezj6AbdGuM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QmHkiaLk-lYinyqTKlKzUoV-09UqOM2R0g0uiHodhYCc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QlxcBppXsGXVaN4kj47gfQKtLfk0QkD9JMFj0K-fZor4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QluGeSXdpdYM7l7k3xAsSFKFYXolXuHtMFjJksDYerec", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLmXwbG3JE6qYV-XS25uzayAUJ6wj8LJUELgTN_YEal8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLJtMLcHg2iRc5pPIWvdHQv1Xg9gewMDYoz_TX8lbnlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QlIaM5Xmlx3bFe8DTZfsGm6o8-pkTgqZ7FmqD21tfBEk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLfvYppp5mdbgxX2lunhzke6tmgFGKmfJZ_2lUYV-8ks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLF9fWhiVZFAyalpvwirbTWMwpQJz8q0m4h3CWMnq3zY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QLcd0hm-i0rQ2mylBUnTOUta_BTWWq0L1QA7WYOAAdsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QlazUzU9HVrKHmQO_ODZ1a_hPL_2ZwY2QAK97zl-oYgs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QL74p69Fx7xkgm5BWHVz9ooeqIxVm5ZzIiOcJS5ILB60", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QKD09GgV7yeJ5OPvpgxZTmlMCvmd7K_h2-G4fPdXPrO0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QKBO-hEea8LazId1l8IE6GvmHhj5chi9Vq3XCsRVS5Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk3y5pPnA81kk3nI43KRwXFkgPSFYUnOlRQZd1erkU3I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk3tDIkG4GEUOACfVGDfoMzbsitPTFApldJAsyDRlJto", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qk3g-lvNRoed2T8BuzjlbiQPu04R_ubKWedQ5GNewyOI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJvefDZhqKCpKgOeXirMLP7QrG77GL4d75yet0Yp9RbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJdYAQbz9iksPfi3WAndjfdUjxb4kPAxsIn5zdM5ZJe4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QJak23j7hSVZTNLZy0ir7nW38lhOJGiSRrziw8H3Fabw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qj4dYeyiQ0nMaPh1RREB07rFtFXYhjSrjsjsnFHjHZHo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIVVh_HglLjAVeCuCeCnKpF8NTyeUk9GRRjjqdmhr4CM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIuPRyvFczVrkcfIcifSU_PjfdD3vFWzrZ8oIYb8uKyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QImx2QC16grx2gzSgbDE7_2cCZ8dXzkevmiRvfXb-xp8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIjZQvncxMEdvsBfsdavRHF9ioXhBEKjQzhTyAYb6Ct0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIjOG9WnSkLiPr5ysblP2XOJ7z1jl3b6zgf_Kln6tkhM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QIh9ozPRddnxqFF8L3dZVXlMvwapL7miHC2aErWQH9HA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QhrTg2FnIm5gSm1W9ixoH9I7ehUySA1DjrvVSh27LN-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QHpfwv4s2meHoate1i_54emIs4jPQ4BJjJAjTgQ9nZDo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QHmxyUGpiARS0yLjbGgAh4EUYe81q7L6LM86v9X3AY1I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QHMSAxIbu5REcipDs98jc49RuIZIJpQLjpvDuwPEMHKQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QhELrAElkc9gO757XRnjsw2QyPxBCwM7goalC7a0K5ZI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QhBAXZQMMjp_63QIdXiVhM-YLN1pRW7lYbeT_IlsAtYI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qh_38smJHxblWCpZ-_beSCgQc8KwJwYQX54Y5y7QFRjs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QGwtm0SbP4-8EakOpkIKc4Fq7uQU_gHO0pW-p1bFeims", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qgt5EPFDOjRJM6cHCUcOU2_KLsBfcHxbzwWwQAUudtEM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QgoOmROI0Lg5JDeMQHAfwixpMOLtpIqpbNM-n3c3jDx8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QGjUqKC4Yuqq15snsQ8hz_D8jHmiB1VktcyzJL6r8-Lk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QgEV5N2GwnonrhuGufYQJaMrY6M1kOKXDpvLjJkl5urs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFXRanZ9wmI2n7pZUf42aL19-yYu9E3GRJZ8m1XF300U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFo_5_LYgej6f4vBUU4eeiPdX9SuC4Up0_bgsY3SkEq4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QfFnWy-F5OzSZyJKPTVc5TBlbGgRhDgbrCOEq_3Ke5ls", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFFeOBg5Hinj08Vvf_Mkbzmj2LvbeVxqBJN8yKX91OWw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFE-7OX7TfQl2wCDjZIOJhSgTfbZys5ZtTaU_6hPoVQ0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QfcnInR9RIDwJEpWY6macFwZ_9SAd1UFftuWCAj9GOCo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qfc49Iv5Wv_-yp-BZ4iDkUqs4oKASwRMCl0h3xWzC-Ks", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QFB_uHJlkBVY6ttbA3UbhKUGpRSDNau_9NWnPQeB7Bfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QF8T2C5BoP-AVFZ4SVIr_SIdT0f-fwJhzN2CIp48NIsE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QF2WjXQTwm7qwha1n_ipjnbLE16lF-j7Qdacsa5N3y3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QEyrijnZ8FBD472A_drKFcXkQ4CoXsj2TEcBq8zPpwb0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qepp-o5yjuoeXfQ3hskH_HZfjN2skIRc6LC80ClsCq7Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QElbRPld5H_LoPGFK2ZveVaZNP_i4RENydsfZZr7Hwmc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QeiF_gtmuCFf-Qa7eAniyI2nkXgg66ctM9xMqMo5HOo4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QEf-47xtAAOTS6y0yIcB5wmyu0J-UpZwTk5oVLHhIrKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QeCs5BAKzJ-ptVx5qiCPRpbLbW3CkRumDxGMiM1m0xgE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QEB0s0wH4qpofb5nEmJpDuGX1mUEShdagpbgI7dn-tFM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QDOO_aDQAr6x3WaGWULqXDg2zyJdMp21GuVPrDkAGor8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QDoNPsVPmoVuVzmE4ZGQVMs23eHNGpZGPA-_aFtO0Jr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QdOjjyLFmRuhqbhZG3OrvBLf9N-8nOulh80CoBWtDI30", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QdfGU7Z1gAsRUm8CghnPZaU7ULy9gVB3uCasrhk6lIeM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QDCE-ofTYx-4iB63ICLoOdHQpBeCH8TGs19HlOWRd88I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QCpevjxCLjAPaLnf7DKWq5mUyTLY9g4G457Oblrvuhc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QcnyWXsu9WYRk0b88m635aNnNy5-lJs5PhJZG6jUClYU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QCDI6bQZ3U32mkxTHorfjAG6sQdlMHAmvDyHV11X4Izc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QC6E9-w28cmy2EBhaIWsiopYVNeoNS8fWUnrpYR7SfZE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QBUNjAQYMeD1N0i0JsqxzYg75cvUkLGRQqWPGH9tVIFI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QBTLW-weLwH95WQYR0-s-Eli4hQokVWH4U2s9yWaWvV8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb2hDmQQgMEphoh2MOLddK69tFpuMmk5xq0UlxGhoz5U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qb0YduZU34argGsGssneQV9FI7b5wUMKVsbSKF6aWBAQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qaxhd_hoMYfshrLxBus3g7u8JauWg6EhrF0QL0QRGu1w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qaovp9ZgpurFjYQZ0Ov3oy4tIYMjx1v6eUrTnQp8h5wQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QalX9FUKp0icg7_OlI8dM3paIp-I6VnQ9F6hsp55XnO8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qalcl6fO8lvMZSf65hgkPmOVdQZVsIS1S8HMVYr0b6ck", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QAkSuZTBetV5KQxDDyUtuBln2MMmTFwjuOwBIT87SZqI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "QAekuuGquv3yqhpxViwlCKaByPSvv4A68srX4aApcSGs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9Z5NK9MaCSfC3rrHWz6474OapZ6DyhqwDDd4gFDn-dU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9T_4Ula2lkL9MeRYRrWsyQIJn4MZN6gcNiL0xXKd5cI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q9RyOZBrqDYOvKpB50yw7PqxS8e2nHzzfzTTkd90qdsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q8ot98y5qgNq1v3axkVbbwDAymeRboMuRdgjCDXQdCrk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7vQ9T0YbyTElhSyVKpa5UduBLIWBNelsSoEpSYg6-k0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7ph62vgDc2WI5ZvB8kdi2rSMBinefQPfxHtdGCSMX2o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q7B6Tywzg2mUXnXVmYSMkMMOFURufzNSOltMIbM1QcLc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q77WNTDxhrKInj0-BF4vanEKeQw0CvXXbRXF4qHqj5C8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6YdN9si8G_-nfO-PfIXLOzZhKYuXH4JNA52a-vcHOs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6Oj9qLNndeOiwXmLS16KLxBCBMZCC3m_pOHgFcj8AXk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6JvcC63124-CT0d73ouI17yguwap8XO04AGgfCpRzwc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q6hLcm9lQCt4hamCmW6yYRP3jpvm_GHqqoI5RAHzSlvw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5utgRSgPgrh6RHtNZfF3_Ce90FQelPBh7CWqFYxVsXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5d2AtssKdxLSMgQr5_jCKcwdYlWTfeQ0z8RQCuvN0H4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q5csK4JzrSNL64fe5y2X5T-b-nRIe0H08lpDhLUWAvsM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q54D5uI96SRb04WkEfcHHnQhO-4H1eJY0-ThU5U61JFs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4Lwg7FPNpnBvPOTGPF7UyB5WikqqQBA0ZshLQhfVARE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q4hzIIK0XFaH1Gy8PG0sjw8SG03vSEwLryD9OhkIKX3E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q42GW-qtbukNOI61j9Co-kN-qZszsx7f2KBV-NMIpMbM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q3wjzN8ZKtKNb0qnY0p_Fxk0fGiq6Fil7SpLM-k32EGU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2vEUMKOSPTCVPTJ-qaeBx3xrJ2szHoxec83GH1ZCPLM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2RcaU7SQ6NJ8GIL8Vinmq9td955-HgmNBB_1-bwC_tU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2kSuzpSedoYFMxQAaqDVepBRruwtERXK19wWZP8joLQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2558YYsHSeUNMgB5HIRWwhesMKda6oUqlEm8zjr78ME", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q2--TYE1__h9KWKWanIKKLoGcWHF4DGwzb33QZvV3oBs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1md2ymT_6Wo29LM-HGGvT8geYRVB455KXwxStQTmKw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q1IV2VVDEsUsSfwlQs4W7nBzZ3H8oQJfCRHOfs1gFwms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q0vhq5yWasQ-zCEITTdDHq4fIXtN0BlOAoRChrxJB5UQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-x2_0FJjzZZTfo9d6g8R9yxzdYHg9FD2ebrNE05eyTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-wB6Q0zfLYI0E9otaLlhGIxkZ3gbrDOVTxy3pDppShk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q-TkS3vOMDiqRDSGN3mB-6XwsZIPXEJpE4iyLvfznhvs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_Q--UMaMXZadib_xwfkf3cW7HO2qdAU5fURfogwgALw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_K9X0N1yxYRs7xj5JjJrBlSIdTbmPrcQ1cMdPz6K-6Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_cPA4Aa314LPpPilcp2omm2TfnB0nYUvogMY5FJ5Aqw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_4Zy3wDQpM7JFNJTp2N46Towenhy7AtsFiNmN2IVC0o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_3Pc16ychcQCRZwT9_9R6DYYIx0KkGHqCKWuPiZULcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Q_2Oc-ep3y2eT3iQltamyLp0c3yiOaT1NB2gc1-m1TXs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cpython-39-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "mypy", + "version": "1.13.0", + "release": "cp39-cp39-win-amd64-whl", + "id": "15904524891", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT AND Python-2.0.1", + "licenseDetails": [], + "author": [ + "ambv", + "guido", + "hauntsaninja", + "ilevkivskyi", + "jhance", + "jukkal", + "maxmurin", + "msullivan", + "stas314", + "svalentin", + "wesleywright" + ], + "size": 28675931, + "score": { + "supplyChain": 0.17, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.17 + }, + "alerts": [ + { + "key": "Qb7zMJL11Sea9qfQ2NiOLE6hxYpXHGcxfTHINN1hS1i8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/crash.cp39-win_amd64.pyd" + } + }, + { + "key": "QceLjSUSbXFZHb4DDhpC9k46oV4RcU51T4hhXmydBPBI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/error_formatter.cp39-win_amd64.pyd" + } + }, + { + "key": "QCbSr1oMa0EjZzO4CBBim4OEJauIR5hz_YVGOaGDubfI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/targets.cp39-win_amd64.pyd" + } + }, + { + "key": "Qc_kb8HNv24y6BrIwkitrH8bpPptvSqcsEFUX-D8i6OI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errors.cp39-win_amd64.pyd" + } + }, + { + "key": "QBmFGKm9-h_Y8jk8fzAy61MRbk2khW8VQAfsBYHw0Ets", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/attrs.cp39-win_amd64.pyd" + } + }, + { + "key": "QbHx-3XX887Baya65SaZjzd4zv72uzMJHbVkrg4L09us", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/ctypes.cp39-win_amd64.pyd" + } + }, + { + "key": "Qb0AWTdhTqF2JskOALzaCiJrG7D08MTUtcHw0epYsydA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constraints.cp39-win_amd64.pyd" + } + }, + { + "key": "QAwLfrzHk1UEbSJtciOawrCSYdBoinpNhZ_HokyHIocs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitmodule.cp39-win_amd64.pyd" + } + }, + { + "key": "QATaEXO_zaSnWj-EmnWFm-b3iSBgvuBdgXNxRQEXQU3Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/config_parser.cp39-win_amd64.pyd" + } + }, + { + "key": "QaJmGeW3G_VMmQ0rXlH81go4xIKqkefPoy14j-yOIrYw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/tvar_scope.cp39-win_amd64.pyd" + } + }, + { + "key": "QahVMa5BdXXdWuGEf7BpBbLQSScgP9p1pIMcJGhIfFEI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/callable_class.cp39-win_amd64.pyd" + } + }, + { + "key": "QAApvjsXqyR3owtjhi7zpCWfswyYAgIF80TwS61fTYXY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prebuildvisitor.cp39-win_amd64.pyd" + } + }, + { + "key": "QA69tzy29g_hPUvZHaXjSa0oVnwILzwoaOpLaeImwBr8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "Q9UpcOxfW8ent12WPZ3KSUPlhrSjn8YH40ma9IuAxq78", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astmerge.cp39-win_amd64.pyd" + } + }, + { + "key": "Q9RyhSlUztLd1hP5XSvBKbHdahHoDRyWJngJoW3VFGz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "Q9LLqFxOBLReg-wW2bb3XhVnwBKmwv3TQA39F6u5oa5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/scope.cp39-win_amd64.pyd" + } + }, + { + "key": "Q9JShxABYNm-Ycb2uHhy75KVQwdGMifxaZ7PJ4MqUIfg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/sharedparse.cp39-win_amd64.pyd" + } + }, + { + "key": "Q9HSZYN_6aZz3lOztsiKt0-mEMf2Sb3QQvu96cBtxcdw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/target.cp39-win_amd64.pyd" + } + }, + { + "key": "Q96DKXIJ-1xTz7-Mj3mI8On35fkLsOt76zIh9R88b0mI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeargs.cp39-win_amd64.pyd" + } + }, + { + "key": "Q7Xhkq6WzKidsLjX0T2TG11KNHb-Wudqw8PHZ6AxdKHE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/util.cp39-win_amd64.pyd" + } + }, + { + "key": "Q7rMgtov9OJ1W_XxWRPIV7IbP74l0mCHP-mJUyyH8Tw4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/argmap.cp39-win_amd64.pyd" + } + }, + { + "key": "Q6lp54RmO_vU4Di4kNZtAYiOctGdlJdq2mD3ZsZ3vcZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/bytes_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "Q68w57zPTwEr5iU3bhK3EaOZYOwqSSApJtMUt5POcrBg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/moduleinspect.cp39-win_amd64.pyd" + } + }, + { + "key": "Q4Y3FVV9G59Uk2tSo3905YeUR6wjQic2RI6CMG_t1kxQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/expandtype.cp39-win_amd64.pyd" + } + }, + { + "key": "Q4uVL9dh5XT9maE-Pxtz9OjybRSYMzo0aGGd0-bmSCl4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/build.cp39-win_amd64.pyd" + } + }, + { + "key": "Q4PzhqTT7ACcLOepIDGRhwG2vd_PoCPJZ_7nmw6egiiQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/metastore.cp39-win_amd64.pyd" + } + }, + { + "key": "Q4fQ7nX8fD72AmjtU18XJNyioetIjWaAtH8Xyn9zKBG8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/common.cp39-win_amd64.pyd" + } + }, + { + "key": "Q2zHOzenrYuE9UmT9S57qrJiGkQX3eX69OIsqHddmgyk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/treetransform.cp39-win_amd64.pyd" + } + }, + { + "key": "Q2YcMxuMuWRio78uyVP3egImJiEvSTAWSmhkwNIWUv6U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_pass1.cp39-win_amd64.pyd" + } + }, + { + "key": "Q2RXr4-pveYX-y4c8TG6fWHMPFCCGFCOe6TiOqk2i84c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/common.cp39-win_amd64.pyd" + } + }, + { + "key": "Q2plFOjukzFBBFFPYx9FdMRCdaysUI3AiMXb1GsNonbM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/errorcodes.cp39-win_amd64.pyd" + } + }, + { + "key": "Q2cCU4tHX07maIjXPNADqPlrcha_lafPNFRSdKgkSDKs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "Q1x0o_T5SLDg3sNBzcKOBFZycTo0fkhoMuI4zCj1-YDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/renaming.cp39-win_amd64.pyd" + } + }, + { + "key": "Q1WCR4shqmV92FuzMDS5mHgTQv2mM_5SF4qVJQgSeT4E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/lower.cp39-win_amd64.pyd" + } + }, + { + "key": "Q1JYD1rRt5lGjL-uvKXv-eDapy5j855pumcGC1xOV5wk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_classprop.cp39-win_amd64.pyd" + } + }, + { + "key": "Q1Fbwkgeq3uVZpyhAza0cmHNirLHSkIqLW60zMZEZ-EE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/suggestions.cp39-win_amd64.pyd" + } + }, + { + "key": "Q0Om0ASCPekNPFuYsBAWm1NXl_CIbEpIe2t-IU5I0zaY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/message_registry.cp39-win_amd64.pyd" + } + }, + { + "key": "Q0lkFU77e5jh4JNXTWN66cV8bgu8OuPLDYyliPz6ULKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/generic_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "Q0iAD89-KUnbRiTFPO_0VNT8mOsemS0J-shKIMDACsjM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_newtype.cp39-win_amd64.pyd" + } + }, + { + "key": "Q04RUF8bDymfu1lxiRYgxtainn9D2e2-ZAcR_5EOEPpk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/parse.cp39-win_amd64.pyd" + } + }, + { + "key": "Q-LjOM95_uhjk5DgPI__6CB_jZZQ2wwbfSqsp9igXu00", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/module_ir.cp39-win_amd64.pyd" + } + }, + { + "key": "Q-dTxqrJYDnNrnNUCquOQP4DNB09FzUuOA8SyXIWEEok", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/refcount.cp39-win_amd64.pyd" + } + }, + { + "key": "Q_uj2PYoYcoMy9pspt7UMlIS6YS3i1vIWQ4ZrNrCAyZw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/int_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "Q_JInK9qk9CDT_I54lJpIk2hmCmc1dLqZIOjElsI8s8M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/expression.cp39-win_amd64.pyd" + } + }, + { + "key": "Q_F2ze88LOEvhbTlI_qN7SD8cMKSbDbBT7gp8Yyh6Xt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/trigger.cp39-win_amd64.pyd" + } + }, + { + "key": "Q_ca0kfJDxo5mE66fNRI21h0Yr3RVm71AhK_BS-_9JB0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/registry.cp39-win_amd64.pyd" + } + }, + { + "key": "QTk0Ot9wa0OniaIqrrkrZTbXaurJIT6QGRcuuj6koZhQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/mergecheck.cp39-win_amd64.pyd" + } + }, + { + "key": "QTIlhTo14coudRr7X6Af3uew_LGmHoKUMMv08feWSmEc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QTHcAQdjrJjLZb0X8vaawctiBSwpdt-1mYpSKcZIw_5Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/classdef.cp39-win_amd64.pyd" + } + }, + { + "key": "QtEX1Xy2w5JkCDQEZrCMjmj_xce3S-ymQuYeie6aaYQM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/indirection.cp39-win_amd64.pyd" + } + }, + { + "key": "QtD8ksRO-eieTQY12Ahz9cxKlYZjRyq_4IVw0CnwMyHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/tuple_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QSXhIq1yYgpFs6Wj0_BA9aer6EyuO1hDwT8ir-W75niQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/misc_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QsVQtiC9uvX-mLFNr0qkvd7e3SG9WgyprTKGnpa61qMM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typestate.cp39-win_amd64.pyd" + } + }, + { + "key": "QSvLnmPfB7cb6xXSSwTpcKYFe2NQHhYNcxFqTHaYMGfU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/api.cp39-win_amd64.pyd" + } + }, + { + "key": "QSV5MVhj8VR8puwP0yN8V6A3vWVjUOAAKp6nFYxyGCqg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/str_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QsBGpzkk-jmTc7l6InrKAegShGnOskNYg14r6Xf2MTEU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/statement.cp39-win_amd64.pyd" + } + }, + { + "key": "QRY0vmVlVYIZ10jYRgPyCfbDoBxsZIFkSUxkQoc8oIjU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/traverser.cp39-win_amd64.pyd" + } + }, + { + "key": "QruOUnPJznZ12Q_2-LoJdGjwww7_e52oVvTm6ER0ZOBQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/messages.cp39-win_amd64.pyd" + } + }, + { + "key": "QrU0lIMm7GwKnW5eU8MHcSOPx2H_oCvHRw28H8Sc3KnY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/nodes.cp39-win_amd64.pyd" + } + }, + { + "key": "QROFMsHEM58karRVoZXGYyNHDp6a-xOwzFkUerVaaY9s", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/enums.cp39-win_amd64.pyd" + } + }, + { + "key": "QRKPFuoNkwA7vzNov4T0dkSK1TvIuU8X8B-dQonSLoLg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/context.cp39-win_amd64.pyd" + } + }, + { + "key": "QR5hTpoDcxRbwLdaKiTO79P7okEVrdEbP78_F7nYH2rs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevars.cp39-win_amd64.pyd" + } + }, + { + "key": "Qr4_yrCPgWTL5Cb6Cp_S_72M6ur-F5ilDtwuI8tUROW4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/generator.cp39-win_amd64.pyd" + } + }, + { + "key": "QR0DTMFwUS_lxaVkimy5bvpwag1ry5oQnuBdZBWbZ20I", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugin.cp39-win_amd64.pyd" + } + }, + { + "key": "Qr06jWMEcOoEVrLXtO7FO6_MvKJ8Xc8V05_G6zTd70HA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QqVQbjzb2mhZos3JQCN4VGpv9XSF7W1Tn91UpOQQ7Lz0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/join.cp39-win_amd64.pyd" + } + }, + { + "key": "QqqP7wuyOmoTMdU5HoY_NbWKU5nxbJYlVzaYpDA3bgzA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/float_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QQqnOp5DyJYOGvq2ov472AaK2ODf7f-fhaKdiJznLGcA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/format_str_tokenizer.cp39-win_amd64.pyd" + } + }, + { + "key": "QQqh_YbitgNIQGWSd9ONXJAGgR2kWe0lr5ow723EH25k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/singledispatch.cp39-win_amd64.pyd" + } + }, + { + "key": "Qqojn7gIcB7Wv2fIbqGXresLgUQR7OKMHCA1BE3hSGII", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QqjoZ0gXMZYrnjiwHBdzrAF4kjkWVf7LHFDoThDuZsKg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/operators.cp39-win_amd64.pyd" + } + }, + { + "key": "QQGHOguOZnEvQmOxdcHfLd603sQbPyVrd2eVN0cVaHHM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkpattern.cp39-win_amd64.pyd" + } + }, + { + "key": "QqD8OgO7DXJx-_Kt2B8Hjmn5g9uoTzapP5sntL1cDQ3Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeanal.cp39-win_amd64.pyd" + } + }, + { + "key": "QQ6TvyY9EE94-BHgdSuhnwZBzz5lnlU586elV5hdPt9U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/dataclasses.cp39-win_amd64.pyd" + } + }, + { + "key": "QPSuni0421lQh3fDqOih2prGUaO0veAMec_zeoVU8raE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/git.cp39-win_amd64.pyd" + } + }, + { + "key": "QpPUy37bwazmpxwhfo7mEGU46W04XnVH5rGSdKyyERhw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/patterns.cp39-win_amd64.pyd" + } + }, + { + "key": "QPLhjp6uHFnUaHCV5mm1pL_hJQLDFOij08jy7tIBgejY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/blockfreq.cp39-win_amd64.pyd" + } + }, + { + "key": "QPHmh3_UGwjD04_aTxRLCnsA53uxQ8JaRQ4qHnfpTlx0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/literals.cp39-win_amd64.pyd" + } + }, + { + "key": "QPawVKWZiSAim127qJ5586C-IpuXb2tq7FvZqdD1ZKMg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/maptype.cp39-win_amd64.pyd" + } + }, + { + "key": "Qp68r4fM_Y92Rpsci0j3GM4YkBfHoW7P7-zIZpwtKuhE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/strconv.cp39-win_amd64.pyd" + } + }, + { + "key": "QP2LXOe8BRISFnDnSh1jUtHqqM1lzPqnSYInS-gTOPs8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/functools.cp39-win_amd64.pyd" + } + }, + { + "key": "QP27LWN2GPewNpqnVFtR-7Ud2gdItaoM9izyq7wbY1IA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mixedtraverser.cp39-win_amd64.pyd" + } + }, + { + "key": "Qp1KArjXiBCz0Xi67eLdlPrFt8C7_LJMfXtJWIvUvSMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_infer.cp39-win_amd64.pyd" + } + }, + { + "key": "QOxRt6_zkew9Jn7OA6GhupHLFQ4e_bcycQUYqa7qsy6M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitwrapper.cp39-win_amd64.pyd" + } + }, + { + "key": "QOUE2bf7brhAFKYoaNG5JdT88H5BeSUvJMNPO2OuJC_0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/literals.cp39-win_amd64.pyd" + } + }, + { + "key": "QoJLUVktiBNxzPcPFCJcNh0tnHMdr9cNlOgRymRcSgXI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/class_ir.cp39-win_amd64.pyd" + } + }, + { + "key": "QohuYeSWwFpIWJuKWznyZU6PJPLXcFR1oE1UvINlZg-o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_util.cp39-win_amd64.pyd" + } + }, + { + "key": "QoErC3szjr1S6DSh6H0unOnmhTY1Wav-alI5CkB-kfRc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/registry.cp39-win_amd64.pyd" + } + }, + { + "key": "QOEbrKDiFjNvUFhVqrB9gcGT68vjtmEBK0C39fzks9mk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/lookup.cp39-win_amd64.pyd" + } + }, + { + "key": "QodA85jGVFQnE5zU9xHag85QANo_XK2Tzam3Uo8lDUCQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typevartuples.cp39-win_amd64.pyd" + } + }, + { + "key": "QOD5OSlpn7ylNqjH1_ioLbQjH7NR88QzobJvMzxDM90U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/state.cp39-win_amd64.pyd" + } + }, + { + "key": "QO5ozk0r5yxZUWFci7-ytxGaoAYWNfzP3PUbSa3D-FhY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_shared.cp39-win_amd64.pyd" + } + }, + { + "key": "Qnwzg4lWG4BAJuJG140afJPhVF5g-kXLTeU9dWLYOUeA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/match.cp39-win_amd64.pyd" + } + }, + { + "key": "QNqsprL9VId5exrbnAr7Cc1kKzOcSekSPt5WKKlHoO-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/ir_transform.cp39-win_amd64.pyd" + } + }, + { + "key": "QnLkGmAfmJmZuCApePNnD20WhQr7HEC4n3EMYG7xK2CQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/ipc.cp39-win_amd64.pyd" + } + }, + { + "key": "QnljdUntKZc3RK6fsWCWsOK6F0JKWJ8xJEM21w18uddc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/function.cp39-win_amd64.pyd" + } + }, + { + "key": "QnElThWUigRRNM4kZLzlQzIaff6T9PT9j8n0WRMwPPt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ll_builder.cp39-win_amd64.pyd" + } + }, + { + "key": "Qn1b_SHM1gVKZw1XZBgJWRZUBw28n35Uk7NDuHeWNdqk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/vtable.cp39-win_amd64.pyd" + } + }, + { + "key": "Qn1arkRYTWrC46beFXMVIijRpFOrhisbd99idplXMkk8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/list_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QmS9IJ8lu4LmEI9g_zMJK5NL_5ypROi20Bbw4k0arEIM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/update.cp39-win_amd64.pyd" + } + }, + { + "key": "QMoSHk2bKAW1qjOmtQO1Pr8igUV6Nr6ILmIfbhp6D9XQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/solve.cp39-win_amd64.pyd" + } + }, + { + "key": "QmhAdheBU5SJElCi2JWyZMrcDBacXdaTp7_i7uCMjvTw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_namedtuple.cp39-win_amd64.pyd" + } + }, + { + "key": "QMeytXvLCD8J4FK9CtTy1mkJj8SJIbWyKxtAn58Ebva0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QmcaCp1E9lEwaIKq0cv_7dQpMNLkVnByv_81KGmATc-Q", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/exprtotype.cp39-win_amd64.pyd" + } + }, + { + "key": "Qm8wd7E8Ogm1FJWOvc965_IsdiJD3-UXWvpUnv946hHI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/lower/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QM2cY79o8zjMt8AK2pgs1ABPhPEjcLc3_9GiQxfa0CuI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/mro.cp39-win_amd64.pyd" + } + }, + { + "key": "QLyjaDuWpdhiuCAFbywYSwkLKPWChYgSp7mfOPQRYA28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/erasetype.cp39-win_amd64.pyd" + } + }, + { + "key": "QLnnqkJ3CMWhesSnFJwn3azgz8Zk0MceV2Hw-a2Fixg8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/cstring.cp39-win_amd64.pyd" + } + }, + { + "key": "QLmAQ0Usqm3QzTuzJAX-l3iZoVaTQz9x9uxSMgEvt5OY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/options.cp39-win_amd64.pyd" + } + }, + { + "key": "QLDjXJ8ul0iRgkW0D78GcZd-dzbWa0D1kDzZ4hcZ8Akg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/subtypes.cp39-win_amd64.pyd" + } + }, + { + "key": "Ql4YDqC0U9wBf0CWsoNzRXsoRLUuIzJqKI8Nt62sf2Io", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/dataflow.cp39-win_amd64.pyd" + } + }, + { + "key": "Qf2DMk1ogD2pVGf_xvXPMay9VL9M9MCdc7u3-CcxzozE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal.cp39-win_amd64.pyd" + } + }, + { + "key": "QffCCnwrhvcxmZAo3ApxnZvAEB-J8BjG36gIr9w22bd0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/func_ir.cp39-win_amd64.pyd" + } + }, + { + "key": "QFHSGsJtLBWtxat3Z6PjV2AfKq66qkissWZdtDnXmg28", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkstrformat.cp39-win_amd64.pyd" + } + }, + { + "key": "QFii85PsnvePo_gG7-0tAzEWdS_vs5kC-jw_qz6NOYPA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/copytype.cp39-win_amd64.pyd" + } + }, + { + "key": "QFjFauhckuIsuQAbBQxwy3s-W3C_kICKfNF5Ing8hwkU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/type_visitor.cp39-win_amd64.pyd" + } + }, + { + "key": "QflN3yUyYqbgIQU27QkCgksmfGklDKFQ2W8u7s9OSJZs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/report.cp39-win_amd64.pyd" + } + }, + { + "key": "QFsg0ECC2Fzd6kLHKgnBMJVOO3QcBQxa-8MiKZwAY_uA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy/client.cp39-win_amd64.pyd" + } + }, + { + "key": "Qg_1EfuD8jR_UoQBjeZMf8OHub0qdKn0LcQPV8IjkqaM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/binder.cp39-win_amd64.pyd" + } + }, + { + "key": "QG_xIYS_2KGBO_UQymUXY518r5E8X5-_B6NPhLJ3atb0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_typeddict.cp39-win_amd64.pyd" + } + }, + { + "key": "Qg0jqNpmE1Ma1w9RSsAjUeUbLaGuCGs6NnCLgfcb5C-8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/defaults.cp39-win_amd64.pyd" + } + }, + { + "key": "Qg7aDwSb0xl3T2w_rg6u5XtsK3MvsnMElP2sfrimNmbA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/set_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QGCDp9X97dh5_eCvnFuYJlk5BhZGROsS8NOUNOfIYB20", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typetraverser.cp39-win_amd64.pyd" + } + }, + { + "key": "QGnuGZG_PGGGSatQ4_MvDf3LpCrj-oMywarphPKsc2Qk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/visitor.cp39-win_amd64.pyd" + } + }, + { + "key": "QgoVyNoMv1Mb3I08SjJuo65JPxBEL-tlOEAZuzL_GOpU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/reachability.cp39-win_amd64.pyd" + } + }, + { + "key": "QGp4UfRd2LnAu3iNnWivkoGl-5og6bZwTl4lBQraQI6o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/copy_propagation.cp39-win_amd64.pyd" + } + }, + { + "key": "QHINREyY5ch9iW-F_Ik2p9cup35ZRMcYCYKhXtaTep70", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitclass.cp39-win_amd64.pyd" + } + }, + { + "key": "QhjrmIuwz17FFS0ij0f-UGfRr2YuCP_hq7Np1okI1-KM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/for_helpers.cp39-win_amd64.pyd" + } + }, + { + "key": "QhP6ph-J3ancnWE2C4ztgzhZnA9YvRO5ulKTvXR-C2qg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/options.cp39-win_amd64.pyd" + } + }, + { + "key": "QHt4DoiUz-XbusPzt4SJgGJU06HQO9zqRWYby2ShPPE8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/sametype.cp39-win_amd64.pyd" + } + }, + { + "key": "QHvUOLKmbPiTNER47t9999qQsAjQDrQ0c_0L9OSXL5BU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/constant_fold.cp39-win_amd64.pyd" + } + }, + { + "key": "Qhw8uDDJ75H_VxGzzoKn18iF6ERqqUSYXEdSu6H9A7EQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types_utils.cp39-win_amd64.pyd" + } + }, + { + "key": "QHzBv11PepHHXseE50x0IjiY3hkiw5GNw3Mx4u8sWK9U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/dict_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QI6_Y5lNVNLoyBR4vp9xxXsTHi2-IAHaJ4mseZMPJtJg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubutil.cp39-win_amd64.pyd" + } + }, + { + "key": "QIASZKKU343hyTsq05fiFvJPcLX1V9kAj-shX_eQ5Nco", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/int_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QiDkb8EYVLW7R5U0nNCt8q13YZCBCHOEqwC3wGGBwxmM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkmember.cp39-win_amd64.pyd" + } + }, + { + "key": "QIFCGnKxS5Ly6TU5ne4HVKnSLy74NQISbm-ahejUj9jI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/memprofile.cp39-win_amd64.pyd" + } + }, + { + "key": "QiiOaIfhjYi9JOsX338vkVIeXs0RRsGgI-KIHor4l4T0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stats.cp39-win_amd64.pyd" + } + }, + { + "key": "QijrHKYUAJ8tgH7ODkdNU1UycXLXOyBYsFFzuJM-vhW8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/refinfo.cp39-win_amd64.pyd" + } + }, + { + "key": "QIMV5-Rzaqm_98yi6pbcka8nVeSuH0eAc-_BypYxyFyw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/aststrip.cp39-win_amd64.pyd" + } + }, + { + "key": "QIRKKanEVMmx8gtunWStFc0YwXy-ZzI7JnnEL7nAagZU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checkexpr.cp39-win_amd64.pyd" + } + }, + { + "key": "QJ3o3IO6Ru7GGyayVjhXSJM1iR_GuEuWoZ2H4rYTTmsg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/builder.cp39-win_amd64.pyd" + } + }, + { + "key": "Qj7LnHTwafWkxsS8FNstL2HHTisGdk79m7Sr7mFcj-Tg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/ircheck.cp39-win_amd64.pyd" + } + }, + { + "key": "Qjp35ap7LoDqMWBgLEwbVEmQcuRp-7fOz_xYZ1Oqyfqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/deps.cp39-win_amd64.pyd" + } + }, + { + "key": "QJPiRoFlaclGYhh44uP5z47fXt-EjVnl_fHzWPmPb5vk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/subtype.cp39-win_amd64.pyd" + } + }, + { + "key": "QKfSmEFkUUu21PZoxNpsv8ofgzfohjmveaRxiJA5NIIw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/infer.cp39-win_amd64.pyd" + } + }, + { + "key": "QkgnTPmAv5n9Sb4UpgVOxtrmKYYuFXi5fkWcmzJTnYPk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/rt_subtype.cp39-win_amd64.pyd" + } + }, + { + "key": "QkJG97y_WKnikHMxOFIfemaGq77YaBWb9AdZBahfy4Z4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/meet.cp39-win_amd64.pyd" + } + }, + { + "key": "QKUOu7yVYhpwMbZFTO5kcXHCjHNv-i83NNbd1W0mAl4g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/prepare.cp39-win_amd64.pyd" + } + }, + { + "key": "QKynfL98RjDRe5BY4eUfWSS_2uMjObVYFaL7FRpEjajM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/proper_plugin.cp39-win_amd64.pyd" + } + }, + { + "key": "QkZz2tEtEoUvkME2h7cyI_T21nFaVxWSfhVeUyLaYS4o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/nonlocalcontrol.cp39-win_amd64.pyd" + } + }, + { + "key": "Ql3uFmMHouqXfXHPtjjxhUPgjfJXmNwLnMtEznLO9eVc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/constant_fold.cp39-win_amd64.pyd" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/lower.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/transform/exceptions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/testutil.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTYb0d5sTxyenhA1hH9ZsIMsaT27UD0gaklR-rF5SOzM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_run.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_external.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_emitfunc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_commandline.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/test_cheader.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTYb0d5sTxyenhA1hH9ZsIMsaT27UD0gaklR-rF5SOzM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/test-data/fixtures/ir.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/tuple_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/str_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/set_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/generic_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/float_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/exc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/dict_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/primitives/bytes_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/registry.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/misc_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/list_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/lower/int_ops.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/lib-rt/setup.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/ll_builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/function.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/for_helpers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/expression.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/irbuild/builder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/external/googletest/src/gtest-port.cc" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/codegen/emitmodule.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/build.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypyc/__main__.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/util.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/typeanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testutil.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testtypes.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubtest.py" + }, + { + "key": "QIJwyHStLVS0lr-zWqJNCf0jn_OMZ5vLASDSHVhlYxYg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/teststubgen.py" + }, + { + "key": "QTYb0d5sTxyenhA1hH9ZsIMsaT27UD0gaklR-rF5SOzM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testsolve.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpythoneval.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testpep561.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmypyc.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testmerge.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfscache.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testfinegrained.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testdaemon.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcmdline.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/testcheck.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_ref_info.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/test_find_sources.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/test/meta/_pytest.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/helpers.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/data.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/test/config.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubtest.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgenc.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/stubgen.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeddict.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal_typeargs.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/semanal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/report.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/default.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugins/dataclasses.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTYb0d5sTxyenhA1hH9ZsIMsaT27UD0gaklR-rF5SOzM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/modulefinder.py" + }, + { + "key": "QIJwyHStLVS0lr-zWqJNCf0jn_OMZ5vLASDSHVhlYxYg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/metastore.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/messages.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTYb0d5sTxyenhA1hH9ZsIMsaT27UD0gaklR-rF5SOzM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/main.py" + }, + { + "key": "QEX7h7vFak7RwJFzqhx05fpiqsQfYSZCCmhO2ua3S9lQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/astdiff.cp39-win_amd64.pyd" + } + }, + { + "key": "QIJwyHStLVS0lr-zWqJNCf0jn_OMZ5vLASDSHVhlYxYg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/ipc.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/git.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fscache.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/fastparse.py", + "props": { + "envVars": "" + } + }, + { + "key": "QTYb0d5sTxyenhA1hH9ZsIMsaT27UD0gaklR-rF5SOzM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/evalexpr.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/errors.py", + "props": { + "envVars": "" + } + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy_server.py" + }, + { + "key": "QrOcgBr_IWc_WKHVHjek4irg8bR8cLfJJa93e30oUMWk", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "mypy/dmypy_os.py" + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/dmypy/client.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/defaults.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/config_parser.py" + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkstrformat.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkpattern.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkmember.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checkexpr.py", + "props": { + "envVars": "" + } + }, + { + "key": "QnBL2LIblDT6KNw3P6vZERxNHMtHjS8UcmXUZ4WWZn24", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/checker.py", + "props": { + "envVars": "" + } + }, + { + "key": "QndBbOExPblOyP-DEl2lzPYUiIBHSAS3p8xidRuqSXz0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mypy/build.py" + }, + { + "key": "QZRUk0WFdIM0gQMZtnMQXzAV9XNAzTkfWfejPoQ3b1X0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "Qzo2LbGz0C-_6NwXfqWJ5lRDN2AfdWh8VljH18nghGRE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/util.cp39-win_amd64.pyd" + } + }, + { + "key": "Qzo-lO_l9156wehLU6m1Gx9TPYlSpUME8ZFjtvJ0HKsY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/checker.cp39-win_amd64.pyd" + } + }, + { + "key": "QZiIuLogFbwTv4w67SIsXxYhvBoSxQxyElKMdTOSs4e8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/selfleaks.cp39-win_amd64.pyd" + } + }, + { + "key": "QZHKvqzevvu86zGVSbl9qKHPaWbI5-uOXM0IdrtudIVg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/pprint.cp39-win_amd64.pyd" + } + }, + { + "key": "QzHdcFWV2WEUYGgDpEpFN1J51liNVFTsOEAs-usxXaqo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_enum.cp39-win_amd64.pyd" + } + }, + { + "key": "QZczvhAiggSRpPARqA8jRC33YIOIJbXiO18YwpeSsyDk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/exc_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QZbKr300Lc0in14j8DzX-CP-vCV2SJGMbd4eAi_5r7i8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/rtypes.cp39-win_amd64.pyd" + } + }, + { + "key": "QZ4l6UT---YnKvNRKZ_Ujz3wbZ1Deo_3Bmh2sKsWTEk0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/build.cp39-win_amd64.pyd" + } + }, + { + "key": "QypB2GVyWqIzbNluRbrPgBWYmm4-baiQxrQR3_lK6JVE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/partially_defined.cp39-win_amd64.pyd" + } + }, + { + "key": "QYLSp8zEBYqciCAPA7E5bHqrY0ZwPT_lLNZBbwQ05h4c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fixup.cp39-win_amd64.pyd" + } + }, + { + "key": "QYJyeSyTycxkt0fqzSCeRcpZofJV-XZP0ZwZvmQFggy4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/semanal_main.cp39-win_amd64.pyd" + } + }, + { + "key": "Qyjube995yb54rrMk0-I8Mjv9oFkt_8nvu4tgTKqZdyI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/visitor.cp39-win_amd64.pyd" + } + }, + { + "key": "QY50NWa5000QvSQjaj5rbBIsAipwjjXntKlrTDzF6JtQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/list_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QY40hZvbukKCkz0X59ozRRrrj1k2Xy5m4Iuw1Ts5328A", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QXuBq0tYeQ_jW_XX7eYG3x9WZ17v19jSz-pLPwPS3ECE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/modulefinder.cp39-win_amd64.pyd" + } + }, + { + "key": "QXu9MWKNHyTblqk4nHtGPsaK40cO4v7xYrfCPycgGHnI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/main.cp39-win_amd64.pyd" + } + }, + { + "key": "QxTsTGnghhFEIFF2R6vTQtzoDx32rkxBRThd4BnRDU84", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/find_sources.cp39-win_amd64.pyd" + } + }, + { + "key": "QxTfSsqyWpcBCZ0Anc6AH_I-lCRBylZ9JtvTIJNIeS24", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QXipArVtbgnUE-SJyz4lqQf1EnVtxtqyzwIHbWCok4LM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/subexpr.cp39-win_amd64.pyd" + } + }, + { + "key": "QX0ghVg3dGFsDmVgcp29rjbR7MkE9ezKe9nzhqRBHIYU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/exceptions.cp39-win_amd64.pyd" + } + }, + { + "key": "QWwFuSqnDhpQOab3kWMrJML5RCb0ICLenj2ZMWPd1-XY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/plugins/default.cp39-win_amd64.pyd" + } + }, + { + "key": "QwoETLUyBxMi-kkEKN4uNsoF_BAK0fDVpM01D-CcaqQQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/env_class.cp39-win_amd64.pyd" + } + }, + { + "key": "QWIcqxBpxJSWVXOfCJQWHRZ5EIyUZu8uGjLK-6q_UtKU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/ir/ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QWEN2a5dVwrx1xczmtHF7jyDoCoY9-YknsYL0imLV4LQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/primitives/misc_ops.cp39-win_amd64.pyd" + } + }, + { + "key": "QW7R1uUJD-HOOPI3cBnqXfgWKs8EI7vzdjEktcum87Bk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/uninit.cp39-win_amd64.pyd" + } + }, + { + "key": "Qw6ziJhAbDJjpL8Ue1WG0Dcd3X5Axjw4ewfzGzzZ-AUQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/evalexpr.cp39-win_amd64.pyd" + } + }, + { + "key": "QVtLapCVc_s8nf_xYcnSvzQdtAp5ayRx-SHCPYAZNdfo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/objgraph.cp39-win_amd64.pyd" + } + }, + { + "key": "QVgYS_ABO7iVAdOo6ZZ9XW_LjT4nTj7TNgXaoy7CXB3Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/mapper.cp39-win_amd64.pyd" + } + }, + { + "key": "QvgfALTLoOmpcjPZDQuioZaPaoiNq6GvqX0crvZYSdnc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emitfunc.cp39-win_amd64.pyd" + } + }, + { + "key": "QVEOpVqpU7o_5bz2jVSrdOaY72WvzbBFSCyug5qb-VQc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubgen.cp39-win_amd64.pyd" + } + }, + { + "key": "QV0_7H2c6WFHT0rsjE30ErlRZHp0kB-mSoPZzhlimGzE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/codegen/emit.cp39-win_amd64.pyd" + } + }, + { + "key": "QuT4r_nnacYVsg-muHyMeRslBt-zh79XLZgfX2Ow-vrc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fswatcher.cp39-win_amd64.pyd" + } + }, + { + "key": "QumW4VUNkMmnoUkUc5pLkCNIBCGsF5WCP_Sjp_RZWVPk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_server.cp39-win_amd64.pyd" + } + }, + { + "key": "QugPXEQyHJqeJsBVCHc6-n4hvXyzC2iVP5h9XT-UIU-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/analysis/attrdefined.cp39-win_amd64.pyd" + } + }, + { + "key": "Qu7PPQgcEXEl_Vm6NUBMuerpHd-o2IUThqqqBtuBQmko", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/typeops.cp39-win_amd64.pyd" + } + }, + { + "key": "Qttfmxji4UfVR5foNbzpi0RKCLBYCRBaKZBui16aIA3w", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/graph_utils.cp39-win_amd64.pyd" + } + }, + { + "key": "QTNFn1Pa1nemqsYeqOS_BJBxQqQ1opGHIfklLotBOHsI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/dmypy_os.cp39-win_amd64.pyd" + } + }, + { + "key": "QtLeycNioVxgkcMSbabveduc7sx_0Jb9cvV_YyUElAms", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/ast_helpers.cp39-win_amd64.pyd" + } + }, + { + "key": "QtKEQ9lSCPkLvjgb0JAnlrDJ9kJuadlvpEtcWeV35Srw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/server/__init__.cp39-win_amd64.pyd" + } + }, + { + "key": "QeTSd0wAQ0PuJWO4DEaHHo667PtEh-9KJeDHjcEL5mQ4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/types.cp39-win_amd64.pyd" + } + }, + { + "key": "QEr53rt6FHYRzpXQ-z0_JheH-6wzhkm3iJ83nICLlP0c", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/errors.cp39-win_amd64.pyd" + } + }, + { + "key": "QEeK5gmPqZrBTlsHige26tcB5ltrKReb56QnjzYLltMs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fscache.cp39-win_amd64.pyd" + } + }, + { + "key": "Qe8JMo0JS0tQhYYUoh950-wUGJpHNJZxJofdhVM2CsJM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/applytype.cp39-win_amd64.pyd" + } + }, + { + "key": "QE4DznEkcL0wsrfXG-VdxgmoKsCdIZxTHJeZcOOv0nT0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/inspections.cp39-win_amd64.pyd" + } + }, + { + "key": "Qe1KXswFqvtwLoH6VQ2NPnTB6y6f86gzIxuKM6ydkoHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/transform/flag_elimination.cp39-win_amd64.pyd" + } + }, + { + "key": "QdV3h1BQEK4Kdlo8VgP2l469QtvD_Esfu3OuyW8Jb-Nw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/irbuild/specialize.cp39-win_amd64.pyd" + } + }, + { + "key": "QdueGku-bsI2euUPF3UbkvPXfC4gj0HGyBXMf_56DD_8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypyc/namegen.cp39-win_amd64.pyd" + } + }, + { + "key": "QDu8nWygh-PLnOduPKmMMvL8q2d7dv6kP4XlNLuOb10g", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/main.cp39-win_amd64.pyd" + } + }, + { + "key": "QDi0AFoml9cQjCkbuM8VQ3qqMAFTZc-tJ5ImuZUi8L74", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/freetree.cp39-win_amd64.pyd" + } + }, + { + "key": "Qd8sToTpRdtSLcoRUc9p3ZxUdhA11MWLXKIul51Rvo-M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/gclogger.cp39-win_amd64.pyd" + } + }, + { + "key": "QCt7qIozI7Gw90uo68-S5Ws-qHsxOz706ZV-LN1ob7sk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/stubinfo.cp39-win_amd64.pyd" + } + }, + { + "key": "QcSpUlfMUid7MyKCSJGZdUH2Wu_PQgB_hCGSzQVIVzcc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/fastparse.cp39-win_amd64.pyd" + } + }, + { + "key": "QcMUC4PTEsXUKkChHnJ9lkuuQJ2LogUCVDuoC_41i9J8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "mypy/test/visitors.cp39-win_amd64.pyd" + } + }, + { + "key": "QcLcNXnD2eCdRmNC4iuCNyAxvPW3fB1UO4kriDdEX3yU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "3204bda914b7f2c6f497__mypyc.cp39-win_amd64.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "pytest-cov", + "version": "6.0.0", + "release": "tar-gz", + "id": "15907378942", + "topLevelAncestors": [ + "6381179126" + ], + "license": "AFL-1.1 AND MIT", + "licenseDetails": [], + "author": [ + "ionel" + ], + "size": 246669, + "score": { + "supplyChain": 0.78, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.78 + }, + "alerts": [ + { + "key": "QNS6-zfk8JWUrT1TaC4gzxiTImp8EDaiwINIbxsBX63Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/ci/bootstrap.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/ci/bootstrap.py", + "props": { + "envVars": "" + } + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/docs/conf.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q-YUSPRfsZetQ55D1g_AQDaY_IDt8uw0Ed_RJuN2fDFk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/setup.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/src/pytest_cov/embed.py", + "props": { + "envVars": "" + } + }, + { + "key": "QHI01dqQv_jU5fXaH8-v73dmt07Q8A_fCE53tj-22tPA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/src/pytest_cov/engine.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/src/pytest_cov/engine.py", + "props": { + "envVars": "" + } + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/src/pytest_cov/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q_SmhNHM9MJOJAweavi7jr3Z1cnOMvvy2iDVeTkCvR_A", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py" + }, + { + "key": "QM62yoL8HFlDVUkEOziq2Qr21TFETA5mlN1qfkFIw6Ws", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q-YUSPRfsZetQ55D1g_AQDaY_IDt8uw0Ed_RJuN2fDFk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py" + }, + { + "key": "QNS6-zfk8JWUrT1TaC4gzxiTImp8EDaiwINIbxsBX63Q", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "pytest-cov-6.0.0/tests/test_pytest_cov.py" + } + ] + }, + { + "type": "pypi", + "name": "pytest-cov", + "version": "6.0.0", + "release": "py3-none-any-whl", + "id": "15907378943", + "topLevelAncestors": [ + "6381179126" + ], + "license": "AFL-1.1 AND MIT", + "licenseDetails": [], + "author": [ + "ionel" + ], + "size": 70358, + "score": { + "supplyChain": 0.92, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.92 + }, + "alerts": [ + { + "key": "Q-fUfKQ83XtKa81DsgTeT2aCmguuKezEWvnoxBsQic5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest_cov/engine.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q-fUfKQ83XtKa81DsgTeT2aCmguuKezEWvnoxBsQic5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest_cov/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q5TdHTSifRiNvWKftpg_5Hk43J6NgGUojbYNfOgAhkdA", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "pytest_cov/engine.py" + }, + { + "key": "Q-fUfKQ83XtKa81DsgTeT2aCmguuKezEWvnoxBsQic5c", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "pytest_cov/embed.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-macosx-10-9-universal2-whl", + "id": "15910541591", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2009614, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QKYJ5JA93QGRO4AvPYEDp4VANKF1woB2-vjKdmeHbeKw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QiSIvm6BbwtJDap5L5DVsitmNiDroGKLdkZ4NvVg3bUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-darwin.so" + } + }, + { + "key": "QKYJ5JA93QGRO4AvPYEDp4VANKF1woB2-vjKdmeHbeKw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-macosx-10-9-x86-64-whl", + "id": "15910541592", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1222297, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QiSIvm6BbwtJDap5L5DVsitmNiDroGKLdkZ4NvVg3bUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-darwin.so" + } + }, + { + "key": "QNjkMEFxTec0b2j4PT_859wX5V42ZA4htAHKXrEcroHI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QNjkMEFxTec0b2j4PT_859wX5V42ZA4htAHKXrEcroHI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-macosx-11-0-arm64-whl", + "id": "15910541593", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1223176, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qoi-5v7U9A0kHlBEn4rQnKLqqKCBvRvwT_H1kIXIWQUI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QiSIvm6BbwtJDap5L5DVsitmNiDroGKLdkZ4NvVg3bUU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-darwin.so" + } + }, + { + "key": "Qoi-5v7U9A0kHlBEn4rQnKLqqKCBvRvwT_H1kIXIWQUI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15910541594", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3104200, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q2WfgQmRIEOFHkZ2Buiie20h7WbzPeZHmncwECUB_rlM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QqtG4hYYx0SfDUpcPh98hMixXaYtEwCNGqT-S7OF91oc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-aarch64-linux-gnu.so" + } + }, + { + "key": "Q2WfgQmRIEOFHkZ2Buiie20h7WbzPeZHmncwECUB_rlM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15910541595", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3171524, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QKaWD6szi_9w7XjGv6qk4vR5U-uwyuhZI9wYCiC4GC88", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QYdfOOhbOjsCbMuuhfBb9xCarrp-FHMRcMuag-bhFdog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QKaWD6szi_9w7XjGv6qk4vR5U-uwyuhZI9wYCiC4GC88", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15910541596", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3062194, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QuIc9volNTJQC5e-NIfhFu1JeJinZIfdArCgJHGWhs_o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QuIc9volNTJQC5e-NIfhFu1JeJinZIfdArCgJHGWhs_o", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QKgFaCEMZuZvodNa1FQ6qlAbM7nPEAlZv98RX9qITqlI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15910541597", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2997877, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qk-rfG9jepVO1nOdFL0lskcXi3uv7XrvtVUGrGheCHrw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qk-rfG9jepVO1nOdFL0lskcXi3uv7XrvtVUGrGheCHrw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QiUcsVUN3ANZEvvEAP7rb4Q379DzmqVgZC6ZaBORf9Ds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15910541598", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2530580, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qwg9HdaT9RNH1rIRrRuxF1jAkyI9P9CGXijFwsbLOY5A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QLkAJrkdEv03BOaWWQkGx6ZFmnWXOP2ZqyWgRHeKSPRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Qwg9HdaT9RNH1rIRrRuxF1jAkyI9P9CGXijFwsbLOY5A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-12-x86-64-manylinux2010-x86-64-whl", + "id": "15910541599", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2655494, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QhWcYQPU1Y8wP7N5yut3ZU_3A50HYJbuT44Dt7ka-0cs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QiUcsVUN3ANZEvvEAP7rb4Q379DzmqVgZC6ZaBORf9Ds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-x86_64-linux-gnu.so" + } + }, + { + "key": "QhWcYQPU1Y8wP7N5yut3ZU_3A50HYJbuT44Dt7ka-0cs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-musllinux-1-2-aarch64-whl", + "id": "15910541600", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2499224, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q5bt8Yoj3F1mgZNrScLHwSkTCGO9cQaZGz5Zg7Z6Dpmk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q5bt8Yoj3F1mgZNrScLHwSkTCGO9cQaZGz5Zg7Z6Dpmk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QqtG4hYYx0SfDUpcPh98hMixXaYtEwCNGqT-S7OF91oc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-musllinux-1-2-i686-whl", + "id": "15910541601", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2371770, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q-T-dXUxW0reM3ImKx7mfftOWvhoM110d_wiW9NZt-tU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QLkAJrkdEv03BOaWWQkGx6ZFmnWXOP2ZqyWgRHeKSPRo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-i386-linux-gnu.so" + } + }, + { + "key": "Q-T-dXUxW0reM3ImKx7mfftOWvhoM110d_wiW9NZt-tU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-musllinux-1-2-ppc64le-whl", + "id": "15910541602", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2647804, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QYdfOOhbOjsCbMuuhfBb9xCarrp-FHMRcMuag-bhFdog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q5Q44sy6Dl5JH9GQu2PrOmacPTDAS3-LTVLw2g46RYUY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q5Q44sy6Dl5JH9GQu2PrOmacPTDAS3-LTVLw2g46RYUY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-musllinux-1-2-s390x-whl", + "id": "15910541603", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2629228, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QKgFaCEMZuZvodNa1FQ6qlAbM7nPEAlZv98RX9qITqlI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-s390x-linux-gnu.so" + } + }, + { + "key": "QvggaDis5AhgNVa78_yFE6IzULuBr0-Dy2O6RD96h20Q", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QvggaDis5AhgNVa78_yFE6IzULuBr0-Dy2O6RD96h20Q", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-musllinux-1-2-x86-64-whl", + "id": "15910541604", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2427054, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QyftYulfPvgP0nM--LkHTwV_z06WuVG0L3EG5Hje8MUk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QyftYulfPvgP0nM--LkHTwV_z06WuVG0L3EG5Hje8MUk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QiUcsVUN3ANZEvvEAP7rb4Q379DzmqVgZC6ZaBORf9Ds", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-310-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-win-amd64-whl", + "id": "15910541605", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1181196, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QNYKUjsryJ_08S-zYYohVJ2BNC2dMfRi-7DJCkkSE95w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QXz2L2gvRuAZQrk2ERJ3vBO2fG72VurdC3nSty4MCLlo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp310-win_amd64.pyd" + } + }, + { + "key": "QNYKUjsryJ_08S-zYYohVJ2BNC2dMfRi-7DJCkkSE95w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp310-cp310-win32-whl", + "id": "15910541606", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1136643, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QjiVXOZ-z7MPI-PJ89JQOyR5_4Cf_-9auOuV9QSmQH5U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp310-win32.pyd" + } + }, + { + "key": "Q-nIm73kK_hxLffplhPGHJiMy9qiLT3SJtYUD65P0Xss", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q-nIm73kK_hxLffplhPGHJiMy9qiLT3SJtYUD65P0Xss", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-macosx-10-9-universal2-whl", + "id": "15910541607", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2009614, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q5_JTElNM8g8B2R5aWUCHyIJqNWoIgvidyEt1mx7MeSg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-darwin.so" + } + }, + { + "key": "QO_PKnkprw7XSAQTvab7BxvYO7Con01aUzhx8A6pipzQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QO_PKnkprw7XSAQTvab7BxvYO7Con01aUzhx8A6pipzQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-macosx-10-9-x86-64-whl", + "id": "15910541608", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1222297, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q5_JTElNM8g8B2R5aWUCHyIJqNWoIgvidyEt1mx7MeSg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-darwin.so" + } + }, + { + "key": "QoVQHGqhwbJ3J17JjnFoSoitj58EiTOCPIL27SqH6YMA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QoVQHGqhwbJ3J17JjnFoSoitj58EiTOCPIL27SqH6YMA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-macosx-11-0-arm64-whl", + "id": "15910541609", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1223176, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QCxeywETrNWtGsMaZwzEAOY4sGardwbEtZcsnCyNv0OA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QCxeywETrNWtGsMaZwzEAOY4sGardwbEtZcsnCyNv0OA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q5_JTElNM8g8B2R5aWUCHyIJqNWoIgvidyEt1mx7MeSg", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15910541610", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3147088, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QIBam7WKrd-ysZp37AIERtKmtoMO4uZv1JU-bNLfbeoM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-aarch64-linux-gnu.so" + } + }, + { + "key": "Q2k4hUm6635mtxRVhtvY9bLXlWVGTPhWL3dyhbBI6B4g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q2k4hUm6635mtxRVhtvY9bLXlWVGTPhWL3dyhbBI6B4g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15910541611", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3212284, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QPS1JDAoSKoG8EDHFNneqOMs-95kVdLtiv4t6tKT7Owc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-powerpc64le-linux-gnu.so" + } + }, + { + "key": "Q8bb4TzgtUkVpngwn4f67xQote4Hw56pbl9ExepsKdqM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q8bb4TzgtUkVpngwn4f67xQote4Hw56pbl9ExepsKdqM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15910541612", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3099850, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QOEZlMJAeQEu62PB3RUYB9KLr1eMzhR7gQBeQKl8mqCA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QOEZlMJAeQEu62PB3RUYB9KLr1eMzhR7gQBeQKl8mqCA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QFYR8_VMIvNgz1N7Kt6R7Xbq53GeU9FdzWgcgKtJLS-k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15910542692", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3037581, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QPpoJENl65rs2P88k5JaQlKOGGIaKhmWFrPC7Xr8hwCI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QPpoJENl65rs2P88k5JaQlKOGGIaKhmWFrPC7Xr8hwCI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QtoBXLqnEwCSDh-62sNYIxBtLlGgyy4T4zemy6T3F3nA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15910542693", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2557432, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QTV7Ew9ZsRidfgv1v6yttQgi6eUiVaJ8xdQdNwleMMS4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QTV7Ew9ZsRidfgv1v6yttQgi6eUiVaJ8xdQdNwleMMS4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Qe-FALem0oYBmq-BiaI_nqfIhdCpZxDkjk-nhD3lNprY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-i386-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-musllinux-1-2-aarch64-whl", + "id": "15910542694", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2525009, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QDDRdTpYa7tq385RfLH5Tvt60XT3rA8DPmWzdKfZL4Jk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QXTVMFbMaknI8z22RDs1-j0kxANad1PEWt-7j9zDw8QI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-aarch64-linux-musl.so" + } + }, + { + "key": "QDDRdTpYa7tq385RfLH5Tvt60XT3rA8DPmWzdKfZL4Jk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-musllinux-1-2-i686-whl", + "id": "15910542695", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2393767, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q1SK5HoJ2aq6toatnz9IZ8HNtG39cAcZR1sUfIy9FXc0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Qxr2Xu4tWIsC7hf7_gs9h7DDp3KUwORCgtudeAVcX6tc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-i386-linux-musl.so" + } + }, + { + "key": "Q1SK5HoJ2aq6toatnz9IZ8HNtG39cAcZR1sUfIy9FXc0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-musllinux-1-2-ppc64le-whl", + "id": "15910542696", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2674421, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QCFIWPlyob4nfs6f1cX5v-9hF9x4DlRUwFfN_-5Vu3J0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QCFIWPlyob4nfs6f1cX5v-9hF9x4DlRUwFfN_-5Vu3J0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QF6jZ-Pyle5pTdlCCRt5pmViBy5IIGYu7Om_x9E5bsYM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-powerpc64le-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-musllinux-1-2-s390x-whl", + "id": "15910542697", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2656381, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qehugo1yyLKdDQmFBG5CAjp7HMtuK0bT0Da9h-FnGRVU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qehugo1yyLKdDQmFBG5CAjp7HMtuK0bT0Da9h-FnGRVU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q_XGgeJQJGv5tGHmK4tMLadJx6ibMIRsP8MIEiYSvEIA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-s390x-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-musllinux-1-2-x86-64-whl", + "id": "15910542698", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2452311, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QXNfvzOQmc19sHArzvVzLQ6ke14MS8KUWg-T49vzqUyQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-311-x86_64-linux-musl.so" + } + }, + { + "key": "QU_8CbZFXlm36YJ78I-ArnWIualjaRJYv85RNrMCsNLA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QU_8CbZFXlm36YJ78I-ArnWIualjaRJYv85RNrMCsNLA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-win-amd64-whl", + "id": "15910542699", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1181196, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QUnOvOCvi9Jwn9yXt8Mzrxy8s0RF6pcNZLbEzInDTH4Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp311-win_amd64.pyd" + } + }, + { + "key": "QkcemC1ngSHQfcotOMMp8MBnaup3NdIp169gJoHDU43E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QkcemC1ngSHQfcotOMMp8MBnaup3NdIp169gJoHDU43E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp311-cp311-win32-whl", + "id": "15910542700", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1136643, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qu0-HMz9byt2C7-mbNs9ILGbVv8sbeZ0_CxZwDboaW38", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QEDH7RAIxWWQ5b9xPfVKIwLBOaem-RTeccnqLu6r6vao", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp311-win32.pyd" + } + }, + { + "key": "Qu0-HMz9byt2C7-mbNs9ILGbVv8sbeZ0_CxZwDboaW38", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-macosx-10-13-universal2-whl", + "id": "15910542701", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2009647, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QuJprSSjOtctJH716BtlKHSny1k5zsLqMD6RmDjrH-l0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QuJprSSjOtctJH716BtlKHSny1k5zsLqMD6RmDjrH-l0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QdpH2BBN4xPrQISMaLTyVp01m7mnRk0JVOyWsp6KQGNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-macosx-10-13-x86-64-whl", + "id": "15910542702", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1226434, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QlfAaTLH09kjCPBFFPSf9GWoyhnrIKecMlTNVn_nQH2A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QdpH2BBN4xPrQISMaLTyVp01m7mnRk0JVOyWsp6KQGNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-darwin.so" + } + }, + { + "key": "QlfAaTLH09kjCPBFFPSf9GWoyhnrIKecMlTNVn_nQH2A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-macosx-11-0-arm64-whl", + "id": "15910542703", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1223224, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QQW3qfnUgEkUUTpquHf6tWxk9jyWjH-d0Foq5M-i8F94", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QdpH2BBN4xPrQISMaLTyVp01m7mnRk0JVOyWsp6KQGNA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-darwin.so" + } + }, + { + "key": "QQW3qfnUgEkUUTpquHf6tWxk9jyWjH-d0Foq5M-i8F94", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15910542704", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3156528, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q1h5nFTsgvb-jyw0BF55hxNr9kYxx56xhi3q3m8IwEts", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QX4eo8PTsZdRxsmkm6BYF0g-6PQ58VIplZS5_7j7e-JY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-aarch64-linux-gnu.so" + } + }, + { + "key": "Q1h5nFTsgvb-jyw0BF55hxNr9kYxx56xhi3q3m8IwEts", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15910542705", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3221324, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QXEAVt6dK_SYij_Wat1WCdCp9yOfA2sPdR_EbZvuRQJY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QXEAVt6dK_SYij_Wat1WCdCp9yOfA2sPdR_EbZvuRQJY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QCEZu_cHwOnCQx6VxbQdIGVqABBx3WTvmXQ6YbJ5ZrA4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-powerpc64le-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15910542706", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3125114, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QW18JBQkQ4CpLvPWqtfkyZRBpisvfqVZg-gqBM1B83ug", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-s390x-linux-gnu.so" + } + }, + { + "key": "QkAiKItv2BH03t2CLwHw9Lk87a4kQiUxuol-tDVZDrng", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QkAiKItv2BH03t2CLwHw9Lk87a4kQiUxuol-tDVZDrng", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15910542707", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3054373, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QOn60RHftiVNl7ME9O8zKIDgRZCSc7M0zf1w0al8_8nI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-x86_64-linux-gnu.so" + } + }, + { + "key": "QQbD7VYX23xuyIKe5dGGaHTd59gES1vWVcwEMBXc7ZVY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QQbD7VYX23xuyIKe5dGGaHTd59gES1vWVcwEMBXc7ZVY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15910542708", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2574800, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QKqM5zCuPh9r5tEHYtqW4fXJuHY7d-byFmiJeE-3H7Fs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-i386-linux-gnu.so" + } + }, + { + "key": "Qq8F9HtUbcxg8JzUPpvrBTA3wmhrdiNVTlBtXN8RS6_c", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qq8F9HtUbcxg8JzUPpvrBTA3wmhrdiNVTlBtXN8RS6_c", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-musllinux-1-2-aarch64-whl", + "id": "15910542709", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2545065, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q7uTqUV99ah0nvMfYtfkTifv8A-vVi5K3y8pwgeXff3g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QJ5RdD6ZOpprPg7BlbuBjt343W7kMdpuG7BavZ469CAE", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-aarch64-linux-musl.so" + } + }, + { + "key": "Q7uTqUV99ah0nvMfYtfkTifv8A-vVi5K3y8pwgeXff3g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-musllinux-1-2-i686-whl", + "id": "15910542710", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2417507, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qq313_T4ulrhc_g1K5ZhYReha0QYYqpa9Ir1OjDF3hMk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qq313_T4ulrhc_g1K5ZhYReha0QYYqpa9Ir1OjDF3hMk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Qej9SankUCJoY0OW-WxY6QZPC5jyDixDcqZPTBHBzxrA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-i386-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-musllinux-1-2-ppc64le-whl", + "id": "15910542711", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2691029, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qu5YTtnL496P9175d4jWJxT-0xE4VPnhLK_XIrnI_NH0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QRsO09uiOKc0b9z7WEOfT8Nnaeh30ot-I7eJE1pNxYEs", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qu5YTtnL496P9175d4jWJxT-0xE4VPnhLK_XIrnI_NH0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-musllinux-1-2-s390x-whl", + "id": "15910542712", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2678429, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QoZgTRnpm2D2esWr7HCZk1ICcTRYQK1_1uIfqsekuPOM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QoZgTRnpm2D2esWr7HCZk1ICcTRYQK1_1uIfqsekuPOM", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QPZwyDu7b72mEN6chRT8nDpUM9mq6fc0bfRud3-FFFA8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-s390x-linux-musl.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-musllinux-1-2-x86-64-whl", + "id": "15910542713", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2476223, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QmUbiLnbSIUki2ZRbaPpd7vd932mq-MyMIR7ceFnsJt4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-312-x86_64-linux-musl.so" + } + }, + { + "key": "QOnQKG_WYXPzqY4-7sURPEy6nhWzJnv2Y7vQTmGChVK4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QOnQKG_WYXPzqY4-7sURPEy6nhWzJnv2Y7vQTmGChVK4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-win-amd64-whl", + "id": "15910542714", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1180684, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QqPJJDXV2OD9iP0HXfLaOHQpws30BKUdSBXOTXoXGNs0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q2DX-D8UbOY3kYqmFAJJtl2OZaOy6gwS6XUNQrrEgRac", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp312-win_amd64.pyd" + } + }, + { + "key": "QqPJJDXV2OD9iP0HXfLaOHQpws30BKUdSBXOTXoXGNs0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp312-cp312-win32-whl", + "id": "15910542715", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1138691, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QL3az8frM8UqLUPxAHbG2gvJh9HfV0qgzKmIsJh3gLJQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q4zWphDJyVrf2DruA_bggS1ji8if0boPRXIE8u6MVeog", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp312-win32.pyd" + } + }, + { + "key": "QL3az8frM8UqLUPxAHbG2gvJh9HfV0qgzKmIsJh3gLJQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-macosx-10-13-universal2-whl", + "id": "15910542716", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2009551, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QX6hD4A42hFq2xelCyXGDb1nSAKgWafhwA7M_-FraZA8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QHliHOXDtbkIP-aDa6YxI843atDz9GElq7ysGmDbwAxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-darwin.so" + } + }, + { + "key": "QX6hD4A42hFq2xelCyXGDb1nSAKgWafhwA7M_-FraZA8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-macosx-10-13-x86-64-whl", + "id": "15910542717", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1222242, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QPGbNj88CRb5kr7WEzqhUD3PGSOtwIjpo1-Vp1zLya-Q", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QPGbNj88CRb5kr7WEzqhUD3PGSOtwIjpo1-Vp1zLya-Q", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QHliHOXDtbkIP-aDa6YxI843atDz9GElq7ysGmDbwAxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-macosx-11-0-arm64-whl", + "id": "15910542718", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1223128, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QL36o2PA0d2yS4sdPxzZ1FIcKbMCN0oe5ozeD9QkfvVI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QHliHOXDtbkIP-aDa6YxI843atDz9GElq7ysGmDbwAxY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-darwin.so" + } + }, + { + "key": "QL36o2PA0d2yS4sdPxzZ1FIcKbMCN0oe5ozeD9QkfvVI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15910542719", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3156952, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qyua4nS6tE33QMJ4PpuGAK5FrF4JJbjyOxzMV07xOOOI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QbQqZfCs7SpTlKz9xQtuHtmOE_wYxj-wB1UxyXb5tSvo", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-aarch64-linux-gnu.so" + } + }, + { + "key": "Qyua4nS6tE33QMJ4PpuGAK5FrF4JJbjyOxzMV07xOOOI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15910542720", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3221836, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QLCHcrJoan7OQFg9ph8ZBEllCWpC-2qkQ1Wh0KLMJVug", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QKAF2WREx3TjysgR-Z8kNVZjRy1CGkWyU6riU4BNq24M", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QLCHcrJoan7OQFg9ph8ZBEllCWpC-2qkQ1Wh0KLMJVug", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15910542721", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3125586, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QbYaxoiQ4Uei_O7sP6F5LB-GfXB07QIvNdhd9S0Fsj3w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QbYaxoiQ4Uei_O7sP6F5LB-GfXB07QIvNdhd9S0Fsj3w", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QQP9JdxbrpkPfYumxnTKccT-jCQoKguTu4Euskw52kQA", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-s390x-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15910542722", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3054805, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q35cdtOvIlzM_D5oBl_50S9Wdbon04aSn1gLfdO_2Tjs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q35cdtOvIlzM_D5oBl_50S9Wdbon04aSn1gLfdO_2Tjs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q51cU1xEqOV_IQ1GddOQ8erlMv78Tp2aDGbpft5ZlvgQ", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15910542723", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2575244, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QDXh7FAq9GaQZ0YUPo7VIu-uzlKLk4tEhBtbdKy4n8EA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q8SZYqQvUoGYQrSDBnMS_J_JtOT4phGy-5Woq18WXbMY", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-i386-linux-gnu.so" + } + }, + { + "key": "QDXh7FAq9GaQZ0YUPo7VIu-uzlKLk4tEhBtbdKy4n8EA", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-musllinux-1-2-aarch64-whl", + "id": "15910542724", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2545473, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qti-D1gHzOZIZk-Kp04FD10pGNWlIAcgaK76YxhJAY9s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q7nE7fjLpt5lsLR4BQ9Iwe4o7OF2fLIPAw607TMrIDI0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-aarch64-linux-musl.so" + } + }, + { + "key": "Qti-D1gHzOZIZk-Kp04FD10pGNWlIAcgaK76YxhJAY9s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-musllinux-1-2-i686-whl", + "id": "15910542725", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2417903, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QSOlZ1wJocT7XGQ9sg9sOg4VTIBoOKIZeEfMSHyRsg7E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QZmZkpdOzGzxXQwNVz5Q8BC_bkMVcFEwMCc-tLVSYXwk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-i386-linux-musl.so" + } + }, + { + "key": "QSOlZ1wJocT7XGQ9sg9sOg4VTIBoOKIZeEfMSHyRsg7E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-musllinux-1-2-ppc64le-whl", + "id": "15910542726", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2691501, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qh-7WP3Ku3KfAIfY6gN_dcKZx3NQtmFNVgYxuPLrq4QI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-powerpc64le-linux-musl.so" + } + }, + { + "key": "Qrax-gxVzt6EhaIdYbShzGU7jkDiCKPXuxO9hM5wbEwg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Qrax-gxVzt6EhaIdYbShzGU7jkDiCKPXuxO9hM5wbEwg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-musllinux-1-2-s390x-whl", + "id": "15910542727", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2678717, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QFiShgFazSVnztZoYBy47XEAOOX8wAkfhibKmsW2wNTI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-s390x-linux-musl.so" + } + }, + { + "key": "QLX9vz9wNbUPHAmdogCe7a2sG4gIBKsg3JeXi5WaGjMs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QLX9vz9wNbUPHAmdogCe7a2sG4gIBKsg3JeXi5WaGjMs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-musllinux-1-2-x86-64-whl", + "id": "15910542728", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2476599, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QDa2P7MYVW9sHeP9YgVDiwWvyrn6hKw0uOnpdhl7Mk1s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q3nr05K4lWmERLyLZ2aN9CgeyRfNimNjTdwyjAKDb0_o", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-313-x86_64-linux-musl.so" + } + }, + { + "key": "QDa2P7MYVW9sHeP9YgVDiwWvyrn6hKw0uOnpdhl7Mk1s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-win-amd64-whl", + "id": "15910542729", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1180684, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QzMECeSFU7Yik3KbZ1qEZF3jNmEa4mkA5W_5WJWdechU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp313-win_amd64.pyd" + } + }, + { + "key": "Qdk0iPnhUUPyle4nrcXjs8oRwLbNuhUanQ1alQfz8ezI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qdk0iPnhUUPyle4nrcXjs8oRwLbNuhUanQ1alQfz8ezI", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp313-cp313-win32-whl", + "id": "15910542730", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1138691, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QVyxarnltCxt4CAqnQAfipl7O6x3L_vFXiId9_Zy7WR4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QVyxarnltCxt4CAqnQAfipl7O6x3L_vFXiId9_Zy7WR4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QOUyyvpwK4aC1H-sXzEPivBr0YfTZWmsSKjHsXETZqMw", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp313-win32.pyd" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-macosx-10-9-universal2-whl", + "id": "15910542731", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2009611, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q8493X67eZs-GmJpfwyJzLQp2VBXp4k7OG82CkxFqaSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-darwin.so" + } + }, + { + "key": "Q5vISX6FFTIIz-U8Y5Nns_9aN_0TM237x1HXD4gUphVY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q5vISX6FFTIIz-U8Y5Nns_9aN_0TM237x1HXD4gUphVY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-macosx-10-9-x86-64-whl", + "id": "15910542732", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1222286, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QSBxZ_1MdYkc8uVpzVcLA-UULw7NMUpkaOnBMp3loMSs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QSBxZ_1MdYkc8uVpzVcLA-UULw7NMUpkaOnBMp3loMSs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q8493X67eZs-GmJpfwyJzLQp2VBXp4k7OG82CkxFqaSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-darwin.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-macosx-11-0-arm64-whl", + "id": "15910542733", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1223165, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QzZgx_Vvzi-0tKAvLr-gV5S_N046An7XHMPNC94IMFtc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Q8493X67eZs-GmJpfwyJzLQp2VBXp4k7OG82CkxFqaSM", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-darwin.so" + } + }, + { + "key": "QzZgx_Vvzi-0tKAvLr-gV5S_N046An7XHMPNC94IMFtc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15910542734", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3122203, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QUQ7AQRM57sg7qrZ0qUOnpdLNdIVtXfSpW25FkPaMF0E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-aarch64-linux-gnu.so" + } + }, + { + "key": "QM3_XeqK_YTczU2JSawDFCSrWeqq8OavVV4BYVlpZYHY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QM3_XeqK_YTczU2JSawDFCSrWeqq8OavVV4BYVlpZYHY", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15910542735", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3191687, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QMFX-lyprtaPBFos9ximKF1hYXNAArONCLqdqMsE4_y4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QI7KF04JcKbT6X-A7--vXhFsV45c8r5nD0jrdM-zroDc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QI7KF04JcKbT6X-A7--vXhFsV45c8r5nD0jrdM-zroDc", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15910542736", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3079445, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QI3CzW6vFE3BrZMkfJ57CLD2iPtrNwrCrys07T7Lqh4g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QhQffcdkxg2LRuqKTFPXfUTI3Y_RUBlQ8aj5wMa0A6nI", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-s390x-linux-gnu.so" + } + }, + { + "key": "QI3CzW6vFE3BrZMkfJ57CLD2iPtrNwrCrys07T7Lqh4g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15910542737", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15910542738", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-12-x86-64-manylinux2010-x86-64-whl", + "id": "15910542739", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-musllinux-1-2-aarch64-whl", + "id": "15910542740", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-musllinux-1-2-i686-whl", + "id": "15910542741", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-musllinux-1-2-ppc64le-whl", + "id": "15910542742", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-musllinux-1-2-s390x-whl", + "id": "15910542743", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "tar-gz", + "id": "15910543499", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3548895, + "score": { + "supplyChain": 0.92, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.92 + }, + "alerts": [ + { + "key": "Q7Fyp24R5x_3vggJ_2G30vuVf4hyqvOWXiBhnkqx24Ag", + "type": "ambiguousClassifier", + "severity": "low", + "category": "license", + "props": { + "classifier": "License :: OSI Approved :: Apache Software License", + "filepathOrProvenance": "regex-2024.11.6/regex.egg-info/PKG-INFO" + } + }, + { + "key": "QMHXNfzjaK4rdFIiNJ2-Z3M1lAmnsNsS0xbnM9qfet0g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex-2024.11.6/regex_3/_regex_core.py" + }, + { + "key": "QMHXNfzjaK4rdFIiNJ2-Z3M1lAmnsNsS0xbnM9qfet0g", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex-2024.11.6/regex_3/regex.py" + }, + { + "key": "QwHSBVTKEtCXH5SgVZT2FAwP5G7Zho7WABeYUtEsDdM0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "regex-2024.11.6/setup.py" + }, + { + "key": "QwHSBVTKEtCXH5SgVZT2FAwP5G7Zho7WABeYUtEsDdM0", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "regex-2024.11.6/tools/build_regex_unicode.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-musllinux-1-2-x86-64-whl", + "id": "15910543574", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2437499, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QjjyhtBXh0hgan5YhUAJUC_ncUFuPY31UDAdBnRY6Xc4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-38-x86_64-linux-gnu.so" + } + }, + { + "key": "Qce4PX6GYCRSza13h-rfEnssfAv_WZLbcyqdGTJ0kDqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qce4PX6GYCRSza13h-rfEnssfAv_WZLbcyqdGTJ0kDqU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-win-amd64-whl", + "id": "15910543575", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1181704, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qcj2MwVWpwe8b9ojmQeMfid5m0k4PloUfii4241Z76B4", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp38-win_amd64.pyd" + } + }, + { + "key": "QdHfEmB4uLhr5siUKNWzeb4BqC5hVYuyTWLdGwMaiKOk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QdHfEmB4uLhr5siUKNWzeb4BqC5hVYuyTWLdGwMaiKOk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp38-cp38-win32-whl", + "id": "15910543576", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1136640, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QRH5pVwrRRVlOuuw9D-f5vDP8MCSyyFHYtpNKXZUm-NQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QxXOfr0KZ6if5A2Ybgl_Isi6MxIuYeYHt3PuEjP-ex9E", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp38-win32.pyd" + } + }, + { + "key": "QRH5pVwrRRVlOuuw9D-f5vDP8MCSyyFHYtpNKXZUm-NQ", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-macosx-10-9-universal2-whl", + "id": "15910543577", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2009611, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q-xD1usIx3k3Lzo8gtB5-AIjRxnDXRxqt9pEpCI0mPKw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QMhsTJFnlYuT7I3nmRWOdckN3PlSs5RcEvK20uaF2_Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-darwin.so" + } + }, + { + "key": "Q-xD1usIx3k3Lzo8gtB5-AIjRxnDXRxqt9pEpCI0mPKw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-macosx-10-9-x86-64-whl", + "id": "15910543578", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1222294, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QMhsTJFnlYuT7I3nmRWOdckN3PlSs5RcEvK20uaF2_Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-darwin.so" + } + }, + { + "key": "QsrID6ewPySChJutWyZpNffmVxI-0lpn3GgXQp5XI02A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QsrID6ewPySChJutWyZpNffmVxI-0lpn3GgXQp5XI02A", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-macosx-11-0-arm64-whl", + "id": "15910543579", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1223165, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QMhsTJFnlYuT7I3nmRWOdckN3PlSs5RcEvK20uaF2_Ts", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-darwin.so" + } + }, + { + "key": "Qp6f-XKeBvpdSvclKQ74mIcEUJe5SparP-_Bg90xHkc0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Qp6f-XKeBvpdSvclKQ74mIcEUJe5SparP-_Bg90xHkc0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-manylinux-2-17-aarch64-manylinux2014-aarch64-whl", + "id": "15910543580", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3102179, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q5QH9fcE1ZUqjbxXrrZfJG2wdMpUIL7zUC7pxJpU9ot4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q5QH9fcE1ZUqjbxXrrZfJG2wdMpUIL7zUC7pxJpU9ot4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QvcfBeR6Bt60crQFAtBN123OnjXORMiELwfPs7mdBQio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-aarch64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-manylinux-2-17-ppc64le-manylinux2014-ppc64le-whl", + "id": "15910543581", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3169687, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QN1zqlSvneQZ0XgH30C5RtYenIJlobd5fyDgnYsxmxDk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QXP-fghpoewfz8-BF7t4LxiinhDgv7ZWmOb9bfvSmFH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QN1zqlSvneQZ0XgH30C5RtYenIJlobd5fyDgnYsxmxDk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-manylinux-2-17-s390x-manylinux2014-s390x-whl", + "id": "15910543582", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 3060253, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qb3C1hp6Ib3p3cWWj2DQn26DZsFO8wW68j6Ejn9YMyN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QOuBX83OdWItvzvHC1HRaKsKX1w8yH0FWsIJVwIibpv8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QOuBX83OdWItvzvHC1HRaKsKX1w8yH0FWsIJVwIibpv8", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-manylinux-2-17-x86-64-manylinux2014-x86-64-whl", + "id": "15910543583", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2995616, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QL7Fz4ijR-jittVVOUB-3IkMj-MF08qRFr3g8m7LnOD0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QL7Fz4ijR-jittVVOUB-3IkMj-MF08qRFr3g8m7LnOD0", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qxz-abJpIC0OYNBSDu8WPHCqw-Xn7dGA7zQzbrSTEpHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-manylinux-2-5-i686-manylinux1-i686-manylinux-2-17-i686-manylinux2014-i686-whl", + "id": "15910543584", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2529019, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QfKzpDdpfoqXVvasBKsEJU0ahTOJtBw4AZB-m3v5K8BU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QQU0xu3yQ3_TtyruPyQISDnqPGpR1QRrLaI0n6e_lukc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "QfKzpDdpfoqXVvasBKsEJU0ahTOJtBw4AZB-m3v5K8BU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-manylinux-2-5-x86-64-manylinux1-x86-64-manylinux-2-12-x86-64-manylinux2010-x86-64-whl", + "id": "15910543585", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2653341, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qxz-abJpIC0OYNBSDu8WPHCqw-Xn7dGA7zQzbrSTEpHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-x86_64-linux-gnu.so" + } + }, + { + "key": "Qcf7ebZ8DaqUMrLTTKOidCOHfn9h5k7jv1txv1WHgk5E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qcf7ebZ8DaqUMrLTTKOidCOHfn9h5k7jv1txv1WHgk5E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-musllinux-1-2-aarch64-whl", + "id": "15910543586", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2497941, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QpGOWjWiMSfgDvQa4L4zXwl_F6fB-Bsy_XnqHGvekdOU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QvcfBeR6Bt60crQFAtBN123OnjXORMiELwfPs7mdBQio", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-aarch64-linux-gnu.so" + } + }, + { + "key": "QpGOWjWiMSfgDvQa4L4zXwl_F6fB-Bsy_XnqHGvekdOU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-musllinux-1-2-i686-whl", + "id": "15910543587", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2370587, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Qj1DcY5LYrsdIaknmt2F-z6sWZWvbhcLBKLFp06dsyEw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QQU0xu3yQ3_TtyruPyQISDnqPGpR1QRrLaI0n6e_lukc", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-i386-linux-gnu.so" + } + }, + { + "key": "Qj1DcY5LYrsdIaknmt2F-z6sWZWvbhcLBKLFp06dsyEw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-musllinux-1-2-ppc64le-whl", + "id": "15910543588", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2646513, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QXP-fghpoewfz8-BF7t4LxiinhDgv7ZWmOb9bfvSmFH0", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-powerpc64le-linux-gnu.so" + } + }, + { + "key": "QsXp6UIATYATMdUQPc6rPzhtzsswbY8-wRk6O7_qebZ4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "QsXp6UIATYATMdUQPc6rPzhtzsswbY8-wRk6O7_qebZ4", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-musllinux-1-2-s390x-whl", + "id": "15910543589", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2627873, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QOfhgG4k28KS6v3GLYwYqNi0uTPu1MSvCt7ecea_gzxU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qb3C1hp6Ib3p3cWWj2DQn26DZsFO8wW68j6Ejn9YMyN8", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-s390x-linux-gnu.so" + } + }, + { + "key": "QOfhgG4k28KS6v3GLYwYqNi0uTPu1MSvCt7ecea_gzxU", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-musllinux-1-2-x86-64-whl", + "id": "15910543590", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 2425691, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "Q9wgl7fofbFFeyTnZFX2ZrNSGwi9H-ykxGETtt1OFyrs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q9wgl7fofbFFeyTnZFX2ZrNSGwi9H-ykxGETtt1OFyrs", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "Qxz-abJpIC0OYNBSDu8WPHCqw-Xn7dGA7zQzbrSTEpHU", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cpython-39-x86_64-linux-gnu.so" + } + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-win-amd64-whl", + "id": "15910543591", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1181704, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QadBwY9mtJAiq-OBREwfRQ-gqPuTvtyVEP1Tt2WnYg4U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp39-win_amd64.pyd" + } + }, + { + "key": "QHkBtsYShRvfU3AMwaNBQIyiBvS9eLmViNOSTBLvUxSw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + }, + { + "key": "QHkBtsYShRvfU3AMwaNBQIyiBvS9eLmViNOSTBLvUxSw", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + } + ] + }, + { + "type": "pypi", + "name": "regex", + "version": "2024.11.6", + "release": "cp39-cp39-win32-whl", + "id": "15910543592", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0", + "licenseDetails": [], + "author": [ + "mrabarnett" + ], + "size": 1136640, + "score": { + "supplyChain": 0.93, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.93 + }, + "alerts": [ + { + "key": "QxBBbZQFfXbXVvnmCZ_62-2iw5B582huwTvPZQZ3UxUo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/regex.py" + }, + { + "key": "Q7pt5IwbjMsMYb6Gkc6S2lT7_5qqwYVJByxXSKPy60Hk", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "regex/_regex.cp39-win32.pyd" + } + }, + { + "key": "QxBBbZQFfXbXVvnmCZ_62-2iw5B582huwTvPZQZ3UxUo", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "regex/_regex_core.py" + } + ] + }, + { + "type": "pypi", + "name": "packaging", + "version": "24.2", + "release": "tar-gz", + "id": "15911206379", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "AFL-1.1 AND Apache-2.0 AND BSD-2-Clause", + "licenseDetails": [], + "author": [ + "brettcannon", + "dstufft", + "pf_moore", + "pradyunsg" + ], + "size": 2474039, + "score": { + "supplyChain": 0.56, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.8, + "overall": 0.56 + }, + "alerts": [ + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/_parser.py" + }, + { + "key": "QlrtqArA9FLiBtJkcoxR9wV6jDganbqTQjrb7D6Rgmaw", + "type": "unidentifiedLicense", + "severity": "low", + "category": "license", + "props": { + "location": "packaging-24.2/docs/licenses.rst" + } + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/docs/conf.py" + }, + { + "key": "QKJsl3Vs20X0L7dwRi170JruD6Q8O2kITV3IX5Kuc5Fg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/_manylinux.py" + }, + { + "key": "QKJsl3Vs20X0L7dwRi170JruD6Q8O2kITV3IX5Kuc5Fg", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/_musllinux.py" + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/_musllinux.py" + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/licenses/__init__.py" + }, + { + "key": "QemZQfyPj9YZX7on2s3zdV90_fRjT8WnRBGJG9ZilFjU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/markers.py", + "props": { + "envVars": "" + } + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/src/packaging/tags.py" + }, + { + "key": "QemZQfyPj9YZX7on2s3zdV90_fRjT8WnRBGJG9ZilFjU", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging-24.2/tests/test_markers.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qyg9tpb2PyE2NP_IXczHkoSrxZwZA6c42-962FV8_yBk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/tests/test_metadata.py" + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/tests/test_musllinux.py" + }, + { + "key": "QPUGOY-m7_a5GMse1KZdJ7G1Ltnp_sflwE-d7FTDJOq0", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging-24.2/tests/test_tags.py" + } + ] + }, + { + "type": "pypi", + "name": "packaging", + "version": "24.2", + "release": "py3-none-any-whl", + "id": "15911206380", + "topLevelAncestors": [ + "6381179126", + "15835012723", + "15917547152", + "15921473454" + ], + "license": "Apache-2.0 AND BSD-2-Clause", + "licenseDetails": [], + "author": [ + "brettcannon", + "dstufft", + "pf_moore", + "pradyunsg" + ], + "size": 235077, + "score": { + "supplyChain": 0.86, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.86 + }, + "alerts": [ + { + "key": "QSsO_z7bU_1CXniA22vhQTZoRX_uoyfgbmHK0b0LmQQI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging/_musllinux.py" + }, + { + "key": "QSsO_z7bU_1CXniA22vhQTZoRX_uoyfgbmHK0b0LmQQI", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging/tags.py" + }, + { + "key": "Q-m5XfyiYnvdbCvtAcDXgStoSwDiu6mWMfF95aTztCRk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging/_musllinux.py" + }, + { + "key": "Q-m5XfyiYnvdbCvtAcDXgStoSwDiu6mWMfF95aTztCRk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging/_manylinux.py" + }, + { + "key": "QZeOOsILXBXtlKGW6KCgX6b9OesUSSiEPVPQpcdj-t1E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging/_parser.py" + }, + { + "key": "QZeOOsILXBXtlKGW6KCgX6b9OesUSSiEPVPQpcdj-t1E", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "packaging/licenses/__init__.py" + }, + { + "key": "Q4IKfb8r0oqiivrcVY149-l_2lvXS7eBAg6Lb5YCC9tg", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "packaging/markers.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "faker", + "version": "33.1.0", + "release": "tar-gz", + "id": "15917547152", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt" + } + ], + "topLevelAncestors": [], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "faker", + "version": "33.1.0", + "release": "py3-none-any-whl", + "id": "15917547153", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt" + } + ], + "topLevelAncestors": [], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "pytest", + "version": "8.3.4", + "release": "tar-gz", + "id": "15918419823", + "topLevelAncestors": [ + "6381179126" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "pytest", + "version": "8.3.4", + "release": "py3-none-any-whl", + "id": "15918419824", + "topLevelAncestors": [ + "6381179126" + ], + "licenseDetails": [], + "score": { + "supplyChain": 1, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 1 + }, + "alerts": [] + }, + { + "type": "pypi", + "name": "six", + "version": "1.17.0", + "release": "tar-gz", + "id": "15919471954", + "topLevelAncestors": [ + "15917547152", + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "gutworth" + ], + "size": 134390, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "QsWo3FBa69NYVgLwmixr_hmX2spVn6Ffc_iS5hvdgY-U", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "six-1.17.0/six.py", + "props": { + "envVars": "" + } + }, + { + "key": "QMIxld9s1p5ay4OyMBC_ry-J1YQ3uDSNcNtjNwO90SqU", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "six-1.17.0/setup.py" + } + ] + }, + { + "type": "pypi", + "name": "six", + "version": "1.17.0", + "release": "py2-py3-none-any-whl", + "id": "15919471955", + "topLevelAncestors": [ + "15917547152", + "15921473454" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "gutworth" + ], + "size": 37975, + "score": { + "supplyChain": 0.98, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.98 + }, + "alerts": [ + { + "key": "Q0Z03tYbPqliWL7tKH8UHTRTZ_-XK6bLXKZsdolxl6gI", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "six.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "sticker-convert", + "version": "2.10.8", + "release": "py3-none-any-whl", + "id": "15920039377", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 127, + "end": 150 + } + ], + "topLevelAncestors": [], + "license": "GPL-2.0 AND GPL-2.0+", + "licenseDetails": [], + "author": [ + "laggykiller" + ], + "size": 11431813, + "score": { + "supplyChain": 0.06, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.06 + }, + "alerts": [ + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_line_auth.py" + }, + { + "key": "QSRXxXRoTNB31YoYHPOX-98-ercurMcwY3RmpTrQch2Q", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QC2Fvd9OPWpyaI8a-8v_REAuobu3LrNgwf11LIXUw1Ro", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sticker_convert/ios-message-stickers-template/stickers.xcodeproj/project.xcworkspace/xcuserdata/niklaspeterson.xcuserdatad/UserInterfaceState.xcuserstate" + } + }, + { + "key": "QdrkUlhYTBTA0hT60T_DE-giVyzwAtTD5u5tQNirC21k", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sticker_convert/resources/NotoColorEmoji.ttf" + } + }, + { + "key": "Q26ncGOGywa-Vti9pyVkYgqAe5z9x8s_AobxslYlfu8M", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QCCUFNEO90Dc_ZEN8H9pFAHteUxuHfkKxDwxs5E412Kk", + "type": "malware", + "severity": "critical", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_discord_auth.py", + "props": { + "id": 341285, + "note": "The code is designed to extract Discord authentication tokens by utilizing Chrome Remote Debugging to execute JavaScript within the browser context to retrieve the token. This poses a significant security risk as it allows unauthorized access to Discord accounts without user consent. The extracted tokens could be used to hijack user accounts or perform other malicious activities." + } + }, + { + "key": "QtylvaXwUhVTayFTLTqLThvVImb-RGCmwnxfoW2G0mDA", + "type": "gptAnomaly", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_viber_auth.py", + "props": { + "risk": "medium", + "notes": "The code is designed to extract sensitive authentication information from the Viber application by accessing its process memory. This poses a significant security risk as it can be used for unauthorized access to a user's Viber account. The operations performed by the code are high-risk due to the direct memory access and potential for extracting sensitive information.", + "severity": 0.6, + "confidence": 1 + } + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/cli.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/converter.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/definitions.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_base.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_base.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_discord.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_line.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_line.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_line.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/downloaders/download_viber.py" + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/gui.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/gui.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/frames/cred_frame.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/discord_get_auth_window.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/kakao_get_auth_window.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/kakao_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/line_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/signal_get_auth_window.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/signal_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/viber_get_auth_window.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/gui_components/windows/viber_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/job.py" + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/job.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/job.py", + "props": { + "envVars": "" + } + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/job_option.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/compress_wastickers.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/upload_signal.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/upload_signal.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/upload_telegram.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/uploaders/xcode_imessage.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_discord_auth.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_kakao_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_kakao_desktop_auth.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_line_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_signal_auth.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_signal_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "QVn0O5BOYXUXLq-tErkhxrmuN2AKqu0hfmhw9Bxm0Z54", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/callback.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "Q4K4hCC0wt5j5pn-96yypjGZpJewFJCzfhJZohsjPGOM", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/chrome_remotedebug.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/files/cache_store.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/files/json_manager.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/files/metadata_handler.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/files/run_bin.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/files/run_bin.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/media/codec_info.py" + }, + { + "key": "Q6fCZRsbO15JwafD6MRvBHM3rURazaXCLmscfKg9RQec", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/process.py" + }, + { + "key": "Q9aLMGFXaSS4M0VpAZBBhNauzDd2ZL3xbu8sRpIJXlAs", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/process.py" + }, + { + "key": "QSgKOsP8fOM1zMXnm_ni2VIINVfPZm_2ErCklIVOzF_M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert/utils/process.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "faraday-plugins", + "version": "1.20.21", + "release": "tar-gz", + "id": "15921473454", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 94, + "end": 118 + } + ], + "topLevelAncestors": [], + "license": "GPL-3.0", + "licenseDetails": [], + "author": [ + "faradaysec" + ], + "size": 845137, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/ncrack/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Z38Gb7LAj235o2WNq7JFmOl41A5LIaHOecAym6WfnU", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QhEf1ldb9VBna384CbFMtZF0unj8OTvbx3KNHM83pLZ0", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/manager.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/commands.py" + }, + { + "key": "QPGSor6e2p5sVWu8cVkn7FAD83T4lpviOq8mD-tFDKnY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/commands.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/commands.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/plugin.py" + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/arachni/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/arachni/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/amap/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/appscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/bandit/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "Q5OxjGTWl8hptg64VY4cpGjz2qBBVnX9-iYOVXnUSC3s", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/hydra/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/lynis/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/medusa/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/naabu/plugin.py" + }, + { + "key": "QPGSor6e2p5sVWu8cVkn7FAD83T4lpviOq8mD-tFDKnY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/nuclei_legacy/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/openvas/plugin.py" + }, + { + "key": "QPGSor6e2p5sVWu8cVkn7FAD83T4lpviOq8mD-tFDKnY", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/nuclei/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/peepingtom/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/pasteanalyzer/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/shodan/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/skipfish/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/sshdefaultscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/snyk/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/sslyze/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/telnet/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/sslyzejson/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/wapiti/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/wapiti/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/webfuzzer/plugin.py" + }, + { + "key": "QWUUQpV7845gIMyNkGy19ZOAElDBuhOBCpDXl6fGzo0M", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/webfuzzer/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/whitesource/plugin.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/tests/test_cli.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/setup.py" + }, + { + "key": "Q63RMIbMjWNG2i8Gnt8JW65ZzgxHGaZwygM4VEeR3AZ4", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/tests/test_report_collection.py" + }, + { + "key": "QgLzzPEL3pvI6UQM2y3H-LSfT9_whrDLe8gkz23Kn17E", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/tests/test_report_collection.py" + } + ] + }, + { + "type": "pypi", + "name": "faraday-plugins", + "version": "1.20.21", + "release": "py3-none-any-whl", + "id": "15921474311", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 94, + "end": 118 + } + ], + "topLevelAncestors": [], + "license": "GPL-3.0", + "licenseDetails": [], + "author": [ + "faradaysec" + ], + "size": 832756, + "score": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.49 + }, + "alerts": [ + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/wapiti/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/sslyzejson/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/telnet/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q6Z38Gb7LAj235o2WNq7JFmOl41A5LIaHOecAym6WfnU", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QhEf1ldb9VBna384CbFMtZF0unj8OTvbx3KNHM83pLZ0", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/commands.py" + }, + { + "key": "Q1oud5qmKgsCTNV98kDyHfIee3hUZroD6dGGLy2TQEhE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/commands.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/commands.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/appscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/appscan_csv/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/sslyze/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/amap/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/arachni/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/arachni/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "QApakWttHdKK1NOsstAXWHegbzYeN80UjuSy0A7LQ7wg", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/faraday_csv/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/webfuzzer/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/hydra/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/whitesource/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/lynis/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/naabu/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/medusa/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/ncrack/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "Q1oud5qmKgsCTNV98kDyHfIee3hUZroD6dGGLy2TQEhE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/nuclei/plugin.py" + }, + { + "key": "Q1oud5qmKgsCTNV98kDyHfIee3hUZroD6dGGLy2TQEhE", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/nuclei_legacy/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/openvas/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/pasteanalyzer/plugin.py" + }, + { + "key": "QUQdbFYMz8vRwojuCUt_I-bogSdf-AzVLHVPDnZY1ihs", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/snyk/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/skipfish/plugin.py" + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/shodan/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/sshdefaultscan/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "QjxxG2S_YzeM-zJN1sikD8DA0L9ZekV7IHwAhBY1Lfto", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/webfuzzer/plugin.py" + }, + { + "key": "Qt98lTteiSFVp_A2zcIKk_H-xBwoOkjsXW0nRy_g6ae4", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins/plugins/repo/wapiti/plugin.py", + "props": { + "envVars": "" + } + } + ] + }, + { + "type": "pypi", + "name": "sticker-convert", + "version": "2.10.8", + "release": "tar-gz", + "id": "15921496871", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 127, + "end": 150 + } + ], + "topLevelAncestors": [], + "license": "GPL-2.0 AND GPL-2.0+", + "licenseDetails": [], + "author": [ + "laggykiller" + ], + "size": 11537126, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.25 + }, + "alerts": [ + { + "key": "QSRXxXRoTNB31YoYHPOX-98-ercurMcwY3RmpTrQch2Q", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QA0sa5aGCr_JDOyMlC7RJ9JR3oZWIPg8FBviqtxlCNAw", + "type": "gptAnomaly", + "severity": "low", + "category": "supplyChainRisk", + "props": { + "risk": "medium", + "notes": "The code contains multiple potential security risks, including unauthorized file writes, command injection, information leakage, and code injection. It should be reviewed and modified to ensure proper input validation, sanitization, and secure handling of user input. The presence of 'eval' raises concerns about the safety and security of the code.", + "severity": 0.7, + "confidence": 0.8 + } + }, + { + "key": "QeTCiXdcOHY5Ktc6W9ZZrLYn8JLjT21ny6Xs5ZzCYlT0", + "type": "gptSecurity", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "notes": "The code is designed to extract sensitive authentication information from the Viber application by accessing its process memory. This poses a significant security risk as it can be used for unauthorized access to a user's Viber account. The operations performed by the code are high-risk due to the direct memory access and potential for extracting sensitive information.", + "severity": 0.7, + "confidence": 0.9 + } + }, + { + "key": "Qm2D5xqRiZ6rZPKRBsPb-8uI1nj5Gg66pXQgAQc56H64", + "type": "gptSecurity", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "notes": "The code is designed to extract Discord authentication tokens, which poses a significant security risk if done without user consent. The use of Chrome Remote Debugging for this purpose is concerning and aligns with potentially malicious behavior.", + "severity": 0.8, + "confidence": 0.9 + } + }, + { + "key": "Q5slAGLVSVGSe9oJgCr04r5xnB7jtPJkqYOdj2s_K25U", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sticker_convert-2.10.8/src/sticker_convert/ios-message-stickers-template/stickers.xcodeproj/project.xcworkspace/xcuserdata/niklaspeterson.xcuserdatad/UserInterfaceState.xcuserstate" + } + }, + { + "key": "QKLLP2Li-oX4lPqE3MlnJGOSlqF-uxCESzw0bI9BAY-Y", + "type": "hasNativeCode", + "severity": "middle", + "category": "supplyChainRisk", + "props": { + "source": "sticker_convert-2.10.8/src/sticker_convert/resources/NotoColorEmoji.ttf" + } + }, + { + "key": "Q26ncGOGywa-Vti9pyVkYgqAe5z9x8s_AobxslYlfu8M", + "type": "nonpermissiveLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-2.0 AND GPL-2.0+" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_base.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_base.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/definitions.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_kakao.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/converter.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_line.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_line.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_line.py", + "props": { + "envVars": "" + } + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/cli.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/cli.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_viber.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/downloaders/download_discord.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/frames/cred_frame.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/discord_get_auth_window.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/kakao_get_auth_window.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/kakao_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/viber_get_auth_window.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/viber_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/signal_get_auth_window.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/signal_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/gui_components/windows/line_get_auth_window.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/job.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/job.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/job.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/job_option.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/compress_wastickers.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_telegram.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_signal.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_signal.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/xcode_imessage.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/uploaders/upload_viber.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_line_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_line_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_signal_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_signal_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_desktop_auth.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_auth.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_kakao_auth.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/cache_store.py" + }, + { + "key": "QpEoQ5y1AaAobEMSazxeWg_-3BaDldHT1z9DuSOK2lnk", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/callback.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QDXuiuQmCHqTiKfSnnmPDkWfIzqyoyF6e0IHJI4zinyg", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/chrome_remotedebug.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/json_manager.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/metadata_handler.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/run_bin.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/files/run_bin.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_discord_auth.py" + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/media/codec_info.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/tests/test_download.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/process.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/process.py" + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/process.py", + "props": { + "envVars": "" + } + }, + { + "key": "QIZxFQPRAKnOPJSBUji34B7xY9eYPUR33XV8Gfxb6jks", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/tests/test_export.py", + "props": { + "envVars": "" + } + }, + { + "key": "QVVKfsiVs91TmFNWz_Fogwa77wXhJRro0vTfDMSou4fk", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_viber_auth.py" + }, + { + "key": "QDW6vTSXNsajNOaA6TJzFeeCt-OTapGxD5cft_1FA2Tc", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "sticker_convert-2.10.8/src/sticker_convert/utils/auth/get_viber_auth.py" + } + ] + } + ] + } +} \ No newline at end of file diff --git a/tests/data/fullscans/new_scan/metadata.json b/tests/data/fullscans/new_scan/metadata.json new file mode 100644 index 0000000..ce055b2 --- /dev/null +++ b/tests/data/fullscans/new_scan/metadata.json @@ -0,0 +1,21 @@ +{ + "success": true, + "status": 200, + "data": { + "id": "new", + "created_at": "2025-01-05T17:29:57.448Z", + "updated_at": "2025-01-05T17:29:57.448Z", + "organization_id": "164600", + "organization_slug": "test_org", + "repository_id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "committers": [ + "Code Author" + ], + "repo": "basic-python", + "branch": "test/big-diff-pr", + "commit_message": "updated pyyaml2", + "commit_hash": "5efacb1a6270c3c446fd54af652599400872c52c", + "pull_request": 1, + "html_report_url": "https://socket.dev/dashboard/org/test_org/sbom/c2d9b98b-bf42-47af-b011-e32613eced13" + } +} \ No newline at end of file diff --git a/tests/data/fullscans/new_scan/stream_scan.json b/tests/data/fullscans/new_scan/stream_scan.json new file mode 100644 index 0000000..fb790f5 --- /dev/null +++ b/tests/data/fullscans/new_scan/stream_scan.json @@ -0,0 +1,348 @@ +{ + "success": true, + "status": 200, + "artifacts": { + "dp1": { + "type": "pypi", + "name": "direct_package_1", + "version": "1.6.0", + "release": "tar-gz", + "id": "dp1", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 119, + "end": 150 + } + ], + "topLevelAncestors": [], + "license": "MIT", + "licenseDetails": [], + "author": [ + "didix21" + ], + "size": 106479, + "score": { + "supplyChain": 0.96, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.96 + }, + "alerts": [ + { + "key": "dp1_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/mdutils/fileutils/fileutils.py" + }, + { + "key": "dp1_alert_2", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "mdutils-1.6.0/setup.py" + } + ] + }, + "dp1_t1": { + "type": "pypi", + "name": "dp1_transitive_1", + "version": "8.1.7", + "release": "py3-none-any-whl", + "id": "dp1_t1", + "topLevelAncestors": [ + "dp1" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "dp1_t1_alert_1", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/parser.py" + }, + { + "key": "dp1_t1_alert_2", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click/shell_completion.py" + }, + { + "key": "dp1_t1_alert_3", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/shell_completion.py", + "props": { + "envVars": "" + } + } + ] + }, + "dp1_t2": { + "type": "pypi", + "name": "dp1_transitive_2", + "version": "2.0.0", + "release": "py3-none-any-whl", + "id": "dp1_t2", + "topLevelAncestors": [ + "dp1" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "dp1_t2_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py" + } + ] + }, + "dp3": { + "type": "pypi", + "name": "direct_package_3", + "version": "1.20.21", + "release": "tar-gz", + "id": "dp3", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 94, + "end": 118 + } + ], + "topLevelAncestors": [], + "license": "GPL-3.0", + "licenseDetails": [], + "author": [ + "faradaysec" + ], + "size": 845137, + "score": { + "supplyChain": 0.42, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 0.7, + "overall": 0.42 + }, + "alerts": [ + { + "key": "dp3_alert_1", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "faraday_plugins-1.20.21/faraday_plugins/plugins/repo/ncrack/plugin.py", + "props": { + "envVars": "" + } + }, + { + "key": "dp3_alert_2", + "type": "copyleftLicense", + "severity": "low", + "category": "license", + "props": { + "licenseId": "GPL-3.0" + } + } + ] + }, + "dp3_t1": { + "type": "pypi", + "name": "dp3_transitive_1", + "version": "8.1.7", + "release": "py3-none-any-whl", + "id": "dp3_t1", + "topLevelAncestors": [ + "dp3" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 353767, + "score": { + "supplyChain": 0.75, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.75 + }, + "alerts": [ + { + "key": "dp3_t1_alert_1", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py" + }, + { + "key": "dp3_t1_alert_2", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "click/testing.py", + "props": { + "envVars": "" + } + } + ] + }, + "dp3_t1_release2": { + "type": "pypi", + "name": "dp3_transitive_1", + "version": "8.1.7", + "release": "tar-gz", + "id": "dp3_t1_release2", + "topLevelAncestors": [ + "dp3" + ], + "license": "BSD-3-Clause", + "licenseDetails": [], + "size": 922627, + "score": { + "supplyChain": 0.49, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.49 + }, + "alerts": [ + { + "key": "dp3_t1_r1_alert_1", + "type": "shellAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/shell_completion.py" + }, + { + "key": "dp3_t1_r1_alert_2", + "type": "filesystemAccess", + "severity": "low", + "category": "supplyChainRisk", + "file": "click-8.1.7/src/click/formatting.py" + } + ] + }, + "dp3_t2": { + "type": "pypi", + "name": "dp3_transitive_2", + "version": "4.12.3", + "release": "py3-none-any-whl", + "id": "dp3_t2", + "topLevelAncestors": [ + "dp3", + "dp4" + ], + "license": "MIT", + "licenseDetails": [], + "author": [ + "leonard" + ], + "size": 618628, + "score": { + "supplyChain": 0.25, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.25 + }, + "alerts": [ + { + "key": "dp3_t2_alert_1", + "type": "envVars", + "severity": "low", + "category": "supplyChainRisk", + "file": "bs4/__init__.py", + "props": { + "envVars": "" + } + }, + { + "key": "dp3_t2_alert_2", + "type": "networkAccess", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/element.py" + }, + { + "key": "dp3_t2_alert_3", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "bs4/css.py" + } + ] + }, + "dp4": { + "type": "pypi", + "name": "direct_package_4", + "version": "1.0.1", + "release": "tar-gz", + "id": "dp4", + "direct": true, + "manifestFiles": [ + { + "file": "requirements.txt", + "start": 14, + "end": 34 + } + ], + "topLevelAncestors": [], + "license": "BSD-3-Clause", + "licenseDetails": [], + "author": [ + "bbc", + "theskumar" + ], + "size": 160044, + "score": { + "supplyChain": 0.8, + "quality": 1, + "maintenance": 1, + "vulnerability": 1, + "license": 1, + "overall": 0.8 + }, + "alerts": [ + { + "key": "dp4_alert_1", + "type": "usesEval", + "severity": "middle", + "category": "supplyChainRisk", + "file": "python-dotenv-1.0.1/setup.py" + } + ] + } + } +} \ No newline at end of file diff --git a/tests/data/repos/repo_info_error.json b/tests/data/repos/repo_info_error.json new file mode 100644 index 0000000..48966f5 --- /dev/null +++ b/tests/data/repos/repo_info_error.json @@ -0,0 +1,5 @@ +{ + "success": false, + "status": 404, + "message": "No repository found" +} \ No newline at end of file diff --git a/tests/data/repos/repo_info_no_head.json b/tests/data/repos/repo_info_no_head.json new file mode 100644 index 0000000..b8ea91f --- /dev/null +++ b/tests/data/repos/repo_info_no_head.json @@ -0,0 +1,16 @@ +{ + "data": { + "id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "created_at": "2024-11-12T20:36:21.221Z", + "updated_at": "2024-12-10T23:20:51.206Z", + "head_full_scan_id": "", + "name": "basic-python", + "description": "", + "homepage": "https://github.com/test_org/basic-python", + "visibility": "public", + "archived": false, + "default_branch": "main" + }, + "success": true, + "status": 200 +} \ No newline at end of file diff --git a/tests/data/repos/repo_info_success.json b/tests/data/repos/repo_info_success.json new file mode 100644 index 0000000..d6d4964 --- /dev/null +++ b/tests/data/repos/repo_info_success.json @@ -0,0 +1,16 @@ +{ + "data": { + "id": "f639d6c9-acc3-4d8a-9fb5-2090ad651c7e", + "created_at": "2024-11-12T20:36:21.221Z", + "updated_at": "2024-12-10T23:20:51.206Z", + "head_full_scan_id": "head", + "name": "basic-python", + "description": "", + "homepage": "https://github.com/test_org/basic-python", + "visibility": "public", + "archived": false, + "default_branch": "main" + }, + "success": true, + "status": 200 +} \ No newline at end of file diff --git a/tests/data/settings/security-policy.json b/tests/data/settings/security-policy.json new file mode 100644 index 0000000..8cba594 --- /dev/null +++ b/tests/data/settings/security-policy.json @@ -0,0 +1,297 @@ +{ + "success": true, + "status": 200, + "securityPolicyRules": { + "gptSecurity": { + "action": "ignore" + }, + "gptAnomaly": { + "action": "ignore" + }, + "gptMalware": { + "action": "ignore" + }, + "filesystemAccess": { + "action": "error" + }, + "networkAccess": { + "action": "warn" + }, + "shellAccess": { + "action": "ignore" + }, + "debugAccess": { + "action": "ignore" + }, + "criticalCVE": { + "action": "error" + }, + "cve": { + "action": "monitor" + }, + "mediumCVE": { + "action": "monitor" + }, + "mildCVE": { + "action": "monitor" + }, + "emptyPackage": { + "action": "ignore" + }, + "trivialPackage": { + "action": "ignore" + }, + "noREADME": { + "action": "ignore" + }, + "shrinkwrap": { + "action": "monitor" + }, + "licenseSpdxDisj": { + "action": "error" + }, + "unsafeCopyright": { + "action": "ignore" + }, + "licenseChange": { + "action": "ignore" + }, + "nonOSILicense": { + "action": "ignore" + }, + "deprecatedLicense": { + "action": "ignore" + }, + "missingLicense": { + "action": "ignore" + }, + "nonSPDXLicense": { + "action": "ignore" + }, + "unclearLicense": { + "action": "ignore" + }, + "mixedLicense": { + "action": "ignore" + }, + "notice": { + "action": "ignore" + }, + "modifiedLicense": { + "action": "ignore" + }, + "modifiedException": { + "action": "ignore" + }, + "licenseException": { + "action": "ignore" + }, + "deprecatedException": { + "action": "ignore" + }, + "miscLicenseIssues": { + "action": "ignore" + }, + "unidentifiedLicense": { + "action": "ignore" + }, + "noLicenseFound": { + "action": "ignore" + }, + "explicitlyUnlicensedItem": { + "action": "ignore" + }, + "copyleftLicense": { + "action": "warn" + }, + "nonpermissiveLicense": { + "action": "ignore" + }, + "ambiguousClassifier": { + "action": "ignore" + }, + "invalidPackageJSON": { + "action": "ignore" + }, + "httpDependency": { + "action": "warn" + }, + "gitDependency": { + "action": "error" + }, + "gitHubDependency": { + "action": "warn" + }, + "fileDependency": { + "action": "ignore" + }, + "noTests": { + "action": "ignore" + }, + "noRepository": { + "action": "ignore" + }, + "badSemver": { + "action": "ignore" + }, + "badSemverDependency": { + "action": "ignore" + }, + "noV1": { + "action": "ignore" + }, + "noWebsite": { + "action": "ignore" + }, + "noBugTracker": { + "action": "ignore" + }, + "noAuthorData": { + "action": "ignore" + }, + "typeModuleCompatibility": { + "action": "ignore" + }, + "floatingDependency": { + "action": "ignore" + }, + "manifestConfusion": { + "action": "ignore" + }, + "malware": { + "action": "error" + }, + "telemetry": { + "action": "monitor" + }, + "troll": { + "action": "error" + }, + "deprecated": { + "action": "monitor" + }, + "chronoAnomaly": { + "action": "ignore" + }, + "compromisedSSHKey": { + "action": "ignore" + }, + "semverAnomaly": { + "action": "ignore" + }, + "newAuthor": { + "action": "ignore" + }, + "unstableOwnership": { + "action": "monitor" + }, + "missingAuthor": { + "action": "ignore" + }, + "unmaintained": { + "action": "ignore" + }, + "unpublished": { + "action": "monitor" + }, + "majorRefactor": { + "action": "ignore" + }, + "missingTarball": { + "action": "ignore" + }, + "suspiciousStarActivity": { + "action": "ignore" + }, + "unpopularPackage": { + "action": "monitor" + }, + "socketUpgradeAvailable": { + "action": "ignore" + }, + "longStrings": { + "action": "ignore" + }, + "highEntropyStrings": { + "action": "ignore" + }, + "urlStrings": { + "action": "ignore" + }, + "usesEval": { + "action": "error" + }, + "dynamicRequire": { + "action": "ignore" + }, + "envVars": { + "action": "warn" + }, + "missingDependency": { + "action": "ignore" + }, + "unusedDependency": { + "action": "ignore" + }, + "peerDependency": { + "action": "ignore" + }, + "uncaughtOptionalDependency": { + "action": "ignore" + }, + "unresolvedRequire": { + "action": "ignore" + }, + "extraneousDependency": { + "action": "ignore" + }, + "obfuscatedRequire": { + "action": "ignore" + }, + "obfuscatedFile": { + "action": "warn" + }, + "minifiedFile": { + "action": "ignore" + }, + "installScripts": { + "action": "ignore" + }, + "hasNativeCode": { + "action": "ignore" + }, + "binScriptConfusion": { + "action": "ignore" + }, + "shellScriptOverride": { + "action": "ignore" + }, + "didYouMean": { + "action": "error" + }, + "gptDidYouMean": { + "action": "ignore" + }, + "bidi": { + "action": "ignore" + }, + "zeroWidth": { + "action": "ignore" + }, + "badEncoding": { + "action": "ignore" + }, + "homoglyphs": { + "action": "ignore" + }, + "invisibleChars": { + "action": "ignore" + }, + "suspiciousString": { + "action": "ignore" + }, + "potentialVulnerability": { + "action": "ignore" + } + } +} \ No newline at end of file diff --git a/tests/unit/__init__.py b/tests/unit/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/tests/unit/test_cli_config.py b/tests/unit/test_cli_config.py new file mode 100644 index 0000000..db7b1f5 --- /dev/null +++ b/tests/unit/test_cli_config.py @@ -0,0 +1,31 @@ +import pytest +from socketsecurity.config import CliConfig + +class TestCliConfig: + def test_api_token_from_env(self, monkeypatch): + monkeypatch.setenv("SOCKET_SECURITY_API_KEY", "test-token") + config = CliConfig.from_args([]) # Empty args list + assert config.api_token == "test-token" + + def test_required_args(self): + """Test that api token is required if not in environment""" + with pytest.raises(ValueError, match="API token is required"): + config = CliConfig.from_args([]) + if not config.api_token: + raise ValueError("API token is required") + + def test_default_values(self): + # Test that default values are set correctly + config = CliConfig.from_args(["--api-token", "test"]) + assert config.branch == "" + assert config.target_path == "./" + assert config.files == "[]" + + @pytest.mark.parametrize("flag,attr", [ + ("--enable-debug", "enable_debug"), + ("--disable-blocking", "disable_blocking"), + ("--allow-unverified", "allow_unverified") + ]) + def test_boolean_flags(self, flag, attr): + config = CliConfig.from_args(["--api-token", "test", flag]) + assert getattr(config, attr) is True \ No newline at end of file diff --git a/tests/unit/test_client.py b/tests/unit/test_client.py new file mode 100644 index 0000000..3998d39 --- /dev/null +++ b/tests/unit/test_client.py @@ -0,0 +1,125 @@ +import pytest +from unittest.mock import Mock, patch +import requests +from socketsecurity.core.cli_client import CliClient +from socketsecurity.core.socket_config import SocketConfig +from socketsecurity.core.exceptions import APIFailure + +@pytest.fixture +def config(): + return SocketConfig( + api_key="test_key", + timeout=30, + allow_unverified_ssl=False + ) + +@pytest.fixture +def client(config): + return CliClient(config) + +def test_encode_key(): + """Test the static key encoding method""" + encoded = CliClient._encode_key("test_key") + assert encoded == "dGVzdF9rZXk6" # base64 of "test_key:" + +def test_request_builds_correct_url(client): + """Test URL construction""" + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 200 + mock_request.return_value = mock_response + + client.request("test/path") + + mock_request.assert_called_once() + args, kwargs = mock_request.call_args + assert kwargs['url'] == "https://api.socket.dev/v0/test/path" + +def test_request_uses_config_timeout(client): + """Test timeout is passed from config""" + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 200 + mock_request.return_value = mock_response + + client.request("test/path") + + mock_request.assert_called_once() + args, kwargs = mock_request.call_args + assert kwargs['timeout'] == 30 + +def test_request_handles_api_error(): + """Test error handling""" + config = SocketConfig(api_key="test_key") + client = CliClient(config) + + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 400 + mock_response.raise_for_status.side_effect = requests.exceptions.RequestException("Test error") + mock_request.return_value = mock_response + + with pytest.raises(APIFailure): + client.request("test/path") + +def test_request_uses_custom_headers(client): + """Test that custom headers override defaults""" + custom_headers = {"Authorization": "Bearer token", "Custom": "Value"} + + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 200 + mock_request.return_value = mock_response + + client.request("test/path", headers=custom_headers) + + args, kwargs = mock_request.call_args + assert kwargs['headers'] == custom_headers + +def test_request_uses_custom_base_url(client): + """Test that custom base_url overrides default""" + custom_base = "https://custom.api.com" + + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 200 + mock_request.return_value = mock_response + + client.request("test/path", base_url=custom_base) + + args, kwargs = mock_request.call_args + assert kwargs['url'] == f"{custom_base}/test/path" + +def test_request_ssl_verification(client): + """Test SSL verification setting from config""" + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 200 + mock_request.return_value = mock_response + + client.request("test/path") + + args, kwargs = mock_request.call_args + assert kwargs['verify'] == True # Default is True + + # Test with SSL verification disabled + client.config.allow_unverified_ssl = True + client.request("test/path") + + args, kwargs = mock_request.call_args + assert kwargs['verify'] == False + +def test_request_with_payload(client): + """Test request with payload data""" + payload = {"key": "value"} + + with patch('requests.request') as mock_request: + mock_response = Mock() + mock_response.status_code = 200 + mock_request.return_value = mock_response + + client.request("test/path", method="POST", payload=payload) + + args, kwargs = mock_request.call_args + assert kwargs['method'] == "POST" + assert kwargs['data'] == payload \ No newline at end of file diff --git a/tests/unit/test_config.py b/tests/unit/test_config.py new file mode 100644 index 0000000..e958410 --- /dev/null +++ b/tests/unit/test_config.py @@ -0,0 +1,80 @@ +import pytest +from socketsecurity.core.socket_config import SocketConfig + +def test_config_default_values(): + """Test that config initializes with correct default values""" + config = SocketConfig(api_key="test_key") + + assert config.api_key == "test_key" + assert config.api_url == "https://api.socket.dev/v0" + assert config.timeout == 30 + assert config.allow_unverified_ssl is False + assert config.org_id is None + assert config.org_slug is None + assert config.full_scan_path is None + assert config.repository_path is None + assert config.security_policy == {} + +def test_config_custom_values(): + """Test that config accepts custom values""" + config = SocketConfig( + api_key="test_key", + api_url="https://custom.api.dev/v1", + timeout=60, + allow_unverified_ssl=True + ) + + assert config.api_key == "test_key" + assert config.api_url == "https://custom.api.dev/v1" + assert config.timeout == 60 + assert config.allow_unverified_ssl is True + +def test_config_api_key_required(): + """Test that api_key is required""" + with pytest.raises(ValueError): + SocketConfig(api_key=None) + + with pytest.raises(ValueError): + SocketConfig(api_key="") + +def test_config_invalid_timeout(): + """Test that timeout must be positive""" + with pytest.raises(ValueError): + SocketConfig(api_key="test_key", timeout=0) + + with pytest.raises(ValueError): + SocketConfig(api_key="test_key", timeout=-1) + +def test_config_invalid_api_url(): + """Test that api_url must be valid HTTPS URL""" + with pytest.raises(ValueError): + SocketConfig(api_key="test_key", api_url="not_a_url") + + with pytest.raises(ValueError): + SocketConfig(api_key="test_key", api_url="http://insecure.com") # Must be HTTPS + +def test_config_update_org_details(): + """Test updating org details""" + config = SocketConfig(api_key="test_key") + + config.org_id = "test_org_id" + config.org_slug = "test-org" + config.full_scan_path = "orgs/test-org/full-scans" + config.repository_path = "orgs/test-org/repos" + + assert config.org_id == "test_org_id" + assert config.org_slug == "test-org" + assert config.full_scan_path == "orgs/test-org/full-scans" + assert config.repository_path == "orgs/test-org/repos" + +def test_config_update_security_policy(): + """Test updating security policy""" + config = SocketConfig(api_key="test_key") + + test_policy = { + "rule1": {"action": "block"}, + "rule2": {"action": "warn"} + } + + config.security_policy = test_policy + assert config.security_policy == test_policy diff --git a/tests/unit/test_output.py b/tests/unit/test_output.py new file mode 100644 index 0000000..35a0c4f --- /dev/null +++ b/tests/unit/test_output.py @@ -0,0 +1,54 @@ +import pytest +from socketsecurity.output import OutputHandler +from socketsecurity.core.classes import Diff, Issue +import json + +class TestOutputHandler: + @pytest.fixture + def handler(self): + return OutputHandler(blocking_disabled=False) + + def test_report_pass_with_blocking_issues(self, handler): + diff = Diff() + diff.new_alerts = [Issue(error=True)] + assert not handler.report_pass(diff) + + def test_report_pass_with_blocking_disabled(self): + handler = OutputHandler(blocking_disabled=True) + diff = Diff() + diff.new_alerts = [Issue(error=True)] + assert handler.report_pass(diff) + + def test_json_output_format(self, handler, capsys): + diff = Diff() + test_issue = Issue( + title="Test", + severity="high", + description="Test description", + error=True, + key="test-key", + type="test-type", + pkg_type="npm", + pkg_name="test-package", + pkg_version="1.0.0", + purl="pkg:npm/test-package@1.0.0" + ) + diff.new_alerts = [test_issue] + + handler.output_console_json(diff) + captured = capsys.readouterr() + + # Parse the JSON output and verify structure + output = json.loads(captured.out) + assert output["issues"][0]["title"] == "Test" + assert output["issues"][0]["severity"] == "high" + assert output["issues"][0]["blocking"] is True + assert output["issues"][0]["description"] == "Test description" + + def test_sbom_file_saving(self, handler, tmp_path): + # Test SBOM file is created correctly + diff = Diff() + diff.sbom = {"test": "data"} + sbom_path = tmp_path / "test.json" + handler.save_sbom_file(diff, str(sbom_path)) + assert sbom_path.exists() \ No newline at end of file From ab26041df82bd2ba093a03371f65154e469f7b63 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Wed, 12 Feb 2025 16:35:40 -0800 Subject: [PATCH 035/149] lowered required python version to 3.9 (#51) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index bf85302..86ca6ae 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -5,7 +5,7 @@ build-backend = "setuptools.build_meta" [project] name = "socketsecurity" dynamic = ["version"] -requires-python = ">= 3.11" +requires-python = ">= 3.9" dependencies = [ 'requests', 'mdutils', diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 30c5fa0..b582e38 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.2' +__version__ = '2.0.3' From cde8660a54f54711c2dad6bca5835be3024097ca Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Thu, 13 Feb 2025 16:22:40 -0800 Subject: [PATCH 036/149] Fixed SARIF regression (#53) * added SARIF back in --- README.md | 95 ++++++++++++++++++---------- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 19 ++++-- socketsecurity/core/__init__.py | 4 +- socketsecurity/core/messages.py | 7 ++ socketsecurity/core/socket_config.py | 2 +- socketsecurity/output.py | 45 +++++++++---- socketsecurity/socketcli.py | 23 +++---- 9 files changed, 131 insertions(+), 68 deletions(-) diff --git a/README.md b/README.md index a94ae47..b56ef0f 100644 --- a/README.md +++ b/README.md @@ -2,45 +2,76 @@ The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code. - - ## Usage ```` shell -socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr-number PR_NUMBER] - [--commit-message COMMIT_MESSAGE] [--default-branch] [--target-path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE] - [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] - [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout] +socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH] + [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA] + [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head] + [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue] + [--allow-unverified] [--ignore-commit-files] [--disable-blocking] [--scm SCM] [--timeout TIMEOUT] ```` If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` - -| Parameter | Alternate Name | Required | Default | Description | -|:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| -h | --help | False | | Show the CLI help message | -| --api-token | | False | | Provides the Socket API Token | -| --repo | | True | | The string name in a git approved name for repositories. | -| --branch | | False | | The string name in a git approved name for branches. | -| --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer | -| --pr-number | | False | 0 | The integer for the PR or MR number | -| --commit-message | | False | | The string for a commit message if there is one | -| --default-branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies | -| --target-path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files | -| --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` | -| --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory | -| --version | -v | False | | Prints the version and exits | -| --enable-debug | | False | False | Enables debug messaging for the CLI | -| --sbom-file | | False | False | Creates a JSON file with all dependencies and alerts | -| --commit-sha | | False | | The commit hash for the commit | -| --generate-license | | False | False | If enabled with `--sbom-file` will include license details | -| --enable-json | | False | False | If enabled will change the console output format to JSON | -| --enable-sarif | | False | False | If enabled will change the console output format to SARIF | -| --disable-overview | | False | False | If enabled will disable Dependency Overview comments | -| --disable-security-issue | | False | False | If enabled will disable Security Issue Comments | -| --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. | -| --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files | -| --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 | +### Parameters + +#### Authentication +| Parameter | Required | Default | Description | +|:-------------|:---------|:--------|:--------------------------------------------------------------------------------------| +| --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) | + +#### Repository +| Parameter | Required | Default | Description | +|:-------------|:---------|:--------|:-------------------------------------------------------------------------| +| --repo | False | | Repository name in owner/repo format | +| --integration| False | api | Integration type (api, github, gitlab) | +| --owner | False | | Name of the integration owner, defaults to the socket organization slug | +| --branch | False | "" | Branch name | +| --committers | False | | Committer(s) to filter by | + +#### Pull Request and Commit +| Parameter | Required | Default | Description | +|:----------------|:---------|:--------|:-------------------| +| --pr-number | False | "0" | Pull request number| +| --commit-message| False | | Commit message | +| --commit-sha | False | "" | Commit SHA | + +#### Path and File +| Parameter | Required | Default | Description | +|:-------------|:---------|:--------|:-------------------------------------------| +| --target-path| False | ./ | Target path for analysis | +| --sbom-file | False | | SBOM file path | +| --files | False | [] | Files to analyze (JSON array string) | + +#### Branch and Scan Configuration +| Parameter | Required | Default | Description | +|:---------------|:---------|:--------|:----------------------------------------------------------| +| --default-branch| False | False | Make this branch the default branch | +| --pending-head | False | False | If true, the new scan will be set as the branch's head scan| + +#### Output Configuration +| Parameter | Required | Default | Description | +|:----------------------|:---------|:--------|:---------------------------------------------------------------| +| --generate-license | False | False | Generate license information | +| --enable-debug | False | False | Enable debug logging | +| --enable-json | False | False | Output in JSON format | +| --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format| +| --disable-overview | False | False | Disable overview output | + +#### Security Configuration +| Parameter | Required | Default | Description | +|:-----------------------|:---------|:--------|:-------------------------------| +| --allow-unverified | False | False | Allow unverified packages | +| --disable-security-issue| False | False | Disable security issue checks | + +#### Advanced Configuration +| Parameter | Required | Default | Description | +|:-------------------|:---------|:--------|:-----------------------------------------------| +| --ignore-commit-files| False | False | Ignore commit files | +| --disable-blocking | False | False | Disable blocking mode | +| --scm | False | api | Source control management type | +| --timeout | False | | Timeout in seconds for API requests | ## Development diff --git a/pyproject.toml b/pyproject.toml index 86ca6ae..58a630a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -13,7 +13,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.0.4' + 'socket-sdk-python>=2.0.5' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index b582e38..59b063c 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.3' +__version__ = '2.0.4' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 630acca..ae4e169 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -23,6 +23,7 @@ class CliConfig: enable_debug: bool = False allow_unverified: bool = False enable_json: bool = False + enable_sarif: bool = False disable_overview: bool = False disable_security_issue: bool = False files: str = "[]" @@ -31,7 +32,7 @@ class CliConfig: integration_type: IntegrationType = "api" integration_org_slug: Optional[str] = None pending_head: bool = False - timeout: Optional[int] = None + timeout: Optional[int] = 1200 @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': parser = create_argument_parser() @@ -61,6 +62,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'enable_debug': args.enable_debug, 'allow_unverified': args.allow_unverified, 'enable_json': args.enable_json, + 'enable_sarif': args.enable_sarif, 'disable_overview': args.disable_overview, 'disable_security_issue': args.disable_security_issue, 'files': args.files, @@ -215,6 +217,7 @@ def create_argument_parser() -> argparse.ArgumentParser: config_group.add_argument( "--default_branch", dest="default_branch", + action="store_true", help=argparse.SUPPRESS ) config_group.add_argument( @@ -226,6 +229,7 @@ def create_argument_parser() -> argparse.ArgumentParser: config_group.add_argument( "--pending_head", dest="pending_head", + action="store_true", help=argparse.SUPPRESS ) @@ -240,6 +244,7 @@ def create_argument_parser() -> argparse.ArgumentParser: output_group.add_argument( "--generate_license", dest="generate_license", + action="store_true", help=argparse.SUPPRESS ) output_group.add_argument( @@ -251,6 +256,7 @@ def create_argument_parser() -> argparse.ArgumentParser: output_group.add_argument( "--enable_debug", dest="enable_debug", + action="store_true", help=argparse.SUPPRESS ) output_group.add_argument( @@ -260,9 +266,10 @@ def create_argument_parser() -> argparse.ArgumentParser: help="Output in JSON format" ) output_group.add_argument( - "--enable_json", - dest="enable_json", - help=argparse.SUPPRESS + "--enable-sarif", + dest="enable_sarif", + action="store_true", + help="Enable SARIF output of results instead of table or JSON format" ) output_group.add_argument( "--disable-overview", @@ -273,6 +280,7 @@ def create_argument_parser() -> argparse.ArgumentParser: output_group.add_argument( "--disable_overview", dest="disable_overview", + action="store_true", help=argparse.SUPPRESS ) @@ -292,6 +300,7 @@ def create_argument_parser() -> argparse.ArgumentParser: security_group.add_argument( "--disable_security_issue", dest="disable_security_issue", + action="store_true", help=argparse.SUPPRESS ) @@ -306,6 +315,7 @@ def create_argument_parser() -> argparse.ArgumentParser: advanced_group.add_argument( "--ignore_commit_files", dest="ignore_commit_files", + action="store_true", help=argparse.SUPPRESS ) advanced_group.add_argument( @@ -317,6 +327,7 @@ def create_argument_parser() -> argparse.ArgumentParser: advanced_group.add_argument( "--disable_blocking", dest="disable_blocking", + action="store_true", help=argparse.SUPPRESS ) advanced_group.add_argument( diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 751c456..18d92d7 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -427,7 +427,7 @@ def create_new_diff( no_change: If True, return empty diff """ - print(f"starting create_new_diff with no_change: {no_change}") + log.debug(f"starting create_new_diff with no_change: {no_change}") if no_change: return Diff(id="no_diff_id") @@ -435,7 +435,7 @@ def create_new_diff( files = self.find_files(path) files_for_sending = self.load_files_for_sending(files, path) - print(f"files: {files} found at path {path}") + log.debug(f"files: {files} found at path {path}") if not files: return Diff(id="no_diff_id") diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index ee17772..ca90c27 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -192,6 +192,13 @@ def create_security_comment_sarif(diff) -> dict: Create SARIF-compliant output from the diff report, including dynamic URL generation based on manifest type and improved
    formatting for GitHub SARIF display. """ + scan_failed = False + if len(diff.new_alerts) == 0: + for alert in diff.new_alerts: + alert: Issue + if alert.error: + scan_failed = True + break sarif_data = { "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "version": "2.1.0", diff --git a/socketsecurity/core/socket_config.py b/socketsecurity/core/socket_config.py index f7580df..9e0726c 100644 --- a/socketsecurity/core/socket_config.py +++ b/socketsecurity/core/socket_config.py @@ -9,7 +9,7 @@ class SocketConfig: api_key: str api_url: str = "https://api.socket.dev/v0" - timeout: int = 30 + timeout: int = 1200 allow_unverified_ssl: bool = False org_id: Optional[str] = None org_slug: Optional[str] = None diff --git a/socketsecurity/output.py b/socketsecurity/output.py index ccbf359..e4d3649 100644 --- a/socketsecurity/output.py +++ b/socketsecurity/output.py @@ -5,33 +5,39 @@ from typing import Any, Dict, Optional from .core.messages import Messages from .core.classes import Diff, Issue +from .config import CliConfig class OutputHandler: - blocking_disabled: bool + config: CliConfig logger: logging.Logger - def __init__(self, blocking_disabled: bool): - self.blocking_disabled = blocking_disabled + def __init__(self, config: CliConfig): + self.config = config self.logger = logging.getLogger("socketcli") - def handle_output(self, diff_report: Diff, sbom_file_name: Optional[str] = None, json_output: bool = False) -> int: - """Main output handler that determines output format and returns exit code""" - if json_output: - self.output_console_json(diff_report, sbom_file_name) + def handle_output(self, diff_report: Diff) -> None: + """Main output handler that determines output format""" + if self.config.enable_json: + self.output_console_json(diff_report, self.config.sbom_file) + elif self.config.enable_sarif: + self.output_console_sarif(diff_report, self.config.sbom_file) else: - self.output_console_comments(diff_report, sbom_file_name) + self.output_console_comments(diff_report, self.config.sbom_file) - self.save_sbom_file(diff_report, sbom_file_name) + self.save_sbom_file(diff_report, self.config.sbom_file) def return_exit_code(self, diff_report: Diff) -> int: - if not self.report_pass(diff_report) and not self.blocking_disabled: + if self.config.disable_blocking: + return 0 + + if not self.report_pass(diff_report): return 1 - elif len(diff_report.new_alerts) > 0 and not self.blocking_disabled: + + if len(diff_report.new_alerts) > 0: # 5 means warning alerts but no blocking alerts return 5 - else: - return 0 + return 0 def output_console_comments(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None: """Outputs formatted console comments""" @@ -46,15 +52,26 @@ def output_console_comments(self, diff_report: Diff, sbom_file_name: Optional[st def output_console_json(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None: """Outputs JSON formatted results""" console_security_comment = Messages.create_security_comment_json(diff_report) + self.save_sbom_file(diff_report, sbom_file_name) self.logger.info(json.dumps(console_security_comment)) + def output_console_sarif(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None: + """ + Generate SARIF output from the diff report and print to console. + """ + if diff_report.id != "NO_DIFF_RAN": + # Generate the SARIF structure using Messages + console_security_comment = Messages.create_security_comment_sarif(diff_report) + self.save_sbom_file(diff_report, sbom_file_name) + # Print the SARIF output to the console in JSON format + print(json.dumps(console_security_comment, indent=2)) def report_pass(self, diff_report: Diff) -> bool: """Determines if the report passes security checks""" if not diff_report.new_alerts: return True - if self.blocking_disabled: + if self.config.disable_blocking: return True return not any(issue.error for issue in diff_report.new_alerts) diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 3ae28fc..cf4f6f5 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -45,11 +45,11 @@ def cli(): def main_code(): config = CliConfig.from_args() - print(f"config: {config.to_dict()}") - output_handler = OutputHandler(blocking_disabled=config.disable_blocking) + log.debug(f"config: {config.to_dict()}") + output_handler = OutputHandler(config) sdk = socketdev(token=config.api_token) - print("sdk loaded") + log.debug("sdk loaded") if config.enable_debug: set_debug_mode(True) @@ -64,13 +64,13 @@ def main_code(): socket_config = SocketConfig( api_key=config.api_token, allow_unverified_ssl=config.allow_unverified, - timeout=config.timeout if config.timeout is not None else 30 # Use CLI timeout if provided + timeout=config.timeout if config.timeout is not None else 1200 # Use CLI timeout if provided ) - print("loaded socket_config") + log.debug("loaded socket_config") client = CliClient(socket_config) - print("loaded client") + log.debug("loaded client") core = Core(socket_config, sdk) - print("loaded core") + log.debug("loaded core") # Load files - files defaults to "[]" in CliConfig try: files = json.loads(config.files) # Will always succeed with empty list by default @@ -135,7 +135,7 @@ def main_code(): should_skip_scan = False # Force scan if ignoring commit files elif files_to_check: # If we have any files to check should_skip_scan = not core.has_manifest_files(list(files_to_check)) - print(f"in elif, should_skip_scan: {should_skip_scan}") + log.debug(f"in elif, should_skip_scan: {should_skip_scan}") if should_skip_scan: log.debug("No manifest files found in changes, skipping scan") @@ -240,14 +240,11 @@ def main_code(): log.info("Starting non-PR/MR flow") diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan) - output_handler.handle_output(diff, config.sbom_file, config.enable_json) + output_handler.handle_output(diff) else: log.info("API Mode") diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan) - if config.enable_json: - output_handler.output_console_json(diff, config.sbom_file) - else: - output_handler.output_console_comments(diff, config.sbom_file) + output_handler.handle_output(diff) # Handle license generation if diff is not None and config.generate_license: From 7b7089e6df314d3a61721fb6dc6d3f084582bc30 Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 19 Feb 2025 12:04:05 -0800 Subject: [PATCH 037/149] Doug/fix manifest issue (#56) * Fix for None type issue with Manifest Files --- .gitignore | 3 ++- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 13 +++++++------ 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index fab80bb..0962665 100644 --- a/.gitignore +++ b/.gitignore @@ -22,4 +22,5 @@ test.py file_generator.py .coverage .env.local -Pipfile \ No newline at end of file +Pipfile +test/ \ No newline at end of file diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 59b063c..2f4f50d 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.4' +__version__ = '2.0.6' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 18d92d7..4452072 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -601,12 +601,13 @@ def get_source_data(package: Package, packages: dict) -> list: if top_package: manifests = "" top_purl = f"{top_package.type}/{top_package.name}@{top_package.version}" - for manifest_data in top_package.manifestFiles: - manifest_file = manifest_data.get("file") - manifests += f"{manifest_file};" - manifests = manifests.rstrip(";") - source = (top_purl, manifests) - introduced_by.append(source) + if hasattr(top_package, "manifestFiles") and top_package.manifestFiles: + for manifest_data in top_package.manifestFiles: + manifest_file = manifest_data.get("file") + manifests += f"{manifest_file};" + manifests = manifests.rstrip(";") + source = (top_purl, manifests) + introduced_by.append(source) else: log.debug(f"Unable to get top level package info for {top_id}") return introduced_by From 8fbc35ab3b9590e65e836f3fc27f7f2569ce49fb Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 25 Feb 2025 17:14:58 -0700 Subject: [PATCH 038/149] Fixes for diff logic (#57) --------- Co-authored-by: Eric Hibbs --- .gitignore | 3 +- Pipfile.lock | 20 ++++ README.md | 2 + pyproject.toml | 4 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 8 ++ socketsecurity/core/__init__.py | 148 ++++++++++++++++++------------ socketsecurity/core/classes.py | 8 +- socketsecurity/core/scm/github.py | 4 +- socketsecurity/core/utils.py | 23 +++++ socketsecurity/socketcli.py | 13 ++- 11 files changed, 167 insertions(+), 68 deletions(-) create mode 100644 Pipfile.lock diff --git a/.gitignore b/.gitignore index 0962665..c481ee5 100644 --- a/.gitignore +++ b/.gitignore @@ -23,4 +23,5 @@ file_generator.py .coverage .env.local Pipfile -test/ \ No newline at end of file +test/ +logs \ No newline at end of file diff --git a/Pipfile.lock b/Pipfile.lock new file mode 100644 index 0000000..b6df5da --- /dev/null +++ b/Pipfile.lock @@ -0,0 +1,20 @@ +{ + "_meta": { + "hash": { + "sha256": "702ad05de9bc9de99a4807c8dde1686f31e0041d7b5f6f6b74861195a52110f5" + }, + "pipfile-spec": 6, + "requires": { + "python_version": "3.12" + }, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.org/simple", + "verify_ssl": true + } + ] + }, + "default": {}, + "develop": {} +} diff --git a/README.md b/README.md index b56ef0f..017544c 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,7 @@ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github, [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head] [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue] [--allow-unverified] [--ignore-commit-files] [--disable-blocking] [--scm SCM] [--timeout TIMEOUT] + [--exclude-license-details] ```` If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` @@ -58,6 +59,7 @@ If you don't want to provide the Socket API Token every time then you can use th | --enable-json | False | False | Output in JSON format | | --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format| | --disable-overview | False | False | Disable overview output | +| --exclude-license-details | False | False | Exclude license details from the diff report (boosts performance for large repos) | #### Security Configuration | Parameter | Required | Default | Description | diff --git a/pyproject.toml b/pyproject.toml index 58a630a..e95fdf9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -12,8 +12,8 @@ dependencies = [ 'prettytable', 'GitPython', 'packaging', - 'python-dotenv', - 'socket-sdk-python>=2.0.5' + 'python-dotenv', + 'socket-sdk-python>=2.0.7' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 2f4f50d..c2faa62 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.6' +__version__ = '2.0.7' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index ae4e169..24a9eca 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -33,6 +33,7 @@ class CliConfig: integration_org_slug: Optional[str] = None pending_head: bool = False timeout: Optional[int] = 1200 + exclude_license_details: bool = False @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': parser = create_argument_parser() @@ -71,6 +72,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'integration_type': args.integration, 'pending_head': args.pending_head, 'timeout': args.timeout, + 'exclude_license_details': args.exclude_license_details, } if args.owner: @@ -283,6 +285,12 @@ def create_argument_parser() -> argparse.ArgumentParser: action="store_true", help=argparse.SUPPRESS ) + output_group.add_argument( + "--exclude-license-details", + dest="exclude_license_details", + action="store_true", + help="Exclude license details from the diff report (boosts performance for large repos)" + ) # Security Configuration security_group = parser.add_argument_group('Security Configuration') diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 4452072..5236a99 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,17 +1,14 @@ -import base64 -import json import logging import time +import sys from dataclasses import asdict from glob import glob from pathlib import PurePath -from typing import BinaryIO, Dict, List, Optional, Tuple - +from typing import BinaryIO, Dict, List, Tuple from socketdev import socketdev from socketdev.fullscans import ( FullScanParams, - SocketArtifact, - DiffArtifact, + SocketArtifact ) from socketdev.org import Organization from socketdev.repos import RepositoryInfo @@ -27,8 +24,9 @@ Purl, ) from socketsecurity.core.exceptions import ( - APIResourceNotFound, + APIResourceNotFound ) +from socketdev.exceptions import APIFailure from socketsecurity.core.licenses import Licenses from .socket_config import SocketConfig @@ -148,7 +146,7 @@ def find_files(path: str) -> List[str]: for file_name in patterns: pattern = Core.to_case_insensitive_regex(patterns[file_name]["pattern"]) file_path = f"{path}/**/{pattern}" - log.debug(f"Globbing {file_path}") + #log.debug(f"Globbing {file_path}") glob_start = time.time() glob_files = glob(file_path, recursive=True) for glob_file in glob_files: @@ -156,13 +154,16 @@ def find_files(path: str) -> List[str]: files.add(glob_file) glob_end = time.time() glob_total_time = glob_end - glob_start - log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") + #log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") log.debug("Finished Find Files") end_time = time.time() total_time = end_time - start_time - log.info(f"Found {len(files)} in {total_time:.2f} seconds") - log.debug(f"Files found: {list(files)}") + files_list = list(files) + if len(files_list) > 5: + log.debug(f"{len(files_list)} Files found ({total_time:.2f}s): {', '.join(files_list[:5])}, ...") + else: + log.debug(f"{len(files_list)} Files found ({total_time:.2f}s): {', '.join(files_list)}") return list(files) @staticmethod @@ -216,7 +217,7 @@ def load_files_for_sending(files: List[str], workspace: str) -> List[Tuple[str, return send_files - def create_full_scan(self, files: List[str], params: FullScanParams) -> FullScan: + def create_full_scan(self, files: List[str], params: FullScanParams, has_head_scan: bool = False) -> FullScan: """ Creates a new full scan via the Socket API. @@ -236,10 +237,10 @@ def create_full_scan(self, files: List[str], params: FullScanParams) -> FullScan raise Exception(f"Error creating full scan: {res.message}, status: {res.status}") full_scan = FullScan(**asdict(res.data)) - - full_scan_artifacts_dict = self.get_sbom_data(full_scan.id) - full_scan.sbom_artifacts = self.get_sbom_data_list(full_scan_artifacts_dict) - full_scan.packages = self.create_packages_dict(full_scan.sbom_artifacts) + if not has_head_scan: + full_scan_artifacts_dict = self.get_sbom_data(full_scan.id) + full_scan.sbom_artifacts = self.get_sbom_data_list(full_scan_artifacts_dict) + full_scan.packages = self.create_packages_dict(full_scan.sbom_artifacts) create_full_end = time.time() total_time = create_full_end - create_full_start @@ -317,12 +318,13 @@ def get_package_license_text(self, package: Package) -> str: return "" - def get_repo_info(self, repo_slug: str) -> RepositoryInfo: + def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-branch") -> RepositoryInfo: """ Gets repository information from the Socket API. Args: repo_slug: Repository slug to get info for + default_branch: Default branch string to use if the repo doesn't exist Returns: RepositoryInfo object @@ -330,11 +332,23 @@ def get_repo_info(self, repo_slug: str) -> RepositoryInfo: Raises: Exception: If API request fails """ - response = self.sdk.repos.repo(self.config.org_slug, repo_slug) - if not response.success: - log.error(f"Failed to get repository: {response.status}") - log.error(response.message) - raise Exception(f"Failed to get repository info: {response.status}, message: {response.message}") + try: + response = self.sdk.repos.repo(self.config.org_slug, repo_slug) + if not response.success: + log.error(f"Failed to get repository: {response.status}") + log.error(response.message) + # raise Exception(f"Failed to get repository info: {response.status}, message: {response.message}") + except APIFailure: + log.warning(f"Failed to get repository {repo_slug}, attempting to create it") + create_response = self.sdk.repos.post(self.config.org_slug, name=repo_slug, default_branch=default_branch) + if not create_response.success: + log.error(f"Failed to create repository: {create_response.status}") + log.error(create_response.message) + raise Exception( + f"Failed to create repository: {create_response.status}, message: {create_response.message}" + ) + else: + return create_response.data return response.data def get_head_scan_for_repo(self, repo_slug: str) -> str: @@ -350,24 +364,36 @@ def get_head_scan_for_repo(self, repo_slug: str) -> str: repo_info = self.get_repo_info(repo_slug) return repo_info.head_full_scan_id if repo_info.head_full_scan_id else None - def get_added_and_removed_packages(self, head_full_scan: Optional[FullScan], new_full_scan: FullScan) -> Tuple[Dict[str, Package], Dict[str, Package]]: + @staticmethod + def update_package_values(pkg: Package) -> Package: + pkg.purl = f"{pkg.name}@{pkg.version}" + pkg.url = f"https://socket.dev/{pkg.type}/package" + if pkg.namespace: + pkg.purl = f"{pkg.namespace}/{pkg.purl}" + pkg.url += f"/{pkg.namespace}" + pkg.url += f"/{pkg.name}/overview/{pkg.version}" + return pkg + + def get_added_and_removed_packages(self, head_full_scan_id: str, new_full_scan: FullScan) -> Tuple[Dict[str, Package], Dict[str, Package]]: """ Get packages that were added and removed between scans. Args: head_full_scan: Previous scan (may be None if first scan) - new_full_scan: New scan just created + head_full_scan_id: New scan just created Returns: Tuple of (added_packages, removed_packages) dictionaries """ - if head_full_scan is None: + if head_full_scan_id is None: log.info(f"No head scan found. New scan ID: {new_full_scan.id}") return new_full_scan.packages, {} - log.info(f"Comparing scans - Head scan ID: {head_full_scan.id}, New scan ID: {new_full_scan.id}") - diff_report = self.sdk.fullscans.stream_diff(self.config.org_slug, head_full_scan.id, new_full_scan.id).data - + log.info(f"Comparing scans - Head scan ID: {head_full_scan_id}, New scan ID: {new_full_scan.id}") + diff_start = time.time() + diff_report = self.sdk.fullscans.stream_diff(self.config.org_slug, head_full_scan_id, new_full_scan.id).data + diff_end = time.time() + log.info(f"Diff Report Gathered in {diff_end - diff_start:.2f} seconds") log.info(f"Diff report artifact counts:") log.info(f"Added: {len(diff_report.artifacts.added)}") log.info(f"Removed: {len(diff_report.artifacts.removed)}") @@ -384,32 +410,24 @@ def get_added_and_removed_packages(self, head_full_scan: Optional[FullScan], new for artifact in added_artifacts: try: pkg = Package.from_diff_artifact(asdict(artifact)) + pkg = Core.update_package_values(pkg) added_packages[artifact.id] = pkg except KeyError: log.error(f"KeyError: Could not create package from added artifact {artifact.id}") log.error(f"Artifact details - name: {artifact.name}, version: {artifact.version}") - matches = [p for p in new_full_scan.packages.values() if p.name == artifact.name and p.version == artifact.version] - if matches: - log.error(f"Found {len(matches)} packages with matching name/version:") - for m in matches: - log.error(f" ID: {m.id}, name: {m.name}, version: {m.version}") - else: - log.error("No matching packages found in new_full_scan") + log.error("No matching packages found in new_full_scan") for artifact in removed_artifacts: try: pkg = Package.from_diff_artifact(asdict(artifact)) + pkg = Core.update_package_values(pkg) + if pkg.namespace: + pkg.purl += f"{pkg.namespace}/{pkg.purl}" removed_packages[artifact.id] = pkg except KeyError: log.error(f"KeyError: Could not create package from removed artifact {artifact.id}") log.error(f"Artifact details - name: {artifact.name}, version: {artifact.version}") - matches = [p for p in head_full_scan.packages.values() if p.name == artifact.name and p.version == artifact.version] - if matches: - log.error(f"Found {len(matches)} packages with matching name/version:") - for m in matches: - log.error(f" ID: {m.id}, name: {m.name}, version: {m.version}") - else: - log.error("No matching packages found in head_full_scan") + log.error("No matching packages found in head_full_scan") return added_packages, removed_packages @@ -435,36 +453,49 @@ def create_new_diff( files = self.find_files(path) files_for_sending = self.load_files_for_sending(files, path) - log.debug(f"files: {files} found at path {path}") if not files: return Diff(id="no_diff_id") - head_full_scan_id = None - try: # Get head scan ID head_full_scan_id = self.get_head_scan_for_repo(params.repo) + has_head_scan = True except APIResourceNotFound: head_full_scan_id = None + has_head_scan = False - # Create new scan - new_scan_start = time.time() - new_full_scan = self.create_full_scan(files_for_sending, params) - new_scan_end = time.time() - log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") - - - head_full_scan = None - if head_full_scan_id: - head_full_scan = self.get_full_scan(head_full_scan_id) + # Create new scan + try: + new_scan_start = time.time() + new_full_scan = self.create_full_scan(files_for_sending, params, has_head_scan) + new_scan_end = time.time() + log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") + except APIFailure as e: + log.error(f"API Error: {e}") + sys.exit(1) + except Exception as e: + log.error(f"Unexpected error while creating new scan: {e}") + sys.exit(1) - added_packages, removed_packages = self.get_added_and_removed_packages(head_full_scan, new_full_scan) + try: + added_packages, removed_packages = self.get_added_and_removed_packages(head_full_scan_id, new_full_scan) + except APIFailure as e: + log.error(f"API Error: {e}") + sys.exit(1) + except Exception as e: + log.error(f"Unexpected error while comparing packages: {e}") + sys.exit(1) diff = self.create_diff_report(added_packages, removed_packages) base_socket = "https://socket.dev/dashboard/org" diff.id = new_full_scan.id - diff.report_url = f"{base_socket}/{self.config.org_slug}/sbom/{diff.id}" + + report_url = f"{base_socket}/{self.config.org_slug}/sbom/{diff.id}" + if not params.include_license_details: + report_url += "?include_license_details=false" + diff.report_url = report_url + if head_full_scan_id is not None: diff.diff_url = f"{base_socket}/{self.config.org_slug}/diff/{diff.id}/{head_full_scan_id}" else: @@ -609,7 +640,8 @@ def get_source_data(package: Package, packages: dict) -> list: source = (top_purl, manifests) introduced_by.append(source) else: - log.debug(f"Unable to get top level package info for {top_id}") + pass + # log.debug(f"Unable to get top level package info for {top_id}") return introduced_by @staticmethod diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index 31b529e..006bb0c 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -115,6 +115,7 @@ class Package(SocketArtifactLink): author: List[str] = field(default_factory=list) size: Optional[int] = None license: Optional[str] = None + namespace: Optional[str] = None # Package-specific fields license_text: str = "" @@ -122,6 +123,10 @@ class Package(SocketArtifactLink): transitives: int = 0 url: str = "" + # Artifact-specific fields + licenseDetails: Optional[list] = None + + @classmethod def from_socket_artifact(cls, data: dict) -> "Package": """ @@ -187,7 +192,8 @@ def from_diff_artifact(cls, data: dict) -> "Package": direct=ref.get("direct", False), manifestFiles=ref.get("manifestFiles", []), dependencies=ref.get("dependencies"), - artifact=ref.get("artifact") + artifact=ref.get("artifact"), + namespace=data.get('namespace', None) ) class Issue: diff --git a/socketsecurity/core/scm/github.py b/socketsecurity/core/scm/github.py index b958bbd..fa40afb 100644 --- a/socketsecurity/core/scm/github.py +++ b/socketsecurity/core/scm/github.py @@ -54,7 +54,9 @@ def from_env(cls, pr_number: Optional[str] = None) -> 'GithubConfig': owner = repository.split('/')[0] repository = repository.split('/')[1] - is_default = os.getenv('DEFAULT_BRANCH', '').lower() == 'true' + default_branch_env = os.getenv('DEFAULT_BRANCH') + # Consider the variable truthy if it exists and isn't explicitly 'false' + is_default = default_branch_env is not None and default_branch_env.lower() != 'false' return cls( sha=os.getenv('GITHUB_SHA', ''), api_url=os.getenv('GITHUB_API_URL', ''), diff --git a/socketsecurity/core/utils.py b/socketsecurity/core/utils.py index c7a45b0..6e9fb09 100644 --- a/socketsecurity/core/utils.py +++ b/socketsecurity/core/utils.py @@ -81,5 +81,28 @@ "pom.xml": { "pattern": "pom.xml" } + }, + ".net": { + "proj": { + "pattern": "*.*proj" + }, + "props": { + "pattern": "*.props" + }, + "targets": { + "pattern": "*.targets" + }, + "nuspec": { + "pattern": "*.nuspec" + }, + "nugetConfig": { + "pattern": "nuget.config" + }, + "packagesConfig": { + "pattern": "packages.config" + }, + "packagesLock": { + "pattern": "packages.lock.json" + } } } \ No newline at end of file diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index cf4f6f5..5a75438 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -48,6 +48,13 @@ def main_code(): log.debug(f"config: {config.to_dict()}") output_handler = OutputHandler(config) + # Validate API token + if not config.api_token: + log.info("Socket API Token not found. Please set it using either:\n" + "1. Command line: --api-token YOUR_TOKEN\n" + "2. Environment variable: SOCKET_SECURITY_API_KEY") + sys.exit(3) + sdk = socketdev(token=config.api_token) log.debug("sdk loaded") @@ -55,10 +62,6 @@ def main_code(): set_debug_mode(True) log.debug("Debug logging enabled") - # Validate API token - if not config.api_token: - log.info("Unable to find Socket API Token") - sys.exit(3) # Initialize Socket core components socket_config = SocketConfig( @@ -160,6 +163,8 @@ def main_code(): set_as_pending_head=True ) + params.include_license_details = not config.exclude_license_details + # Initialize diff diff = Diff() diff.id = "NO_DIFF_RAN" From 585e79762d19ca79b610392b8b2ae1265f2c9705 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Wed, 26 Feb 2025 17:24:30 -0800 Subject: [PATCH 039/149] Eric/incorporate use types (#58) now using sdk 2.0.8 --- pyproject.toml | 3 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 206 ++++++++++++++++---------------- 3 files changed, 105 insertions(+), 106 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index e95fdf9..060b69d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -13,7 +13,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.0.7' + 'socket-sdk-python>=2.0.8' ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -41,6 +41,7 @@ test = [ ] dev = [ "ruff>=0.3.0", + "twine", # for building "pip-tools>=7.4.0", # for pip-compile ] diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c2faa62..27b5366 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.7' +__version__ = '2.0.8' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 5236a99..4ea9312 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,15 +1,14 @@ import logging -import time import sys +import time from dataclasses import asdict from glob import glob from pathlib import PurePath from typing import BinaryIO, Dict, List, Tuple + from socketdev import socketdev -from socketdev.fullscans import ( - FullScanParams, - SocketArtifact -) +from socketdev.exceptions import APIFailure +from socketdev.fullscans import FullScanParams, SocketArtifact from socketdev.org import Organization from socketdev.repos import RepositoryInfo from socketdev.settings import SecurityPolicyRule @@ -23,10 +22,7 @@ Package, Purl, ) -from socketsecurity.core.exceptions import ( - APIResourceNotFound -) -from socketdev.exceptions import APIFailure +from socketsecurity.core.exceptions import APIResourceNotFound from socketsecurity.core.licenses import Licenses from .socket_config import SocketConfig @@ -43,11 +39,11 @@ class Core: """Main class for interacting with Socket Security API and processing scan results.""" - + ALERT_TYPE_TO_CAPABILITY = { "envVars": "Environment Variables", "networkAccess": "Network Access", - "filesystemAccess": "File System Access", + "filesystemAccess": "File System Access", "shellAccess": "Shell Access", "usesEval": "Uses Eval", "unsafe": "Unsafe" @@ -77,7 +73,7 @@ def set_org_vars(self) -> None: def get_org_id_slug(self) -> Tuple[str, str]: """Gets the Org ID and Org Slug for the API Token.""" - response = self.sdk.org.get() + response = self.sdk.org.get(use_types=True) organizations: Dict[str, Organization] = response.get("organizations", {}) if len(organizations) == 1: @@ -87,33 +83,33 @@ def get_org_id_slug(self) -> Tuple[str, str]: def get_sbom_data(self, full_scan_id: str) -> Dict[str, SocketArtifact]: """Returns the list of SBOM artifacts for a full scan.""" - response = self.sdk.fullscans.stream(self.config.org_slug, full_scan_id) + response = self.sdk.fullscans.stream(self.config.org_slug, full_scan_id, use_types=True) if not response.success: log.debug(f"Failed to get SBOM data for full-scan {full_scan_id}") log.debug(response.message) return {} return response.artifacts - + def get_sbom_data_list(self, artifacts_dict: Dict[str, SocketArtifact]) -> list[SocketArtifact]: """Converts artifacts dictionary to a list.""" return list(artifacts_dict.values()) def get_security_policy(self) -> Dict[str, SecurityPolicyRule]: """Gets the organization's security policy.""" - response = self.sdk.settings.get(self.config.org_slug) - + response = self.sdk.settings.get(self.config.org_slug, use_types=True) + if not response.success: log.error(f"Failed to get security policy: {response.status}") log.error(response.message) raise Exception(f"Failed to get security policy: {response.status}, message: {response.message}") - + return response.securityPolicyRules def create_sbom_output(self, diff: Diff) -> dict: """Creates CycloneDX output for a given diff.""" try: - result = self.sdk.export.cdx_bom(self.config.org_slug, diff.id) + result = self.sdk.export.cdx_bom(self.config.org_slug, diff.id, use_types=True) if not result.success: log.error(f"Failed to get CycloneDX Output for full-scan {diff.id}") log.error(result.message) @@ -121,7 +117,7 @@ def create_sbom_output(self, diff: Diff) -> dict: result.pop("success", None) return result - except Exception as error: + except Exception: log.error(f"Unable to get CycloneDX Output for {diff.id}") log.error(result.get("message", "No error message provided")) return {} @@ -130,17 +126,17 @@ def create_sbom_output(self, diff: Diff) -> dict: def find_files(path: str) -> List[str]: """ Finds supported manifest files in the given path. - + Args: path: Path to search for manifest files - + Returns: List of found manifest file paths """ log.debug("Starting Find Files") start_time = time.time() files = set() - + for ecosystem in socket_globs: patterns = socket_globs[ecosystem] for file_name in patterns: @@ -165,18 +161,18 @@ def find_files(path: str) -> List[str]: else: log.debug(f"{len(files_list)} Files found ({total_time:.2f}s): {', '.join(files_list)}") return list(files) - + @staticmethod def to_case_insensitive_regex(input_string: str) -> str: """ Converts a string into a case-insensitive regex pattern. - + Args: input_string: String to convert - + Returns: Case-insensitive regex pattern - + Example: "pipfile" -> "[Pp][Ii][Pp][Ff][Ii][Ll][Ee]" """ @@ -186,52 +182,52 @@ def to_case_insensitive_regex(input_string: str) -> str: def load_files_for_sending(files: List[str], workspace: str) -> List[Tuple[str, Tuple[str, BinaryIO]]]: """ Prepares files for sending to the Socket API. - + Args: files: List of file paths from find_files() workspace: Base directory path to make paths relative to - + Returns: List of tuples formatted for requests multipart upload: [(field_name, (filename, file_object)), ...] """ send_files = [] - + for file_path in files: if "/" in file_path: _, name = file_path.rsplit("/", 1) else: name = file_path - + if file_path.startswith(workspace): key = file_path[len(workspace):] else: key = file_path - + key = key.lstrip("/") key = key.lstrip("./") - + f = open(file_path, 'rb') payload = (key, (name, f)) send_files.append(payload) - + return send_files def create_full_scan(self, files: List[str], params: FullScanParams, has_head_scan: bool = False) -> FullScan: """ Creates a new full scan via the Socket API. - + Args: files: List of files to scan params: Parameters for the full scan - + Returns: FullScan object with scan results """ log.debug("Creating new full scan") create_full_start = time.time() - res = self.sdk.fullscans.post(files, params) + res = self.sdk.fullscans.post(files, params, use_types=True) if not res.success: log.error(f"Error creating full scan: {res.message}, status: {res.status}") raise Exception(f"Error creating full scan: {res.message}, status: {res.status}") @@ -245,20 +241,20 @@ def create_full_scan(self, files: List[str], params: FullScanParams, has_head_sc create_full_end = time.time() total_time = create_full_end - create_full_start log.debug(f"New Full Scan created in {total_time:.2f} seconds") - + return full_scan def get_full_scan(self, full_scan_id: str) -> FullScan: """ Get a FullScan object for an existing full scan including sbom_artifacts and packages. - + Args: full_scan_id: The ID of the full scan to get - + Returns: The FullScan object with populated artifacts and packages """ - full_scan_metadata = self.sdk.fullscans.metadata(self.config.org_slug, full_scan_id) + full_scan_metadata = self.sdk.fullscans.metadata(self.config.org_slug, full_scan_id, use_types=True) full_scan = FullScan(**asdict(full_scan_metadata.data)) full_scan_artifacts_dict = self.get_sbom_data(full_scan_id) full_scan.sbom_artifacts = self.get_sbom_data_list(full_scan_artifacts_dict) @@ -268,10 +264,10 @@ def get_full_scan(self, full_scan_id: str) -> FullScan: def create_packages_dict(self, sbom_artifacts: list[SocketArtifact]) -> dict[str, Package]: """ Creates a dictionary of Package objects from SBOM artifacts. - + Args: sbom_artifacts: List of SBOM artifacts from the scan - + Returns: Dictionary mapping package IDs to Package objects """ @@ -289,51 +285,51 @@ def create_packages_dict(self, sbom_artifacts: list[SocketArtifact]) -> dict[str top_level_count[top_id] = 1 else: top_level_count[top_id] += 1 - + for package_id, package in packages.items(): package.transitives = top_level_count.get(package_id, 0) return packages - + def get_package_license_text(self, package: Package) -> str: """ Gets the license text for a package if available. - + Args: package: Package object to get license text for - + Returns: License text if found, empty string otherwise """ if package.license is None: return "" - + license_raw = package.license all_licenses = Licenses() license_str = Licenses.make_python_safe(license_raw) - + if license_str is not None and hasattr(all_licenses, license_str): license_obj = getattr(all_licenses, license_str) return license_obj.licenseText - + return "" def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-branch") -> RepositoryInfo: """ Gets repository information from the Socket API. - + Args: repo_slug: Repository slug to get info for default_branch: Default branch string to use if the repo doesn't exist - + Returns: RepositoryInfo object - + Raises: Exception: If API request fails """ try: - response = self.sdk.repos.repo(self.config.org_slug, repo_slug) + response = self.sdk.repos.repo(self.config.org_slug, repo_slug, use_types=True) if not response.success: log.error(f"Failed to get repository: {response.status}") log.error(response.message) @@ -354,10 +350,10 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br def get_head_scan_for_repo(self, repo_slug: str) -> str: """ Gets the head scan ID for a repository. - + Args: repo_slug: Repository slug to get head scan for - + Returns: Head scan ID if it exists, None otherwise """ @@ -377,24 +373,34 @@ def update_package_values(pkg: Package) -> Package: def get_added_and_removed_packages(self, head_full_scan_id: str, new_full_scan: FullScan) -> Tuple[Dict[str, Package], Dict[str, Package]]: """ Get packages that were added and removed between scans. - + Args: head_full_scan: Previous scan (may be None if first scan) head_full_scan_id: New scan just created - + Returns: Tuple of (added_packages, removed_packages) dictionaries """ if head_full_scan_id is None: log.info(f"No head scan found. New scan ID: {new_full_scan.id}") return new_full_scan.packages, {} - + log.info(f"Comparing scans - Head scan ID: {head_full_scan_id}, New scan ID: {new_full_scan.id}") diff_start = time.time() - diff_report = self.sdk.fullscans.stream_diff(self.config.org_slug, head_full_scan_id, new_full_scan.id).data + try: + diff_report = self.sdk.fullscans.stream_diff(self.config.org_slug, head_full_scan_id, new_full_scan.id, use_types=True).data + except APIFailure as e: + log.error(f"API Error: {e}") + sys.exit(1) + except Exception as e: + import traceback + log.error(f"Error getting diff report: {str(e)}") + log.error(f"Stack trace:\n{traceback.format_exc()}") + raise + diff_end = time.time() log.info(f"Diff Report Gathered in {diff_end - diff_start:.2f} seconds") - log.info(f"Diff report artifact counts:") + log.info("Diff report artifact counts:") log.info(f"Added: {len(diff_report.artifacts.added)}") log.info(f"Removed: {len(diff_report.artifacts.removed)}") log.info(f"Unchanged: {len(diff_report.artifacts.unchanged)}") @@ -442,7 +448,6 @@ def create_new_diff( Args: path: Path to look for manifest files params: Query params for the Full Scan endpoint - no_change: If True, return empty diff """ log.debug(f"starting create_new_diff with no_change: {no_change}") @@ -464,7 +469,7 @@ def create_new_diff( head_full_scan_id = None has_head_scan = False - # Create new scan + # Create new scan try: new_scan_start = time.time() new_full_scan = self.create_full_scan(files_for_sending, params, has_head_scan) @@ -474,17 +479,12 @@ def create_new_diff( log.error(f"API Error: {e}") sys.exit(1) except Exception as e: - log.error(f"Unexpected error while creating new scan: {e}") - sys.exit(1) + import traceback + log.error(f"Error creating new full scan: {str(e)}") + log.error(f"Stack trace:\n{traceback.format_exc()}") + raise - try: - added_packages, removed_packages = self.get_added_and_removed_packages(head_full_scan_id, new_full_scan) - except APIFailure as e: - log.error(f"API Error: {e}") - sys.exit(1) - except Exception as e: - log.error(f"Unexpected error while comparing packages: {e}") - sys.exit(1) + added_packages, removed_packages = self.get_added_and_removed_packages(head_full_scan_id, new_full_scan) diff = self.create_diff_report(added_packages, removed_packages) @@ -495,7 +495,7 @@ def create_new_diff( if not params.include_license_details: report_url += "?include_license_details=false" diff.report_url = report_url - + if head_full_scan_id is not None: diff.diff_url = f"{base_socket}/{self.config.org_slug}/diff/{diff.id}/{head_full_scan_id}" else: @@ -504,25 +504,25 @@ def create_new_diff( return diff def create_diff_report( - self, - added_packages: Dict[str, Package], + self, + added_packages: Dict[str, Package], removed_packages: Dict[str, Package], direct_only: bool = True ) -> Diff: """ Creates a diff report comparing two sets of packages. - + Takes packages that were added and removed between two scans and: 1. Records new/removed packages (direct only by default) 2. Collects alerts from both sets of packages 3. Determines new capabilities introduced - + Args: added_packages: Dict of packages added in new scan removed_packages: Dict of packages removed in new scan direct_only: If True, only direct dependencies are included in new/removed lists (but alerts are still processed for all packages) - + Returns: Diff object containing the comparison results """ @@ -577,11 +577,11 @@ def create_diff_report( def create_purl(package_id: str, packages: dict[str, Package]) -> Purl: """ Creates the extended PURL data for package identification and tracking. - + Args: package_id: Package ID to create PURL data for packages: Dictionary of all packages for transitive dependency lookup - + Returns: Purl object containing package metadata and dependency information """ @@ -606,14 +606,14 @@ def create_purl(package_id: str, packages: dict[str, Package]) -> Purl: def get_source_data(package: Package, packages: dict) -> list: """ Determines how a package was introduced into the dependency tree. - + For direct dependencies, records the manifest file. For transitive dependencies, records the top-level package that introduced it. - + Args: package: Package to analyze packages: Dictionary of all packages for ancestor lookup - + Returns: List of tuples containing (source, manifest_file) information """ @@ -648,7 +648,7 @@ def get_source_data(package: Package, packages: dict) -> list: def add_purl_capabilities(diff: Diff) -> None: """ Adds capability information to each package in the diff's new_packages list. - + Args: diff: Diff object to update with capability information """ @@ -662,18 +662,18 @@ def add_purl_capabilities(diff: Diff) -> None: new_packages.append(new_purl) else: new_packages.append(purl) - + diff.new_packages = new_packages def add_package_alerts_to_collection(self, package: Package, alerts_collection: dict, packages: dict) -> dict: """ Processes alerts from a package and adds them to a shared alerts collection. - + Args: package: Package to process alerts from alerts_collection: Dictionary to store processed alerts packages: Dictionary of all packages for dependency lookup - + Returns: Updated alerts collection dictionary """ @@ -723,11 +723,11 @@ def add_package_alerts_to_collection(self, package: Package, alerts_collection: def save_file(file_name: str, content: str) -> None: """ Saves content to a file, raising an error if the save fails. - + Args: file_name: Path to save the file content: Content to write to the file - + Raises: IOError: If file cannot be written """ @@ -742,10 +742,10 @@ def save_file(file_name: str, content: str) -> None: def has_manifest_files(files: list) -> bool: """ Checks if any files in the list are supported manifest files. - + Args: files: List of file paths to check - + Returns: True if any files match manifest patterns, False otherwise """ @@ -764,41 +764,41 @@ def has_manifest_files(files: list) -> bool: def get_capabilities_for_added_packages(added_packages: Dict[str, Package]) -> Dict[str, List[str]]: """ Maps added packages to their capabilities based on their alerts. - + Args: added_packages: Dictionary of packages added in new scan - + Returns: Dictionary mapping package IDs to their capability lists """ capabilities: Dict[str, List[str]] = {} - + for package_id, package in added_packages.items(): for alert in package.alerts: if alert["type"] in Core.ALERT_TYPE_TO_CAPABILITY: value = Core.ALERT_TYPE_TO_CAPABILITY[alert["type"]] - + if package_id not in capabilities: capabilities[package_id] = [value] elif value not in capabilities[package_id]: capabilities[package_id].append(value) - + return capabilities @staticmethod def get_new_alerts( - added_package_alerts: Dict[str, List[Issue]], + added_package_alerts: Dict[str, List[Issue]], removed_package_alerts: Dict[str, List[Issue]], ignore_readded: bool = True ) -> List[Issue]: """ Find alerts that are new or changed between added and removed packages. - + Args: added_package_alerts: Dictionary of alerts from packages that were added removed_package_alerts: Dictionary of alerts from packages that were removed ignore_readded: If True, don't report alerts that were both removed and added - + Returns: List of newly found alerts """ @@ -810,7 +810,7 @@ def get_new_alerts( new_alerts = added_package_alerts[alert_key] for alert in new_alerts: alert_str = f"{alert.purl},{alert.manifests},{alert.type}" - + if alert.error or alert.warn: if alert_str not in consolidated_alerts: alerts.append(alert) @@ -818,10 +818,10 @@ def get_new_alerts( else: new_alerts = added_package_alerts[alert_key] removed_alerts = removed_package_alerts[alert_key] - + for alert in new_alerts: alert_str = f"{alert.purl},{alert.manifests},{alert.type}" - + # Only add if: # 1. Alert isn't in removed packages (or we're not ignoring readded alerts) # 2. We haven't already recorded this alert @@ -832,5 +832,3 @@ def get_new_alerts( consolidated_alerts.add(alert_str) return alerts - - From b9f272fdcac941c10083e95c5dfef7671dad12ad Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Thu, 6 Mar 2025 14:21:07 -0800 Subject: [PATCH 040/149] updated file behavior docs and skipping dirs in file search (#59) * updated file behavior docs and skipping dirs in file search --- README.md | 36 ++++++++++++++++++++++++--------- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 4 +++- 3 files changed, 30 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 017544c..0521ca5 100644 --- a/README.md +++ b/README.md @@ -5,10 +5,10 @@ The Socket Security CLI was created to enable integrations with other tools like ## Usage ```` shell -socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH] - [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA] - [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head] - [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue] +socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH] + [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA] + [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head] + [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue] [--allow-unverified] [--ignore-commit-files] [--disable-blocking] [--scm SCM] [--timeout TIMEOUT] [--exclude-license-details] ```` @@ -75,9 +75,30 @@ If you don't want to provide the Socket API Token every time then you can use th | --scm | False | api | Source control management type | | --timeout | False | | Timeout in seconds for API requests | +## File Selection Behavior + +The CLI determines which files to scan based on the following logic: + +1. **Git Commit Files**: By default, the CLI checks files changed in the current git commit first. If any of these files match supported manifest patterns (like package.json, requirements.txt, etc.), a scan is triggered. + +2. **`--files` Parameter**: If no git commit exists, or no manifest files are found in the commit changes, the CLI checks files specified via the `--files` parameter. This parameter accepts a JSON array of file paths. + +3. **`--ignore-commit-files`**: When this flag is set, git commit files are ignored completely, and only files specified in `--files` are considered. This also forces a scan regardless of whether manifest files are present. + +4. **No Manifest Files**: If no manifest files are found in either git commit changes or `--files` (and `--ignore-commit-files` is not set), the scan is skipped. + +> **Note**: The CLI does not scan only the specified files - it uses them to determine whether a scan should be performed. When a scan is triggered, it searches the entire `--target-path` for all supported manifest files. + +### Examples + +- **Commit with manifest file**: If your commit includes changes to `package.json`, a scan will be triggered automatically. +- **Commit without manifest files**: If your commit only changes non-manifest files (like `.github/workflows/socket.yaml`), no scan will be performed unless you use `--files` or `--ignore-commit-files`. +- **Using `--files`**: If you specify `--files '["package.json"]'`, the CLI will check if this file exists and is a manifest file before triggering a scan. +- **Using `--ignore-commit-files`**: This forces a scan of all manifest files in the target path, regardless of what's in your commit. + ## Development -This project uses `pyproject.toml` as the primary dependency specification. +This project uses `pyproject.toml` as the primary dependency specification. ### Development Workflows @@ -132,8 +153,3 @@ Implementation targets: ### Environment Variables - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python) - -### Running tests: - -#### Run all tests: -``` \ No newline at end of file diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 27b5366..121b7fc 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.8' +__version__ = '2.0.9' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 4ea9312..10548f5 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -1,4 +1,5 @@ import logging +import os import sys import time from dataclasses import asdict @@ -146,7 +147,8 @@ def find_files(path: str) -> List[str]: glob_start = time.time() glob_files = glob(file_path, recursive=True) for glob_file in glob_files: - if glob_file not in files: + # Only add if it's a file, not a directory + if glob_file not in files and os.path.isfile(glob_file): files.add(glob_file) glob_end = time.time() glob_total_time = glob_end - glob_start From d94da02ff5870716a62d0433cfaece24baac0e0e Mon Sep 17 00:00:00 2001 From: Orlando Barrera II <1621370+obarrera@users.noreply.github.com> Date: Fri, 7 Mar 2025 09:29:48 -0600 Subject: [PATCH 041/149] Fixed a bug with alert in multiple files (#55) * Fixed a bug with alert in multiple files * Update __init__.py --------- Co-authored-by: Orlando Barrera II --- socketsecurity/__init__.py | 2 +- socketsecurity/core/messages.py | 254 ++++++++++++++++---------------- 2 files changed, 126 insertions(+), 130 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 121b7fc..c554d9c 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.9' +__version__ = '2.0.10' diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index ca90c27..2940e3d 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -2,6 +2,8 @@ import os import re import json +import logging +logging.basicConfig(level=logging.DEBUG) from pathlib import Path from mdutils import MdUtils @@ -16,7 +18,7 @@ class Messages: def map_severity_to_sarif(severity: str) -> str: """ Map Socket severity levels to SARIF levels (GitHub code scanning). - + 'low' -> 'note' 'medium' or 'middle' -> 'warning' 'high' or 'critical' -> 'error' @@ -39,115 +41,89 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) Supports: 1) JSON-based manifest files (package-lock.json, Pipfile.lock, composer.lock) - Locates a dictionary entry with the matching package & version - - Does a rough line-based search to find the actual line in the raw text - 2) Text-based (requirements.txt, package.json, yarn.lock, etc.) - - Uses compiled regex patterns to detect a match line by line + - Searches the raw text for the key + 2) Text-based (requirements.txt, package.json, yarn.lock, pnpm-lock.yaml, etc.) + - Uses regex patterns to detect a match line by line """ - # Extract just the file name to detect manifest type file_type = Path(manifest_file).name + logging.debug("Processing file for line lookup: %s", manifest_file) - # ---------------------------------------------------- - # 1) JSON-based manifest files - # ---------------------------------------------------- if file_type in ["package-lock.json", "Pipfile.lock", "composer.lock"]: try: - # Read entire file so we can parse JSON and also do raw line checks with open(manifest_file, "r", encoding="utf-8") as f: raw_text = f.read() - - # Attempt JSON parse + logging.debug("Read %d characters from %s", len(raw_text), manifest_file) data = json.loads(raw_text) - - # In practice, you may need to check data["dependencies"], data["default"], etc. - # This is an example approach. packages_dict = ( data.get("packages") or data.get("default") or data.get("dependencies") or {} ) - + logging.debug("Found package keys in %s: %s", manifest_file, list(packages_dict.keys())) found_key = None found_info = None - # Locate a dictionary entry whose 'version' matches for key, value in packages_dict.items(): - # For NPM package-lock, keys might look like "node_modules/axios" if key.endswith(packagename) and "version" in value: if value["version"] == packageversion: found_key = key found_info = value break - if found_key and found_info: - # Search lines to approximate the correct line number - needle_key = f'"{found_key}":' # e.g. "node_modules/axios": - needle_version = f'"version": "{packageversion}"' + needle_key = f'"{found_key}":' lines = raw_text.splitlines() - best_line = 1 - snippet = None - + logging.debug("Total lines in %s: %d", manifest_file, len(lines)) for i, line in enumerate(lines, start=1): - if (needle_key in line) or (needle_version in line): - best_line = i - snippet = line.strip() - break # On first match, stop - - # If we found an approximate line, return it; else fallback to line 1 - if best_line > 0 and snippet: - return best_line, snippet - else: - return 1, f'"{found_key}": {found_info}' + if needle_key in line: + logging.debug("Found match at line %d in %s: %s", i, manifest_file, line.strip()) + return i, line.strip() + return 1, f'"{found_key}": {found_info}' else: return 1, f"{packagename} {packageversion} (not found in {manifest_file})" - - except (FileNotFoundError, json.JSONDecodeError): + except (FileNotFoundError, json.JSONDecodeError) as e: + logging.error("Error reading %s: %s", manifest_file, e) return 1, f"Error reading {manifest_file}" - # ---------------------------------------------------- - # 2) Text-based / line-based manifests - # ---------------------------------------------------- - # Define a dictionary of patterns for common manifest types - search_patterns = { - "package.json": rf'"{packagename}":\s*"{packageversion}"', - "yarn.lock": rf'{packagename}@{packageversion}', - "pnpm-lock.yaml": rf'"{re.escape(packagename)}"\s*:\s*\{{[^}}]*"version":\s*"{re.escape(packageversion)}"', - "requirements.txt": rf'^{re.escape(packagename)}\s*(?:==|===|!=|>=|<=|~=|\s+)?\s*{re.escape(packageversion)}(?:\s*;.*)?$', - "pyproject.toml": rf'{packagename}\s*=\s*"{packageversion}"', - "Pipfile": rf'"{packagename}"\s*=\s*"{packageversion}"', - "go.mod": rf'require\s+{re.escape(packagename)}\s+{re.escape(packageversion)}', - "go.sum": rf'{re.escape(packagename)}\s+{re.escape(packageversion)}', - "pom.xml": rf'{re.escape(packagename)}\s*{re.escape(packageversion)}', - "build.gradle": rf'implementation\s+"{re.escape(packagename)}:{re.escape(packageversion)}"', - "Gemfile": rf'gem\s+"{re.escape(packagename)}",\s*"{re.escape(packageversion)}"', - "Gemfile.lock": rf'\s+{re.escape(packagename)}\s+\({re.escape(packageversion)}\)', - ".csproj": rf'', - ".fsproj": rf'', - "paket.dependencies": rf'nuget\s+{re.escape(packagename)}\s+{re.escape(packageversion)}', - "Cargo.toml": rf'{re.escape(packagename)}\s*=\s*"{re.escape(packageversion)}"', - "build.sbt": rf'"{re.escape(packagename)}"\s*%\s*"{re.escape(packageversion)}"', - "Podfile": rf'pod\s+"{re.escape(packagename)}",\s*"{re.escape(packageversion)}"', - "Package.swift": rf'\.package\(name:\s*"{re.escape(packagename)}",\s*url:\s*".*?",\s*version:\s*"{re.escape(packageversion)}"\)', - "mix.exs": rf'\{{:{re.escape(packagename)},\s*"{re.escape(packageversion)}"\}}', - "composer.json": rf'"{re.escape(packagename)}":\s*"{re.escape(packageversion)}"', - "conanfile.txt": rf'{re.escape(packagename)}/{re.escape(packageversion)}', - "vcpkg.json": rf'"{re.escape(packagename)}":\s*"{re.escape(packageversion)}"', - } - - # If no specific pattern is found for this file name, fallback to a naive approach - searchstring = search_patterns.get(file_type, rf'{re.escape(packagename)}.*{re.escape(packageversion)}') + # For pnpm-lock.yaml, use a special regex pattern. + if file_type.lower() == "pnpm-lock.yaml": + searchstring = rf'^\s*/{re.escape(packagename)}/{re.escape(packageversion)}:' + else: + search_patterns = { + "package.json": rf'"{packagename}":\s*"[\^~]?{re.escape(packageversion)}"', + "yarn.lock": rf'{packagename}@{packageversion}', + "requirements.txt": rf'^{re.escape(packagename)}\s*(?:==|===|!=|>=|<=|~=|\s+)?\s*{re.escape(packageversion)}(?:\s*;.*)?$', + "pyproject.toml": rf'{packagename}\s*=\s*"{re.escape(packageversion)}"', + "Pipfile": rf'"{packagename}"\s*=\s*"{re.escape(packageversion)}"', + "go.mod": rf'require\s+{re.escape(packagename)}\s+{re.escape(packageversion)}', + "go.sum": rf'{re.escape(packagename)}\s+{re.escape(packageversion)}', + "pom.xml": rf'{re.escape(packagename)}\s*{re.escape(packageversion)}', + "build.gradle": rf'implementation\s+"{re.escape(packagename)}:{re.escape(packageversion)}"', + "Gemfile": rf'gem\s+"{re.escape(packagename)}",\s*"{re.escape(packageversion)}"', + "Gemfile.lock": rf'\s+{re.escape(packagename)}\s+\({re.escape(packageversion)}\)', + ".csproj": rf'', + ".fsproj": rf'', + "paket.dependencies": rf'nuget\s+{re.escape(packagename)}\s+{re.escape(packageversion)}', + "Cargo.toml": rf'{re.escape(packagename)}\s*=\s*"{re.escape(packageversion)}"', + "build.sbt": rf'"{re.escape(packagename)}"\s*%\s*"{re.escape(packageversion)}"', + "Podfile": rf'pod\s+"{re.escape(packagename)}",\s*"{re.escape(packageversion)}"', + "Package.swift": rf'\.package\(name:\s*"{re.escape(packagename)}",\s*url:\s*".*?",\s*version:\s*"{re.escape(packageversion)}"\)', + "mix.exs": rf'\{{:{re.escape(packagename)},\s*"{re.escape(packageversion)}"\}}', + "composer.json": rf'"{re.escape(packagename)}":\s*"{re.escape(packageversion)}"', + "conanfile.txt": rf'{re.escape(packagename)}/{re.escape(packageversion)}', + "vcpkg.json": rf'"{re.escape(packagename)}":\s*"{re.escape(packageversion)}"', + } + searchstring = search_patterns.get(file_type, rf'{re.escape(packagename)}.*{re.escape(packageversion)}') + logging.debug("Using search pattern for %s: %s", file_type, searchstring) try: - # Read file lines and search for a match with open(manifest_file, 'r', encoding="utf-8") as file: lines = [line.rstrip("\n") for line in file] + logging.debug("Total lines in %s: %d", manifest_file, len(lines)) for line_number, line_content in enumerate(lines, start=1): - # For Python conditional dependencies, ignore everything after first ';' line_main = line_content.split(";", 1)[0].strip() - - # Use a case-insensitive regex search if re.search(searchstring, line_main, re.IGNORECASE): + logging.debug("Match found at line %d in %s: %s", line_number, manifest_file, line_content.strip()) return line_number, line_content.strip() - except FileNotFoundError: return 1, f"{manifest_file} not found" except Exception as e: @@ -181,7 +157,6 @@ def get_manifest_type_url(manifest_file: str, pkg_name: str, pkg_version: str) - "composer.json": "composer", "vcpkg.json": "vcpkg", } - file_type = Path(manifest_file).name url_prefix = manifest_to_url_prefix.get(file_type, "unknown") return f"https://socket.dev/{url_prefix}/package/{pkg_name}/alerts/{pkg_version}" @@ -191,29 +166,33 @@ def create_security_comment_sarif(diff) -> dict: """ Create SARIF-compliant output from the diff report, including dynamic URL generation based on manifest type and improved
    formatting for GitHub SARIF display. + + This function now: + - Processes every alert in diff.new_alerts. + - For alerts with multiple manifest files, generates an individual SARIF result for each file. + - Appends the manifest file name to the rule ID and name to make each result unique. + - Does NOT fall back to 'requirements.txt' if no manifest file is provided. + - Adds detailed logging to validate our assumptions. + """ - scan_failed = False if len(diff.new_alerts) == 0: for alert in diff.new_alerts: - alert: Issue if alert.error: - scan_failed = True break + sarif_data = { "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "version": "2.1.0", - "runs": [ - { - "tool": { - "driver": { - "name": "Socket Security", - "informationUri": "https://socket.dev", - "rules": [] - } - }, - "results": [] - } - ] + "runs": [{ + "tool": { + "driver": { + "name": "Socket Security", + "informationUri": "https://socket.dev", + "rules": [] + } + }, + "results": [] + }] } rules_map = {} @@ -222,60 +201,77 @@ def create_security_comment_sarif(diff) -> dict: for alert in diff.new_alerts: pkg_name = alert.pkg_name pkg_version = alert.pkg_version - rule_id = f"{pkg_name}=={pkg_version}" + base_rule_id = f"{pkg_name}=={pkg_version}" severity = alert.severity - # Generate the correct URL for the alert based on manifest type - introduced_list = alert.introduced_by - manifest_file = introduced_list[0][1] if introduced_list and isinstance(introduced_list[0], list) else alert.manifests or "requirements.txt" - socket_url = Messages.get_manifest_type_url(manifest_file, pkg_name, pkg_version) - - # Prepare descriptions with
    replacements - short_desc = f"{alert.props.get('note', '')}

    Suggested Action:
    {alert.suggestion}
    {socket_url}" - full_desc = "{} - {}".format(alert.title, alert.description.replace('\r\n', '
    ')) - - # Identify the line and snippet in the manifest file - line_number, line_content = Messages.find_line_in_file(pkg_name, pkg_version, manifest_file) - if line_number < 1: - line_number = 1 # Ensure SARIF compliance - - # Create the rule if not already defined - if rule_id not in rules_map: - rules_map[rule_id] = { - "id": rule_id, - "name": f"{pkg_name}=={pkg_version}", - "shortDescription": {"text": f"Alert generated for {rule_id} by Socket Security"}, - "fullDescription": {"text": full_desc}, - "helpUri": socket_url, - "defaultConfiguration": { - "level": Messages.map_severity_to_sarif(severity) - }, - } + logging.debug("Alert %s - introduced_by: %s, manifests: %s", base_rule_id, alert.introduced_by, getattr(alert, 'manifests', None)) + manifest_files = [] + if alert.introduced_by and isinstance(alert.introduced_by, list): + for entry in alert.introduced_by: + if isinstance(entry, (list, tuple)) and len(entry) >= 2: + files = [f.strip() for f in entry[1].split(";") if f.strip()] + manifest_files.extend(files) + elif isinstance(entry, str): + manifest_files.extend([m.strip() for m in entry.split(";") if m.strip()]) + elif hasattr(alert, 'manifests') and alert.manifests: + manifest_files = [mf.strip() for mf in alert.manifests.split(";") if mf.strip()] + + logging.debug("Alert %s - extracted manifest_files: %s", base_rule_id, manifest_files) + if not manifest_files: + logging.error("Alert %s: No manifest file found; cannot determine file location.", base_rule_id) + continue + + logging.debug("Alert %s - using manifest_files for processing: %s", base_rule_id, manifest_files) + + # Create an individual SARIF result for each manifest file. + for mf in manifest_files: + logging.debug("Alert %s - Processing manifest file: %s", base_rule_id, mf) + socket_url = Messages.get_manifest_type_url(mf, pkg_name, pkg_version) + line_number, line_content = Messages.find_line_in_file(pkg_name, pkg_version, mf) + if line_number < 1: + line_number = 1 + logging.debug("Alert %s: Manifest %s, line %d: %s", base_rule_id, mf, line_number, line_content) + + # Create a unique rule id and name by appending the manifest file. + unique_rule_id = f"{base_rule_id} ({mf})" + rule_name = f"Alert {base_rule_id} ({mf})" + + short_desc = (f"{alert.props.get('note', '')}

    Suggested Action:
    {alert.suggestion}" + f"
    {socket_url}") + full_desc = "{} - {}".format(alert.title, alert.description.replace('\r\n', '
    ')) + + if unique_rule_id not in rules_map: + rules_map[unique_rule_id] = { + "id": unique_rule_id, + "name": rule_name, + "shortDescription": {"text": rule_name}, + "fullDescription": {"text": full_desc}, + "helpUri": socket_url, + "defaultConfiguration": { + "level": Messages.map_severity_to_sarif(severity) + }, + } - # Add the SARIF result - result_obj = { - "ruleId": rule_id, - "message": {"text": short_desc}, - "locations": [ - { + result_obj = { + "ruleId": unique_rule_id, + "message": {"text": short_desc}, + "locations": [{ "physicalLocation": { - "artifactLocation": {"uri": manifest_file}, + "artifactLocation": {"uri": mf}, "region": { "startLine": line_number, "snippet": {"text": line_content}, }, } - } - ], - } - results_list.append(result_obj) + }] + } + results_list.append(result_obj) - # Attach rules and results sarif_data["runs"][0]["tool"]["driver"]["rules"] = list(rules_map.values()) sarif_data["runs"][0]["results"] = results_list return sarif_data - + @staticmethod def create_security_comment_json(diff: Diff) -> dict: scan_failed = False From 9b4ad3d5e71680244e0d9139fba0e9fcb297036a Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Fri, 7 Mar 2025 15:12:57 -0800 Subject: [PATCH 042/149] Now using supported files SDK endpoint for file globs (#60) * Now using supported files SDK endpoint for file globs --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 93 +++++++++++++++++++++++---------- 3 files changed, 67 insertions(+), 30 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 060b69d..6ea62cf 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -13,7 +13,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.0.8' + 'socket-sdk-python>=2.0.9' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c554d9c..96db43f 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.10' +__version__ = '2.0.11' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 10548f5..b38358b 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -123,8 +123,7 @@ def create_sbom_output(self, diff: Diff) -> dict: log.error(result.get("message", "No error message provided")) return {} - @staticmethod - def find_files(path: str) -> List[str]: + def find_files(self, path: str) -> List[str]: """ Finds supported manifest files in the given path. @@ -138,10 +137,19 @@ def find_files(path: str) -> List[str]: start_time = time.time() files = set() - for ecosystem in socket_globs: - patterns = socket_globs[ecosystem] - for file_name in patterns: - pattern = Core.to_case_insensitive_regex(patterns[file_name]["pattern"]) + # Get supported patterns from the API + try: + patterns = self.get_supported_patterns() + except Exception as e: + log.error(f"Error getting supported patterns from API: {e}") + log.warning("Falling back to local patterns") + from .utils import socket_globs as fallback_patterns + patterns = fallback_patterns + + for ecosystem in patterns: + ecosystem_patterns = patterns[ecosystem] + for file_name in ecosystem_patterns: + pattern = Core.to_case_insensitive_regex(ecosystem_patterns[file_name]["pattern"]) file_path = f"{path}/**/{pattern}" #log.debug(f"Globbing {file_path}") glob_start = time.time() @@ -164,6 +172,57 @@ def find_files(path: str) -> List[str]: log.debug(f"{len(files_list)} Files found ({total_time:.2f}s): {', '.join(files_list)}") return list(files) + def get_supported_patterns(self) -> Dict: + """ + Gets supported file patterns from the Socket API. + + Returns: + Dictionary of supported file patterns with 'general' key removed + """ + response = self.sdk.report.supported() + if not response: + log.error("Failed to get supported patterns from API") + # Import the old patterns as fallback + from .utils import socket_globs + return socket_globs + + # Remove the 'general' key if it exists + if 'general' in response: + response.pop('general') + + # The response is already in the format we need + return response + + def has_manifest_files(self, files: list) -> bool: + """ + Checks if any files in the list are supported manifest files. + + Args: + files: List of file paths to check + + Returns: + True if any files match manifest patterns, False otherwise + """ + # Get supported patterns + try: + patterns = self.get_supported_patterns() + except Exception as e: + log.error(f"Error getting supported patterns from API: {e}") + log.warning("Falling back to local patterns") + from .utils import socket_globs as fallback_patterns + patterns = fallback_patterns + + for ecosystem in patterns: + ecosystem_patterns = patterns[ecosystem] + for file_name in ecosystem_patterns: + pattern_str = ecosystem_patterns[file_name]["pattern"] + for file in files: + if "\\" in file: + file = file.replace("\\", "/") + if PurePath(file).match(pattern_str): + return True + return False + @staticmethod def to_case_insensitive_regex(input_string: str) -> str: """ @@ -740,28 +799,6 @@ def save_file(file_name: str, content: str) -> None: log.error(f"Failed to save file {file_name}: {e}") raise - @staticmethod - def has_manifest_files(files: list) -> bool: - """ - Checks if any files in the list are supported manifest files. - - Args: - files: List of file paths to check - - Returns: - True if any files match manifest patterns, False otherwise - """ - for ecosystem in socket_globs: - patterns = socket_globs[ecosystem] - for file_name in patterns: - pattern = patterns[file_name]["pattern"] - for file in files: - if "\\" in file: - file = file.replace("\\", "/") - if PurePath(file).match(pattern): - return True - return False - @staticmethod def get_capabilities_for_added_packages(added_packages: Dict[str, Package]) -> Dict[str, List[str]]: """ From a5c98def94da87347a2d85402d4825830b3ef2ce Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Mon, 10 Mar 2025 15:34:16 -0700 Subject: [PATCH 043/149] use types in create repo --- socketsecurity/core/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index b38358b..6ecf29c 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -397,7 +397,7 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br # raise Exception(f"Failed to get repository info: {response.status}, message: {response.message}") except APIFailure: log.warning(f"Failed to get repository {repo_slug}, attempting to create it") - create_response = self.sdk.repos.post(self.config.org_slug, name=repo_slug, default_branch=default_branch) + create_response = self.sdk.repos.post(self.config.org_slug, name=repo_slug, default_branch=default_branch, use_types=True) if not create_response.success: log.error(f"Failed to create repository: {create_response.status}") log.error(create_response.message) From b4e35b29e27d31517b7fd9d02105e3dd37e49b57 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Mon, 10 Mar 2025 15:56:59 -0700 Subject: [PATCH 044/149] fixed logging and create repo handling --- socketsecurity/core/__init__.py | 26 +++++++++++++++++--------- socketsecurity/core/logging.py | 19 +++++++++++++++++-- 2 files changed, 34 insertions(+), 11 deletions(-) diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 6ecf29c..0a8b773 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -397,15 +397,23 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br # raise Exception(f"Failed to get repository info: {response.status}, message: {response.message}") except APIFailure: log.warning(f"Failed to get repository {repo_slug}, attempting to create it") - create_response = self.sdk.repos.post(self.config.org_slug, name=repo_slug, default_branch=default_branch, use_types=True) - if not create_response.success: - log.error(f"Failed to create repository: {create_response.status}") - log.error(create_response.message) - raise Exception( - f"Failed to create repository: {create_response.status}, message: {create_response.message}" - ) - else: - return create_response.data + try: + # Remove use_types=True since post() doesn't support it + create_response = self.sdk.repos.post(self.config.org_slug, name=repo_slug, default_branch=default_branch) + + # Check if the response is empty (failure) or has content (success) + if not create_response: + log.error("Failed to create repository: empty response") + raise Exception("Failed to create repository: empty response") + else: + # If we got here, create_response is a dictionary with the repository data + return create_response # This is already the repository data + + except APIFailure as e: + # Handle API failures from the post request + log.error(f"API failure while creating repository: {e}") + sys.exit(2) # Exit here with code 2. Code 1 indicates a successfully-detected security issue. + return response.data def get_head_scan_for_repo(self, repo_slug: str) -> str: diff --git a/socketsecurity/core/logging.py b/socketsecurity/core/logging.py index c0ff12d..25601d9 100644 --- a/socketsecurity/core/logging.py +++ b/socketsecurity/core/logging.py @@ -1,5 +1,6 @@ import logging + def initialize_logging( level: int = logging.INFO, format: str = "%(asctime)s: %(message)s", @@ -23,10 +24,24 @@ def initialize_logging( cli_logger = logging.getLogger(cli_logger_name) cli_logger.setLevel(level) + # Explicitly set urllib3 logger to WARNING to prevent debug messages + # when not in debug mode + urllib3_logger = logging.getLogger("urllib3") + urllib3_logger.setLevel(logging.WARNING) + + # Also set git logger to WARNING + git_logger = logging.getLogger("git") + git_logger.setLevel(logging.WARNING) + return socket_logger, cli_logger -def set_debug_mode(enable: bool = True) -> None: +def set_debug_mode(enable: bool = False) -> None: """Toggle debug logging across all loggers""" level = logging.DEBUG if enable else logging.INFO logging.getLogger("socketdev").setLevel(level) - logging.getLogger("socketcli").setLevel(level) \ No newline at end of file + logging.getLogger("socketcli").setLevel(level) + + # Also update urllib3 and git loggers when debug mode changes + urllib3_level = logging.DEBUG if enable else logging.WARNING + logging.getLogger("urllib3").setLevel(urllib3_level) + logging.getLogger("git").setLevel(urllib3_level) \ No newline at end of file From 4305f9af7c9e256cc31a35f8529ebd26cd8e722c Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Mon, 10 Mar 2025 15:58:58 -0700 Subject: [PATCH 045/149] bumped version --- socketsecurity/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 96db43f..1c645f0 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.11' +__version__ = '2.0.12' From 5aa87310618374bcfd0df7d8baac9dba83747227 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Mon, 10 Mar 2025 16:01:35 -0700 Subject: [PATCH 046/149] cleanup --- socketsecurity/core/__init__.py | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 0a8b773..3d3a555 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -394,11 +394,10 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br if not response.success: log.error(f"Failed to get repository: {response.status}") log.error(response.message) - # raise Exception(f"Failed to get repository info: {response.status}, message: {response.message}") except APIFailure: log.warning(f"Failed to get repository {repo_slug}, attempting to create it") try: - # Remove use_types=True since post() doesn't support it + create_response = self.sdk.repos.post(self.config.org_slug, name=repo_slug, default_branch=default_branch) # Check if the response is empty (failure) or has content (success) @@ -406,11 +405,9 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br log.error("Failed to create repository: empty response") raise Exception("Failed to create repository: empty response") else: - # If we got here, create_response is a dictionary with the repository data - return create_response # This is already the repository data + return create_response except APIFailure as e: - # Handle API failures from the post request log.error(f"API failure while creating repository: {e}") sys.exit(2) # Exit here with code 2. Code 1 indicates a successfully-detected security issue. From 5d949d8196dafe9761d988bc3094c9e79b84dd90 Mon Sep 17 00:00:00 2001 From: Eric Hibbs Date: Mon, 10 Mar 2025 16:42:39 -0700 Subject: [PATCH 047/149] fixed logging issue and reverted random stuff --- socketsecurity/core/logging.py | 13 ---------- socketsecurity/core/messages.py | 44 ++++++++++++++++----------------- 2 files changed, 21 insertions(+), 36 deletions(-) diff --git a/socketsecurity/core/logging.py b/socketsecurity/core/logging.py index 25601d9..9e61dae 100644 --- a/socketsecurity/core/logging.py +++ b/socketsecurity/core/logging.py @@ -24,14 +24,6 @@ def initialize_logging( cli_logger = logging.getLogger(cli_logger_name) cli_logger.setLevel(level) - # Explicitly set urllib3 logger to WARNING to prevent debug messages - # when not in debug mode - urllib3_logger = logging.getLogger("urllib3") - urllib3_logger.setLevel(logging.WARNING) - - # Also set git logger to WARNING - git_logger = logging.getLogger("git") - git_logger.setLevel(logging.WARNING) return socket_logger, cli_logger @@ -40,8 +32,3 @@ def set_debug_mode(enable: bool = False) -> None: level = logging.DEBUG if enable else logging.INFO logging.getLogger("socketdev").setLevel(level) logging.getLogger("socketcli").setLevel(level) - - # Also update urllib3 and git loggers when debug mode changes - urllib3_level = logging.DEBUG if enable else logging.WARNING - logging.getLogger("urllib3").setLevel(urllib3_level) - logging.getLogger("git").setLevel(urllib3_level) \ No newline at end of file diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 2940e3d..25a29d8 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -1,16 +1,14 @@ import json -import os -import re -import json import logging -logging.basicConfig(level=logging.DEBUG) - +import re from pathlib import Path + from mdutils import MdUtils from prettytable import PrettyTable from socketsecurity.core.classes import Diff, Issue, Purl +log = logging.getLogger("socketcli") class Messages: @@ -46,13 +44,13 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) - Uses regex patterns to detect a match line by line """ file_type = Path(manifest_file).name - logging.debug("Processing file for line lookup: %s", manifest_file) + log.debug("Processing file for line lookup: %s", manifest_file) if file_type in ["package-lock.json", "Pipfile.lock", "composer.lock"]: try: with open(manifest_file, "r", encoding="utf-8") as f: raw_text = f.read() - logging.debug("Read %d characters from %s", len(raw_text), manifest_file) + log.debug("Read %d characters from %s", len(raw_text), manifest_file) data = json.loads(raw_text) packages_dict = ( data.get("packages") @@ -60,7 +58,7 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) or data.get("dependencies") or {} ) - logging.debug("Found package keys in %s: %s", manifest_file, list(packages_dict.keys())) + log.debug("Found package keys in %s: %s", manifest_file, list(packages_dict.keys())) found_key = None found_info = None for key, value in packages_dict.items(): @@ -72,16 +70,16 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) if found_key and found_info: needle_key = f'"{found_key}":' lines = raw_text.splitlines() - logging.debug("Total lines in %s: %d", manifest_file, len(lines)) + log.debug("Total lines in %s: %d", manifest_file, len(lines)) for i, line in enumerate(lines, start=1): if needle_key in line: - logging.debug("Found match at line %d in %s: %s", i, manifest_file, line.strip()) + log.debug("Found match at line %d in %s: %s", i, manifest_file, line.strip()) return i, line.strip() return 1, f'"{found_key}": {found_info}' else: return 1, f"{packagename} {packageversion} (not found in {manifest_file})" except (FileNotFoundError, json.JSONDecodeError) as e: - logging.error("Error reading %s: %s", manifest_file, e) + log.error("Error reading %s: %s", manifest_file, e) return 1, f"Error reading {manifest_file}" # For pnpm-lock.yaml, use a special regex pattern. @@ -114,15 +112,15 @@ def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) } searchstring = search_patterns.get(file_type, rf'{re.escape(packagename)}.*{re.escape(packageversion)}') - logging.debug("Using search pattern for %s: %s", file_type, searchstring) + log.debug("Using search pattern for %s: %s", file_type, searchstring) try: with open(manifest_file, 'r', encoding="utf-8") as file: lines = [line.rstrip("\n") for line in file] - logging.debug("Total lines in %s: %d", manifest_file, len(lines)) + log.debug("Total lines in %s: %d", manifest_file, len(lines)) for line_number, line_content in enumerate(lines, start=1): line_main = line_content.split(";", 1)[0].strip() if re.search(searchstring, line_main, re.IGNORECASE): - logging.debug("Match found at line %d in %s: %s", line_number, manifest_file, line_content.strip()) + log.debug("Match found at line %d in %s: %s", line_number, manifest_file, line_content.strip()) return line_number, line_content.strip() except FileNotFoundError: return 1, f"{manifest_file} not found" @@ -172,8 +170,8 @@ def create_security_comment_sarif(diff) -> dict: - For alerts with multiple manifest files, generates an individual SARIF result for each file. - Appends the manifest file name to the rule ID and name to make each result unique. - Does NOT fall back to 'requirements.txt' if no manifest file is provided. - - Adds detailed logging to validate our assumptions. - + - Adds detailed log to validate our assumptions. + """ if len(diff.new_alerts) == 0: for alert in diff.new_alerts: @@ -204,7 +202,7 @@ def create_security_comment_sarif(diff) -> dict: base_rule_id = f"{pkg_name}=={pkg_version}" severity = alert.severity - logging.debug("Alert %s - introduced_by: %s, manifests: %s", base_rule_id, alert.introduced_by, getattr(alert, 'manifests', None)) + log.debug("Alert %s - introduced_by: %s, manifests: %s", base_rule_id, alert.introduced_by, getattr(alert, 'manifests', None)) manifest_files = [] if alert.introduced_by and isinstance(alert.introduced_by, list): for entry in alert.introduced_by: @@ -216,21 +214,21 @@ def create_security_comment_sarif(diff) -> dict: elif hasattr(alert, 'manifests') and alert.manifests: manifest_files = [mf.strip() for mf in alert.manifests.split(";") if mf.strip()] - logging.debug("Alert %s - extracted manifest_files: %s", base_rule_id, manifest_files) + log.debug("Alert %s - extracted manifest_files: %s", base_rule_id, manifest_files) if not manifest_files: - logging.error("Alert %s: No manifest file found; cannot determine file location.", base_rule_id) + log.error("Alert %s: No manifest file found; cannot determine file location.", base_rule_id) continue - logging.debug("Alert %s - using manifest_files for processing: %s", base_rule_id, manifest_files) + log.debug("Alert %s - using manifest_files for processing: %s", base_rule_id, manifest_files) # Create an individual SARIF result for each manifest file. for mf in manifest_files: - logging.debug("Alert %s - Processing manifest file: %s", base_rule_id, mf) + log.debug("Alert %s - Processing manifest file: %s", base_rule_id, mf) socket_url = Messages.get_manifest_type_url(mf, pkg_name, pkg_version) line_number, line_content = Messages.find_line_in_file(pkg_name, pkg_version, mf) if line_number < 1: line_number = 1 - logging.debug("Alert %s: Manifest %s, line %d: %s", base_rule_id, mf, line_number, line_content) + log.debug("Alert %s: Manifest %s, line %d: %s", base_rule_id, mf, line_number, line_content) # Create a unique rule id and name by appending the manifest file. unique_rule_id = f"{base_rule_id} ({mf})" @@ -271,7 +269,7 @@ def create_security_comment_sarif(diff) -> dict: sarif_data["runs"][0]["results"] = results_list return sarif_data - + @staticmethod def create_security_comment_json(diff: Diff) -> dict: scan_failed = False From 32a8bf72f3222c79b42229d436e1d8e593c17e1a Mon Sep 17 00:00:00 2001 From: Douglas Date: Fri, 14 Mar 2025 16:40:16 +0000 Subject: [PATCH 048/149] Added back BASE_API_URL for the Socket API base (#62) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/socket_config.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 1c645f0..ebdf23a 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.12' +__version__ = '2.0.13' diff --git a/socketsecurity/core/socket_config.py b/socketsecurity/core/socket_config.py index 9e0726c..4c25542 100644 --- a/socketsecurity/core/socket_config.py +++ b/socketsecurity/core/socket_config.py @@ -1,6 +1,7 @@ from dataclasses import dataclass from typing import Dict, Optional from urllib.parse import urlparse +import os from socketsecurity.core.issues import AllIssues @@ -8,7 +9,7 @@ @dataclass class SocketConfig: api_key: str - api_url: str = "https://api.socket.dev/v0" + api_url: str = os.getenv("BASE_API_URL", "https://api.socket.dev/v0") timeout: int = 1200 allow_unverified_ssl: bool = False org_id: Optional[str] = None From ec4e7f74819d17ddc4f7294bd0f705dfcf45ebff Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 18 Mar 2025 16:53:45 -0700 Subject: [PATCH 049/149] Doug/fix supported files (#63) * Fix for converting supported files patterns to proper globs * Version bump for deploy * Removed duplicate function --- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 2 +- socketsecurity/core/__init__.py | 77 +++++++++++++++++++++------------ 3 files changed, 52 insertions(+), 29 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index ebdf23a..b8c6665 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.13' +__version__ = '2.0.14' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 24a9eca..f46a6aa 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -55,7 +55,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'pr_number': args.pr_number, 'commit_message': commit_message, 'default_branch': args.default_branch, - 'target_path': args.target_path, + 'target_path': os.path.expanduser(args.target_path), 'scm': args.scm, 'sbom_file': args.sbom_file, 'commit_sha': args.commit_sha, diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 3d3a555..7fc4c80 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -5,8 +5,8 @@ from dataclasses import asdict from glob import glob from pathlib import PurePath -from typing import BinaryIO, Dict, List, Tuple - +from typing import BinaryIO, Dict, List, Tuple, Set +import re from socketdev import socketdev from socketdev.exceptions import APIFailure from socketdev.fullscans import FullScanParams, SocketArtifact @@ -123,19 +123,42 @@ def create_sbom_output(self, diff: Diff) -> dict: log.error(result.get("message", "No error message provided")) return {} + @staticmethod + def expand_brace_pattern(pattern: str) -> List[str]: + """ + Expands brace expressions (e.g., {a,b,c}) into separate patterns. + """ + brace_regex = re.compile(r"\{([^{}]+)\}") + + # Expand all brace groups + expanded_patterns = [pattern] + while any("{" in p for p in expanded_patterns): + new_patterns = [] + for pat in expanded_patterns: + match = brace_regex.search(pat) + if match: + options = match.group(1).split(",") # Extract values inside {} + prefix, suffix = pat[:match.start()], pat[match.end():] + new_patterns.extend([prefix + opt + suffix for opt in options]) + else: + new_patterns.append(pat) + expanded_patterns = new_patterns + + return expanded_patterns + def find_files(self, path: str) -> List[str]: """ Finds supported manifest files in the given path. Args: - path: Path to search for manifest files + path: Path to search for manifest files. Returns: - List of found manifest file paths + List of found manifest file paths. """ log.debug("Starting Find Files") start_time = time.time() - files = set() + files: Set[str] = set() # Get supported patterns from the API try: @@ -149,28 +172,28 @@ def find_files(self, path: str) -> List[str]: for ecosystem in patterns: ecosystem_patterns = patterns[ecosystem] for file_name in ecosystem_patterns: - pattern = Core.to_case_insensitive_regex(ecosystem_patterns[file_name]["pattern"]) - file_path = f"{path}/**/{pattern}" - #log.debug(f"Globbing {file_path}") - glob_start = time.time() - glob_files = glob(file_path, recursive=True) - for glob_file in glob_files: - # Only add if it's a file, not a directory - if glob_file not in files and os.path.isfile(glob_file): - files.add(glob_file) - glob_end = time.time() - glob_total_time = glob_end - glob_start - #log.debug(f"Glob for pattern {file_path} took {glob_total_time:.2f} seconds") - - log.debug("Finished Find Files") - end_time = time.time() - total_time = end_time - start_time - files_list = list(files) - if len(files_list) > 5: - log.debug(f"{len(files_list)} Files found ({total_time:.2f}s): {', '.join(files_list[:5])}, ...") - else: - log.debug(f"{len(files_list)} Files found ({total_time:.2f}s): {', '.join(files_list)}") - return list(files) + original_pattern = ecosystem_patterns[file_name]["pattern"] + + # Expand brace patterns + expanded_patterns = Core.expand_brace_pattern(original_pattern) + + for pattern in expanded_patterns: + case_insensitive_pattern = Core.to_case_insensitive_regex(pattern) + file_path = os.path.join(path, "**", case_insensitive_pattern) + + log.debug(f"Globbing {file_path}") + glob_start = time.time() + glob_files = glob(file_path, recursive=True) + + for glob_file in glob_files: + if os.path.isfile(glob_file): + files.add(glob_file) + + glob_end = time.time() + log.debug(f"Globbing took {glob_end - glob_start:.4f} seconds") + + log.debug(f"Total files found: {len(files)}") + return sorted(files) def get_supported_patterns(self) -> Dict: """ From b17e947cc599b1e3d1de7f87f6812052a26c5ca3 Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 31 Mar 2025 20:37:01 -0700 Subject: [PATCH 050/149] Fixed the ability to override the API URL for Socket Requests (#64) * Fixed the ability to override the API URL for Socket Requests * Changed over to hatchling for releases * Updated release workflows for hatchling build * Adding needed modules for build * Added pre-commit hook to sync tag to version in file * Fixing pr-release for hatch logic * Bumping version for deploy * Fixing build process * Change build process for PR build * Added permissions for Trusted Publishing * Fixed typo in preview logic * Removing unneeded command breaking build * Add debug for build process * Bump version * Added workaround for naming bug when pushing via OIDC * Moving to static version and pre commit hook to fix version publishing issue * Adding back in auto increment of version * testing version bump * Updating version logic * Updated pre-commit hook * version bumped --- .github/workflows/pr-preview.yml | 54 ++++++----------- .github/workflows/release.yml | 24 ++++---- .hooks/sync_version.py | 99 ++++++++++++++++++++++++++++++++ .pre-commit-config.yaml | 9 +++ Pipfile.lock | 4 +- docs/README.md | 10 ++++ pyproject.toml | 30 +++++----- requirements-dev.lock | 5 +- requirements.lock | 3 +- socketsecurity/__init__.py | 3 +- socketsecurity/socketcli.py | 1 + 11 files changed, 171 insertions(+), 71 deletions(-) create mode 100644 .hooks/sync_version.py create mode 100644 .pre-commit-config.yaml create mode 100644 docs/README.md diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index 8f455fb..8c706ac 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -6,8 +6,14 @@ on: jobs: preview: runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + pull-requests: write steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - uses: actions/setup-python@v5 with: python-version: '3.x' @@ -16,56 +22,30 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install -e . - - - name: Set preview version - run: | - BASE_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)") - PREVIEW_VERSION="${BASE_VERSION}.dev${{ github.event.pull_request.number }}${{ github.event.pull_request.commits }}" - echo "VERSION=${PREVIEW_VERSION}" >> $GITHUB_ENV + pip install hatchling==1.27.0 hatch==1.14.0 - # Update version in __init__.py - echo "__version__ = \"${PREVIEW_VERSION}\"" > socketsecurity/__init__.py.tmp - cat socketsecurity/__init__.py | grep -v "__version__" >> socketsecurity/__init__.py.tmp - mv socketsecurity/__init__.py.tmp socketsecurity/__init__.py + - name: Inject full dynamic version + run: python .hooks/sync_version.py --dev - # Verify the change - echo "Updated version in __init__.py:" - python -c "from socketsecurity import __version__; print(__version__)" + - name: Clean previous builds + run: rm -rf dist/ build/ *.egg-info - - name: Check if version exists on Test PyPI - id: version_check - env: - VERSION: ${{ env.VERSION }} + - name: Get Hatch version + id: version run: | - if curl -s -f https://test.pypi.org/pypi/socketsecurity/$VERSION/json > /dev/null; then - echo "Version ${VERSION} already exists on Test PyPI" - echo "exists=true" >> $GITHUB_OUTPUT - else - echo "Version ${VERSION} not found on Test PyPI" - echo "exists=false" >> $GITHUB_OUTPUT - fi + VERSION=$(hatch version | cut -d+ -f1) + echo "VERSION=$VERSION" >> $GITHUB_ENV - name: Build package if: steps.version_check.outputs.exists != 'true' run: | - pip install build - python -m build - - - name: Restore original version - if: always() - run: | - BASE_VERSION=$(echo $VERSION | cut -d'.' -f1-3) - echo "__version__ = \"${BASE_VERSION}\"" > socketsecurity/__init__.py.tmp - cat socketsecurity/__init__.py | grep -v "__version__" >> socketsecurity/__init__.py.tmp - mv socketsecurity/__init__.py.tmp socketsecurity/__init__.py + hatch build - name: Publish to Test PyPI if: steps.version_check.outputs.exists != 'true' - uses: pypa/gh-action-pypi-publish@v1.8.11 + uses: pypa/gh-action-pypi-publish@v1.12.4 with: repository-url: https://test.pypi.org/legacy/ - password: ${{ secrets.TEST_PYPI_TOKEN }} verbose: true - name: Comment on PR diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index beb6cc9..0a5d0c6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,14 +1,18 @@ name: Release on: - push: - tags: - - 'v*' + release: + types: [published] jobs: release: runs-on: ubuntu-latest + permissions: + id-token: write + contents: read steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - uses: actions/setup-python@v5 with: python-version: '3.x' @@ -17,15 +21,15 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - pip install -e . + pip install hatchling==1.27.0 hatch==1.14.0 - name: Get Version id: version run: | - RAW_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)") + RAW_VERSION=$(hatch version) echo "VERSION=$RAW_VERSION" >> $GITHUB_ENV if [ "v$RAW_VERSION" != "${{ github.ref_name }}" ]; then - echo "Error: Git tag (${{ github.ref_name }}) does not match package version (v$RAW_VERSION)" + echo "Error: Git tag (${{ github.ref_name }}) does not match hatch version (v$RAW_VERSION)" exit 1 fi @@ -57,14 +61,12 @@ jobs: - name: Build package if: steps.version_check.outputs.pypi_exists != 'true' run: | - pip install build - python -m build + pip install hatchling + hatch build - name: Publish to PyPI if: steps.version_check.outputs.pypi_exists != 'true' - uses: pypa/gh-action-pypi-publish@v1.8.11 - with: - password: ${{ secrets.PYPI_TOKEN }} + uses: pypa/gh-action-pypi-publish@v1.12.4 - name: Login to Docker Hub uses: docker/login-action@v3 diff --git a/.hooks/sync_version.py b/.hooks/sync_version.py new file mode 100644 index 0000000..f26dd76 --- /dev/null +++ b/.hooks/sync_version.py @@ -0,0 +1,99 @@ +#!/usr/bin/env python3 +import subprocess +import pathlib +import re +import sys +import urllib.request +import json + +INIT_FILE = pathlib.Path("socketsecurity/__init__.py") +PYPROJECT_FILE = pathlib.Path("pyproject.toml") + +VERSION_PATTERN = re.compile(r"__version__\s*=\s*['\"]([^'\"]+)['\"]") +PYPROJECT_PATTERN = re.compile(r'^version\s*=\s*".*"$', re.MULTILINE) +PYPI_API = "https://test.pypi.org/pypi/socketsecurity/json" + +def read_version_from_init(path: pathlib.Path) -> str: + content = path.read_text() + match = VERSION_PATTERN.search(content) + if not match: + print(f"❌ Could not find __version__ in {path}") + sys.exit(1) + return match.group(1) + +def read_version_from_git(path: str) -> str: + try: + output = subprocess.check_output(["git", "show", f"HEAD:{path}"], text=True) + match = VERSION_PATTERN.search(output) + if not match: + return None + return match.group(1) + except subprocess.CalledProcessError: + return None + +def bump_patch_version(version: str) -> str: + if ".dev" in version: + version = version.split(".dev")[0] + parts = version.split(".") + parts[-1] = str(int(parts[-1]) + 1) + return ".".join(parts) + +def fetch_existing_versions() -> set: + try: + with urllib.request.urlopen(PYPI_API) as response: + data = json.load(response) + return set(data.get("releases", {}).keys()) + except Exception as e: + print(f"⚠️ Warning: Failed to fetch existing versions from Test PyPI: {e}") + return set() + +def find_next_available_dev_version(base_version: str) -> str: + existing_versions = fetch_existing_versions() + for i in range(1, 100): + candidate = f"{base_version}.dev{i}" + if candidate not in existing_versions: + return candidate + print("❌ Could not find available .devN slot after 100 attempts.") + sys.exit(1) + +def inject_version(version: str): + print(f"🔁 Updating version to: {version}") + + # Update __init__.py + init_content = INIT_FILE.read_text() + new_init_content = VERSION_PATTERN.sub(f"__version__ = '{version}'", init_content) + INIT_FILE.write_text(new_init_content) + + # Update pyproject.toml + pyproject = PYPROJECT_FILE.read_text() + if PYPROJECT_PATTERN.search(pyproject): + new_pyproject = PYPROJECT_PATTERN.sub(f'version = "{version}"', pyproject) + else: + new_pyproject = re.sub(r"(\[project\])", rf"\1\nversion = \"{version}\"", pyproject) + PYPROJECT_FILE.write_text(new_pyproject) + +def main(): + dev_mode = "--dev" in sys.argv + current_version = read_version_from_init(INIT_FILE) + previous_version = read_version_from_git("socketsecurity/__init__.py") + + print(f"Current: {current_version}, Previous: {previous_version}") + + if current_version == previous_version: + if dev_mode: + base_version = current_version.split(".dev")[0] if ".dev" in current_version else current_version + new_version = find_next_available_dev_version(base_version) + inject_version(new_version) + print("⚠️ Version was unchanged — auto-bumped. Please git add + commit again.") + sys.exit(0) + else: + new_version = bump_patch_version(current_version) + inject_version(new_version) + print("⚠️ Version was unchanged — auto-bumped. Please git add + commit again.") + sys.exit(1) + else: + print("✅ Version already bumped — proceeding.") + sys.exit(0) + +if __name__ == "__main__": + main() diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..d201e7f --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,9 @@ +repos: + - repo: local + hooks: + - id: sync-version + name: Sync __version__ with hatch version + entry: python .hooks/sync_version.py + language: python + always_run: true + pass_filenames: false \ No newline at end of file diff --git a/Pipfile.lock b/Pipfile.lock index b6df5da..77f078c 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "702ad05de9bc9de99a4807c8dde1686f31e0041d7b5f6f6b74861195a52110f5" + "sha256": "7e8ad3d0508bf0c279a648ee7a1873fc16334cf0b711f30b2dc54a1da68fef6c" }, "pipfile-spec": 6, "requires": { @@ -10,7 +10,7 @@ "sources": [ { "name": "pypi", - "url": "https://pypi.org/simple", + "url": "https://pypi.org/socketsecurity", "verify_ssl": true } ] diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 0000000..e6826fa --- /dev/null +++ b/docs/README.md @@ -0,0 +1,10 @@ +# 1. Clone the repo and create a virtualenv (Python 3.12+) +python3.12 -m venv .venv +source .venv/bin/activate + +# 2. Install dependencies +pip install --upgrade pip +pip install .[dev] + +# 3. Set up pre-commit hooks +pre-commit install diff --git a/pyproject.toml b/pyproject.toml index 6ea62cf..e720e60 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,11 +1,14 @@ [build-system] -requires = ["setuptools >= 61.0"] -build-backend = "setuptools.build_meta" +requires = [ + "hatchling" +] +build-backend = "hatchling.build" [project] name = "socketsecurity" -dynamic = ["version"] -requires-python = ">= 3.9" +version = "2.0.32" +requires-python = ">= 3.10" +license = {"file" = "LICENSE"} dependencies = [ 'requests', 'mdutils', @@ -13,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.0.9' + 'socket-sdk-python>=2.0.15' ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -43,6 +46,8 @@ dev = [ "ruff>=0.3.0", "twine", # for building "pip-tools>=7.4.0", # for pip-compile + "pre-commit", + "hatch" ] [project.scripts] @@ -51,16 +56,6 @@ socketcli = "socketsecurity.socketcli:cli" [project.urls] Homepage = "https://socket.dev" -[tool.setuptools.packages.find] -include = [ - "socketsecurity*" -] - -[tool.setuptools.dynamic] -version = {attr = "socketsecurity.__version__"} - - - [tool.coverage.run] source = ["socketsecurity"] branch = true @@ -163,4 +158,7 @@ docstring-code-format = false # # This only has an effect when the `docstring-code-format` setting is # enabled. -docstring-code-line-length = "dynamic" \ No newline at end of file +docstring-code-line-length = "dynamic" + +[tool.hatch.build.targets.wheel] +include = ["socketsecurity", "LICENSE"] \ No newline at end of file diff --git a/requirements-dev.lock b/requirements-dev.lock index 137e3e6..099e79b 100644 --- a/requirements-dev.lock +++ b/requirements-dev.lock @@ -9,7 +9,8 @@ # generate-hashes: false # universal: false --e file:. +hatchling==1.27.0 +hatch==1.14.0 argparse==1.4.0 # via socketsecurity certifi==2024.12.14 @@ -60,7 +61,7 @@ requests==2.32.3 # via socketsecurity smmap==5.0.2 # via gitdb -socket-sdk-python @ file:///Users/erichibbs/code/socket/socket-sdk-python +socket-sdk-python==2.0.15 # via socketsecurity typing-extensions==4.12.2 # via socket-sdk-python diff --git a/requirements.lock b/requirements.lock index 137e3e6..6d0be66 100644 --- a/requirements.lock +++ b/requirements.lock @@ -9,7 +9,6 @@ # generate-hashes: false # universal: false --e file:. argparse==1.4.0 # via socketsecurity certifi==2024.12.14 @@ -60,7 +59,7 @@ requests==2.32.3 # via socketsecurity smmap==5.0.2 # via gitdb -socket-sdk-python @ file:///Users/erichibbs/code/socket/socket-sdk-python +socket-sdk-python==2.0.15 # via socketsecurity typing-extensions==4.12.2 # via socket-sdk-python diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index b8c6665..f77c81f 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.14' +__version__ = '2.0.32' + diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 5a75438..612ad1e 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -71,6 +71,7 @@ def main_code(): ) log.debug("loaded socket_config") client = CliClient(socket_config) + sdk.api.api_url = socket_config.api_url log.debug("loaded client") core = Core(socket_config, sdk) log.debug("loaded core") From 02c87853a85ba055938b8b6535d54c0f8c355193 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 1 Apr 2025 09:11:51 -0700 Subject: [PATCH 051/149] Version bump (#65) --- README.md | 85 ++++++++++++++-------------- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 10 +++- socketsecurity/core/__init__.py | 10 +++- socketsecurity/core/socket_config.py | 13 ++++- 6 files changed, 74 insertions(+), 48 deletions(-) diff --git a/README.md b/README.md index 0521ca5..d03b812 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Socket Security CLI -The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code. +The Socket Security CLI was created to enable integrations with other tools like GitHub Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code. ## Usage @@ -18,62 +18,63 @@ If you don't want to provide the Socket API Token every time then you can use th ### Parameters #### Authentication -| Parameter | Required | Default | Description | -|:-------------|:---------|:--------|:--------------------------------------------------------------------------------------| -| --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) | +| Parameter | Required | Default | Description | +|:------------|:---------|:--------|:--------------------------------------------------------------------------------| +| --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) | #### Repository -| Parameter | Required | Default | Description | -|:-------------|:---------|:--------|:-------------------------------------------------------------------------| -| --repo | False | | Repository name in owner/repo format | -| --integration| False | api | Integration type (api, github, gitlab) | -| --owner | False | | Name of the integration owner, defaults to the socket organization slug | -| --branch | False | "" | Branch name | -| --committers | False | | Committer(s) to filter by | +| Parameter | Required | Default | Description | +|:--------------|:---------|:--------|:------------------------------------------------------------------------| +| --repo | False | | Repository name in owner/repo format | +| --integration | False | api | Integration type (api, github, gitlab) | +| --owner | False | | Name of the integration owner, defaults to the socket organization slug | +| --branch | False | "" | Branch name | +| --committers | False | | Committer(s) to filter by | #### Pull Request and Commit -| Parameter | Required | Default | Description | -|:----------------|:---------|:--------|:-------------------| -| --pr-number | False | "0" | Pull request number| -| --commit-message| False | | Commit message | -| --commit-sha | False | "" | Commit SHA | +| Parameter | Required | Default | Description | +|:-----------------|:---------|:--------|:--------------------| +| --pr-number | False | "0" | Pull request number | +| --commit-message | False | | Commit message | +| --commit-sha | False | "" | Commit SHA | #### Path and File -| Parameter | Required | Default | Description | -|:-------------|:---------|:--------|:-------------------------------------------| -| --target-path| False | ./ | Target path for analysis | -| --sbom-file | False | | SBOM file path | -| --files | False | [] | Files to analyze (JSON array string) | +| Parameter | Required | Default | Description | +|:--------------|:---------|:--------|:-------------------------------------| +| --target-path | False | ./ | Target path for analysis | +| --sbom-file | False | | SBOM file path | +| --files | False | [] | Files to analyze (JSON array string) | #### Branch and Scan Configuration -| Parameter | Required | Default | Description | -|:---------------|:---------|:--------|:----------------------------------------------------------| -| --default-branch| False | False | Make this branch the default branch | -| --pending-head | False | False | If true, the new scan will be set as the branch's head scan| +| Parameter | Required | Default | Description | +|:-----------------|:---------|:--------|:------------------------------------------------------------| +| --default-branch | False | False | Make this branch the default branch | +| --pending-head | False | False | If true, the new scan will be set as the branch's head scan | #### Output Configuration -| Parameter | Required | Default | Description | -|:----------------------|:---------|:--------|:---------------------------------------------------------------| -| --generate-license | False | False | Generate license information | -| --enable-debug | False | False | Enable debug logging | -| --enable-json | False | False | Output in JSON format | -| --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format| -| --disable-overview | False | False | Disable overview output | +| Parameter | Required | Default | Description | +|:--------------------------|:---------|:--------|:----------------------------------------------------------------------------------| +| --generate-license | False | False | Generate license information | +| --enable-debug | False | False | Enable debug logging | +| --enable-json | False | False | Output in JSON format | +| --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format | +| --disable-overview | False | False | Disable overview output | | --exclude-license-details | False | False | Exclude license details from the diff report (boosts performance for large repos) | #### Security Configuration -| Parameter | Required | Default | Description | -|:-----------------------|:---------|:--------|:-------------------------------| -| --allow-unverified | False | False | Allow unverified packages | -| --disable-security-issue| False | False | Disable security issue checks | +| Parameter | Required | Default | Description | +|:-------------------------|:---------|:--------|:------------------------------| +| --allow-unverified | False | False | Allow unverified packages | +| --disable-security-issue | False | False | Disable security issue checks | #### Advanced Configuration -| Parameter | Required | Default | Description | -|:-------------------|:---------|:--------|:-----------------------------------------------| -| --ignore-commit-files| False | False | Ignore commit files | -| --disable-blocking | False | False | Disable blocking mode | -| --scm | False | api | Source control management type | -| --timeout | False | | Timeout in seconds for API requests | +| Parameter | Required | Default | Description | +|:-------------------------|:---------|:--------|:----------------------------------------------------------------------| +| --ignore-commit-files | False | False | Ignore commit files | +| --disable-blocking | False | False | Disable blocking mode | +| --scm | False | api | Source control management type | +| --timeout | False | | Timeout in seconds for API requests | +| --include-module-folders | False | False | If enabled will include manifest files from folders like node_modules | ## File Selection Behavior diff --git a/pyproject.toml b/pyproject.toml index e720e60..ef2a2d2 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.32" +version = "2.0.33" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index f77c81f..948d0ca 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.32' +__version__ = '2.0.33' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index f46a6aa..788c572 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -34,6 +34,7 @@ class CliConfig: pending_head: bool = False timeout: Optional[int] = 1200 exclude_license_details: bool = False + include_module_folders: bool = False @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': parser = create_argument_parser() @@ -73,6 +74,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'pending_head': args.pending_head, 'timeout': args.timeout, 'exclude_license_details': args.exclude_license_details, + 'include_module_folders': args.include_module_folders, } if args.owner: @@ -234,7 +236,6 @@ def create_argument_parser() -> argparse.ArgumentParser: action="store_true", help=argparse.SUPPRESS ) - # Output Configuration output_group = parser.add_argument_group('Output Configuration') output_group.add_argument( @@ -351,5 +352,12 @@ def create_argument_parser() -> argparse.ArgumentParser: help="Timeout in seconds for API requests", required=False ) + config_group.add_argument( + "--include-module-folders", + dest="include_module_folders", + action="store_true", + default=False, + help="Enabling including module folders like node_modules" + ) return parser \ No newline at end of file diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 7fc4c80..d6d9805 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -146,6 +146,14 @@ def expand_brace_pattern(pattern: str) -> List[str]: return expanded_patterns + @staticmethod + def is_excluded(file_path: str, excluded_dirs: Set[str]) -> bool: + parts = os.path.normpath(file_path).split(os.sep) + for part in parts: + if part in excluded_dirs: + return True + return False + def find_files(self, path: str) -> List[str]: """ Finds supported manifest files in the given path. @@ -186,7 +194,7 @@ def find_files(self, path: str) -> List[str]: glob_files = glob(file_path, recursive=True) for glob_file in glob_files: - if os.path.isfile(glob_file): + if os.path.isfile(glob_file) and not Core.is_excluded(glob_file, self.config.excluded_dirs): files.add(glob_file) glob_end = time.time() diff --git a/socketsecurity/core/socket_config.py b/socketsecurity/core/socket_config.py index 4c25542..f05a382 100644 --- a/socketsecurity/core/socket_config.py +++ b/socketsecurity/core/socket_config.py @@ -1,11 +1,19 @@ -from dataclasses import dataclass +from dataclasses import dataclass, field from typing import Dict, Optional from urllib.parse import urlparse +from typing import Set import os from socketsecurity.core.issues import AllIssues +default_exclude_dirs = { + "node_modules", "bower_components", "jspm_packages", # JS/TS + "__pycache__", ".venv", "venv", "build", "dist", # Python + ".tox", ".mypy_cache", ".pytest_cache", "*.egg-info", + "vendor" +} + @dataclass class SocketConfig: api_key: str @@ -18,6 +26,7 @@ class SocketConfig: repository_path: Optional[str] = None security_policy: Dict = None all_issues: Optional['AllIssues'] = None + excluded_dirs: Set[str] = field(default_factory=lambda: default_exclude_dirs) def __post_init__(self): """Validate configuration after initialization""" @@ -45,7 +54,7 @@ def _validate_api_url(url: str) -> None: parsed = urlparse(url) if not all([parsed.scheme, parsed.netloc]): raise ValueError("Invalid URL format") - if parsed.scheme != "https": + if parsed.scheme != "https" and os.getenv("RUN_ENVIRONMENT", 'prod') != "dev": raise ValueError("API URL must use HTTPS") except Exception as e: raise ValueError(f"Invalid API URL: {str(e)}") From d6e97a409fb553929480efdc2c3dffe2035139b6 Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 2 Apr 2025 15:20:39 -0700 Subject: [PATCH 052/149] Bumped version for release (#66) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 21 ++++++++++++--------- socketsecurity/core/classes.py | 12 +++++++++++- 4 files changed, 25 insertions(+), 12 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index ef2a2d2..2bfa41f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.33" +version = "2.0.34" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 948d0ca..6bdd25c 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.33' +__version__ = '2.0.34' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index d6d9805..23466bd 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -82,15 +82,17 @@ def get_org_id_slug(self) -> Tuple[str, str]: return org_id, organizations[org_id]['slug'] return None, None - def get_sbom_data(self, full_scan_id: str) -> Dict[str, SocketArtifact]: + def get_sbom_data(self, full_scan_id: str) -> List[SocketArtifact]: """Returns the list of SBOM artifacts for a full scan.""" response = self.sdk.fullscans.stream(self.config.org_slug, full_scan_id, use_types=True) + artifacts: List[SocketArtifact] = [] if not response.success: log.debug(f"Failed to get SBOM data for full-scan {full_scan_id}") log.debug(response.message) return {} - - return response.artifacts + for artifact_id in response.artifacts: + artifacts.append(response.artifacts[artifact_id]) + return artifacts def get_sbom_data_list(self, artifacts_dict: Dict[str, SocketArtifact]) -> list[SocketArtifact]: """Converts artifacts dictionary to a list.""" @@ -326,8 +328,7 @@ def create_full_scan(self, files: List[str], params: FullScanParams, has_head_sc full_scan = FullScan(**asdict(res.data)) if not has_head_scan: - full_scan_artifacts_dict = self.get_sbom_data(full_scan.id) - full_scan.sbom_artifacts = self.get_sbom_data_list(full_scan_artifacts_dict) + full_scan.sbom_artifacts = self.get_sbom_data(full_scan.id) full_scan.packages = self.create_packages_dict(full_scan.sbom_artifacts) create_full_end = time.time() @@ -436,7 +437,8 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br log.error("Failed to create repository: empty response") raise Exception("Failed to create repository: empty response") else: - return create_response + response = self.sdk.repos.repo(self.config.org_slug, repo_slug, use_types=True) + return response.data except APIFailure as e: log.error(f"API failure while creating repository: {e}") @@ -554,22 +556,23 @@ def create_new_diff( # Find manifest files files = self.find_files(path) files_for_sending = self.load_files_for_sending(files, path) - + has_head_scan = False if not files: return Diff(id="no_diff_id") try: # Get head scan ID head_full_scan_id = self.get_head_scan_for_repo(params.repo) - has_head_scan = True + if head_full_scan_id is not None: + has_head_scan = True except APIResourceNotFound: head_full_scan_id = None - has_head_scan = False # Create new scan try: new_scan_start = time.time() new_full_scan = self.create_full_scan(files_for_sending, params, has_head_scan) + new_full_scan.sbom_artifacts = self.get_sbom_data(new_full_scan.id) new_scan_end = time.time() log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") except APIFailure as e: diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index 006bb0c..416cd06 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -138,6 +138,13 @@ def from_socket_artifact(cls, data: dict) -> "Package": Returns: New Package instance """ + purl = f"{data['type']}/" + namespace = data.get("namespace") + if namespace: + purl += f"{namespace}@" + purl += f"{data['name']}@{data['version']}" + base_url = "https://socket.dev" + url = f"{base_url}/{data['type']}/package/{namespace or ''}{data['name']}/overview/{data['version']}" return cls( id=data["id"], name=data["name"], @@ -152,7 +159,10 @@ def from_socket_artifact(cls, data: dict) -> "Package": direct=data.get("direct", False), manifestFiles=data.get("manifestFiles", []), dependencies=data.get("dependencies"), - artifact=data.get("artifact") + artifact=data.get("artifact"), + purl=purl, + url=url, + namespace=namespace ) @classmethod From 17db071db62b3842e1f8661dc1f7c1298a91ea56 Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 2 Apr 2025 19:14:46 -0700 Subject: [PATCH 053/149] Updated version for build (#67) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 2 ++ 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 2bfa41f..7125d24 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.34" +version = "2.0.35" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 6bdd25c..452a794 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.34' +__version__ = '2.0.35' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 23466bd..96aaa9e 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -90,6 +90,8 @@ def get_sbom_data(self, full_scan_id: str) -> List[SocketArtifact]: log.debug(f"Failed to get SBOM data for full-scan {full_scan_id}") log.debug(response.message) return {} + if not hasattr(response, "artifacts") or not response.artifacts: + return artifacts for artifact_id in response.artifacts: artifacts.append(response.artifacts[artifact_id]) return artifacts From 719823079a4aa2f0db00e3acdab3985192f5fcae Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 3 Apr 2025 11:50:15 -0700 Subject: [PATCH 054/149] Updated version (#68) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 9 +++++++++ socketsecurity/core/__init__.py | 21 ++++++++++++++------- 4 files changed, 25 insertions(+), 9 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 7125d24..b7d6513 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.35" +version = "2.0.36" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 452a794..46d0887 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.35' +__version__ = '2.0.36' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 788c572..79b0031 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -2,6 +2,7 @@ import os from dataclasses import asdict, dataclass from typing import List, Optional +from socketdev import __version__ from socketdev import INTEGRATION_TYPES, IntegrationType @@ -35,6 +36,7 @@ class CliConfig: timeout: Optional[int] = 1200 exclude_license_details: bool = False include_module_folders: bool = False + version: str = __version__ @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': parser = create_argument_parser() @@ -75,6 +77,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'timeout': args.timeout, 'exclude_license_details': args.exclude_license_details, 'include_module_folders': args.include_module_folders, + 'version': __version__ } if args.owner: @@ -360,4 +363,10 @@ def create_argument_parser() -> argparse.ArgumentParser: help="Enabling including module folders like node_modules" ) + parser.add_argument( + '--version', + action='version', + version=f'%(prog)s {__version__}' + ) + return parser \ No newline at end of file diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 96aaa9e..4be798a 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -25,9 +25,11 @@ ) from socketsecurity.core.exceptions import APIResourceNotFound from socketsecurity.core.licenses import Licenses - from .socket_config import SocketConfig from .utils import socket_globs +import importlib +logging_std = importlib.import_module("logging") + __all__ = [ "Core", @@ -375,11 +377,12 @@ def create_packages_dict(self, sbom_artifacts: list[SocketArtifact]) -> dict[str else: package.license_text = self.get_package_license_text(package) packages[package.id] = package - for top_id in package.topLevelAncestors: - if top_id not in top_level_count: - top_level_count[top_id] = 1 - else: - top_level_count[top_id] += 1 + if package.topLevelAncestors: + for top_id in package.topLevelAncestors: + if top_id not in top_level_count: + top_level_count[top_id] = 1 + else: + top_level_count[top_id] += 1 for package_id, package in packages.items(): package.transitives = top_level_count.get(package_id, 0) @@ -424,10 +427,14 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br Exception: If API request fails """ try: + sdk_logger = logging_std.getLogger("socketdev") + original_level = sdk_logger.level + sdk_logger.setLevel(logging_std.CRITICAL) response = self.sdk.repos.repo(self.config.org_slug, repo_slug, use_types=True) + sdk_logger.setLevel(original_level) if not response.success: log.error(f"Failed to get repository: {response.status}") - log.error(response.message) + # log.error(response.message) except APIFailure: log.warning(f"Failed to get repository {repo_slug}, attempting to create it") try: From 92f4306202fb47ab12949c7721067398012e6f9e Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 3 Apr 2025 14:28:41 -0700 Subject: [PATCH 055/149] Doug/fix docker build process (#69) Fixed build process and topLevelAncestor error --- pyproject.toml | 4 ++-- scripts/build_container.sh | 28 ++++++++++++++-------------- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 3 +-- socketsecurity/core/__init__.py | 2 ++ socketsecurity/core/socket_config.py | 2 ++ socketsecurity/socketcli.py | 1 + 7 files changed, 23 insertions(+), 19 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index b7d6513..03af13b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.36" +version = "2.0.38" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.0.15' + 'socket-sdk-python>=2.0.20' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/scripts/build_container.sh b/scripts/build_container.sh index 6e19511..f268246 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -32,20 +32,20 @@ fi if [ $ENABLE_PYPI_BUILD = "pypi-build=prod" ]; then echo "Doing production build" - if ! python -m build --wheel --sdist; then - echo "Build failed" - exit 1 - fi - - if ! twine upload dist/*$VERSION*; then - echo "Upload to PyPI failed" - exit 1 - fi - - if ! verify_package $VERSION "https://pypi.org/simple"; then - echo "Failed to verify package on PyPI" - exit 1 - fi +# if ! python -m build --wheel --sdist; then +# echo "Build failed" +# exit 1 +# fi +# +# if ! twine upload dist/*$VERSION*; then +# echo "Upload to PyPI failed" +# exit 1 +# fi +# +# if ! verify_package $VERSION "https://pypi.org/simple"; then +# echo "Failed to verify package on PyPI" +# exit 1 +# fi docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:$VERSION . \ && docker build --no-cache --build-arg CLI_VERSION=$VERSION --platform linux/amd64,linux/arm64 -t socketdev/cli:latest . \ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 46d0887..ef8d284 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.36' +__version__ = '2.0.38' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 79b0031..2d3aece 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -2,8 +2,7 @@ import os from dataclasses import asdict, dataclass from typing import List, Optional -from socketdev import __version__ - +from socketsecurity import __version__ from socketdev import INTEGRATION_TYPES, IntegrationType diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 4be798a..81cab93 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -736,6 +736,8 @@ def get_source_data(package: Package, packages: dict) -> list: source = ("direct", manifests) introduced_by.append(source) else: + if not package.topLevelAncestors: + return introduced_by for top_id in package.topLevelAncestors: top_package = packages.get(top_id) if top_package: diff --git a/socketsecurity/core/socket_config.py b/socketsecurity/core/socket_config.py index f05a382..f119d4b 100644 --- a/socketsecurity/core/socket_config.py +++ b/socketsecurity/core/socket_config.py @@ -5,6 +5,7 @@ import os from socketsecurity.core.issues import AllIssues +from socketsecurity import __version__ default_exclude_dirs = { @@ -27,6 +28,7 @@ class SocketConfig: security_policy: Dict = None all_issues: Optional['AllIssues'] = None excluded_dirs: Set[str] = field(default_factory=lambda: default_exclude_dirs) + version: str = __version__ def __post_init__(self): """Validate configuration after initialization""" diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 612ad1e..c471bc1 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -45,6 +45,7 @@ def cli(): def main_code(): config = CliConfig.from_args() + log.info(f"Starting Socket Security CLI version {config.version}") log.debug(f"config: {config.to_dict()}") output_handler = OutputHandler(config) From 49cf7e53aa22b5f2e67838f7f2b962f2bccf1ecd Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 3 Apr 2025 17:17:44 -0700 Subject: [PATCH 056/149] Fixed de dupe logic in SDK (#70) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index ef8d284..541bbe6 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.38' +__version__ = '2.0.39' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 81cab93..e16b35d 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -427,6 +427,8 @@ def get_repo_info(self, repo_slug: str, default_branch: str = "socket-default-br Exception: If API request fails """ try: + # Need to switch to either standard logger or not call our module logging so that there isn't a conflict + # Also need to update the SDK to not emit log in a way that can't be trapped by try/except sdk_logger = logging_std.getLogger("socketdev") original_level = sdk_logger.level sdk_logger.setLevel(logging_std.CRITICAL) From 743582608e3b0281cdb46b7258052abc42e55d22 Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 3 Apr 2025 18:16:32 -0700 Subject: [PATCH 057/149] Update Version (#71) --- pyproject.toml | 4 ++-- socketsecurity/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 03af13b..842e855 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.38" +version = "2.0.40" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.0.20' + 'socket-sdk-python>=2.0.21' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 541bbe6..c45bd51 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.39' +__version__ = '2.0.40' From 7d58fe8e347b1f1cd1e1713d4bc0ea1835fa4b9d Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 8 Apr 2025 10:17:50 -0700 Subject: [PATCH 058/149] Updated version (#72) --- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 1 - socketsecurity/core/messages.py | 18 +++++++++++++++--- 3 files changed, 16 insertions(+), 5 deletions(-) diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c45bd51..c545116 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.0.40' +__version__ = '2.0.41' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index e16b35d..67cf0e2 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -801,7 +801,6 @@ def add_package_alerts_to_collection(self, package: Package, alerts_collection: alert = Alert(**alert_item) props = getattr(self.config.all_issues, alert.type, default_props) introduced_by = self.get_source_data(package, packages) - issue_alert = Issue( pkg_type=package.type, pkg_name=package.name, diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 25a29d8..435afe5 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -3,6 +3,7 @@ import re from pathlib import Path +from docutils.nodes import title from mdutils import MdUtils from prettytable import PrettyTable @@ -233,10 +234,21 @@ def create_security_comment_sarif(diff) -> dict: # Create a unique rule id and name by appending the manifest file. unique_rule_id = f"{base_rule_id} ({mf})" rule_name = f"Alert {base_rule_id} ({mf})" - - short_desc = (f"{alert.props.get('note', '')}

    Suggested Action:
    {alert.suggestion}" + props = {} + if hasattr(alert, 'props'): + props = alert.props + suggestion = '' + if hasattr(alert, 'suggestion'): + suggestion = alert.suggestion + alert_title = '' + if hasattr(alert, 'title'): + alert_title = alert.title + description = '' + if hasattr(alert, 'description'): + description = alert.description + short_desc = (f"{props.get('note', '')}

    Suggested Action:
    {suggestion}" f"
    {socket_url}") - full_desc = "{} - {}".format(alert.title, alert.description.replace('\r\n', '
    ')) + full_desc = "{} - {}".format(alert_title, description.replace('\r\n', '
    ')) if unique_rule_id not in rules_map: rules_map[unique_rule_id] = { From e3bfaf1281a7c37b1444ef65b0af18d376e6eb24 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 8 Apr 2025 11:03:45 -0700 Subject: [PATCH 059/149] Bumping version to fix in prod (#73) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 842e855..99d5c3b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.40" +version = "2.0.42" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c545116..1ea0a22 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.41' - +__version__ = '2.0.42' From daa7f852fd03ea6a3449e0ac67f72df228497cf9 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 8 Apr 2025 14:26:54 -0700 Subject: [PATCH 060/149] Updated version (#74) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/messages.py | 4 +--- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 99d5c3b..6e3e07f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.42" +version = "2.0.43" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 1ea0a22..beda9f7 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.42' +__version__ = '2.0.43' diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 435afe5..c54df14 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -2,8 +2,6 @@ import logging import re from pathlib import Path - -from docutils.nodes import title from mdutils import MdUtils from prettytable import PrettyTable @@ -235,7 +233,7 @@ def create_security_comment_sarif(diff) -> dict: unique_rule_id = f"{base_rule_id} ({mf})" rule_name = f"Alert {base_rule_id} ({mf})" props = {} - if hasattr(alert, 'props'): + if hasattr(alert, 'props') and alert.props: props = alert.props suggestion = '' if hasattr(alert, 'suggestion'): From 96e69204ac239f2487df6e39feb5d91d369ea78a Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 14 Apr 2025 08:54:36 -0700 Subject: [PATCH 061/149] Fix Windows Path Normalization (#75) * Update version for deploy * Version updated * Stripping path from file name as well * Fixing workspace name * Removed redundant strip --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 12 +++++------- 3 files changed, 7 insertions(+), 9 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 6e3e07f..4355a42 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.43" +version = "2.0.48" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index beda9f7..92c21d0 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.43' +__version__ = '2.0.48' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 67cf0e2..a5925a6 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -201,7 +201,7 @@ def find_files(self, path: str) -> List[str]: for glob_file in glob_files: if os.path.isfile(glob_file) and not Core.is_excluded(glob_file, self.config.excluded_dirs): - files.add(glob_file) + files.add(glob_file.replace("\\", "/")) glob_end = time.time() log.debug(f"Globbing took {glob_end - glob_start:.4f} seconds") @@ -290,12 +290,10 @@ def load_files_for_sending(files: List[str], workspace: str) -> List[Tuple[str, [(field_name, (filename, file_object)), ...] """ send_files = [] - + if "\\" in workspace: + workspace = workspace.replace("\\", "/") for file_path in files: - if "/" in file_path: - _, name = file_path.rsplit("/", 1) - else: - name = file_path + _, name = file_path.rsplit("/", 1) if file_path.startswith(workspace): key = file_path[len(workspace):] @@ -306,7 +304,7 @@ def load_files_for_sending(files: List[str], workspace: str) -> List[Tuple[str, key = key.lstrip("./") f = open(file_path, 'rb') - payload = (key, (name, f)) + payload = (key, (name.lstrip(workspace), f)) send_files.append(payload) return send_files From 8cbf2dabb8733ebb159fda132e6e59759ed6bafd Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 14 Apr 2025 21:57:13 -0700 Subject: [PATCH 062/149] Doug/add plugins (#76) * version update * Finished adding Jira support * Updated the read me with Jira details --- README.md | 20 ++++ pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 26 ++++- socketsecurity/core/messages.py | 24 +++-- socketsecurity/output.py | 13 ++- socketsecurity/plugins/__init__.py | 0 socketsecurity/plugins/base.py | 6 ++ socketsecurity/plugins/jira.py | 158 +++++++++++++++++++++++++++++ socketsecurity/plugins/manager.py | 21 ++++ socketsecurity/plugins/slack.py | 12 +++ socketsecurity/plugins/teams.py | 12 +++ socketsecurity/plugins/webhook.py | 13 +++ 13 files changed, 296 insertions(+), 13 deletions(-) create mode 100644 socketsecurity/plugins/__init__.py create mode 100644 socketsecurity/plugins/base.py create mode 100644 socketsecurity/plugins/jira.py create mode 100644 socketsecurity/plugins/manager.py create mode 100644 socketsecurity/plugins/slack.py create mode 100644 socketsecurity/plugins/teams.py create mode 100644 socketsecurity/plugins/webhook.py diff --git a/README.md b/README.md index d03b812..0e95f6a 100644 --- a/README.md +++ b/README.md @@ -76,6 +76,26 @@ If you don't want to provide the Socket API Token every time then you can use th | --timeout | False | | Timeout in seconds for API requests | | --include-module-folders | False | False | If enabled will include manifest files from folders like node_modules | +#### Plugins + +The Python CLI currently Supports the following plugins: + +- Jira + +##### Jira + +| Environment Variable | Required | Default | Description | +|:------------------------|:---------|:--------|:-----------------------------------| +| SOCKET_JIRA_ENABLED | False | false | Enables/Disables the Jira Plugin | +| SOCKET_JIRA_CONFIG_JSON | True | None | Required if the Plugin is enabled. | + +Example `SOCKET_JIRA_CONFIG_JSON` value + +````json +{"url": "https://REPLACE_ME.atlassian.net", "email": "example@example.com", "api_token": "REPLACE_ME", "project": "REPLACE_ME" } +```` + + ## File Selection Behavior The CLI determines which files to scan based on the following logic: diff --git a/pyproject.toml b/pyproject.toml index 4355a42..028ddae 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.48" +version = "2.0.50" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 92c21d0..45c32f5 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.48' +__version__ = '2.0.50' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 2d3aece..42b4684 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -1,9 +1,24 @@ import argparse import os -from dataclasses import asdict, dataclass +from dataclasses import asdict, dataclass, field from typing import List, Optional from socketsecurity import __version__ from socketdev import INTEGRATION_TYPES, IntegrationType +import json + + +def get_plugin_config_from_env(prefix: str) -> dict: + config_str = os.getenv(f"{prefix}_CONFIG_JSON", "{}") + try: + return json.loads(config_str) + except json.JSONDecodeError: + return {} + +@dataclass +class PluginConfig: + enabled: bool = False + levels: List[str] = None + config: Optional[dict] = None @dataclass @@ -36,6 +51,8 @@ class CliConfig: exclude_license_details: bool = False include_module_folders: bool = False version: str = __version__ + jira_plugin: PluginConfig = field(default_factory=PluginConfig) + @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': parser = create_argument_parser() @@ -78,6 +95,13 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'include_module_folders': args.include_module_folders, 'version': __version__ } + config_args.update({ + "jira_plugin": PluginConfig( + enabled=os.getenv("SOCKET_JIRA_ENABLED", "false").lower() == "true", + levels=os.getenv("SOCKET_JIRA_LEVELS", "block,warn").split(","), + config=get_plugin_config_from_env("SOCKET_JIRA") + ) + }) if args.owner: config_args['integration_org_slug'] = args.owner diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index c54df14..db4c85f 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -588,25 +588,31 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: def create_sources(alert: Issue, style="md") -> [str, str]: sources = [] manifests = [] + for source, manifest in alert.introduced_by: if style == "md": add_str = f"
  • {manifest}
    • " source_str = f"
  • {source}
    • " - else: + elif style == "plain": + add_str = f"• {manifest}" + source_str = f"• {source}" + else: # raw add_str = f"{manifest};" source_str = f"{source};" + if source_str not in sources: sources.append(source_str) if add_str not in manifests: manifests.append(add_str) - manifest_list = "".join(manifests) - source_list = "".join(sources) - source_list = source_list.rstrip(";") - manifest_list = manifest_list.rstrip(";") + if style == "md": - manifest_str = f"
      {manifest_list}
    " - sources_str = f"
      {source_list}
    " + manifest_str = f"
      {''.join(manifests)}
    " + sources_str = f"
      {''.join(sources)}
    " + elif style == "plain": + manifest_str = "\n".join(manifests) + sources_str = "\n".join(sources) else: - manifest_str = manifest_list - sources_str = source_list + manifest_str = "".join(manifests).rstrip(";") + sources_str = "".join(sources).rstrip(";") + return manifest_str, sources_str diff --git a/socketsecurity/output.py b/socketsecurity/output.py index e4d3649..61b8f76 100644 --- a/socketsecurity/output.py +++ b/socketsecurity/output.py @@ -1,11 +1,11 @@ import json import logging -import sys from pathlib import Path from typing import Any, Dict, Optional from .core.messages import Messages from .core.classes import Diff, Issue from .config import CliConfig +from socketsecurity.plugins.manager import PluginManager class OutputHandler: @@ -24,6 +24,17 @@ def handle_output(self, diff_report: Diff) -> None: self.output_console_sarif(diff_report, self.config.sbom_file) else: self.output_console_comments(diff_report, self.config.sbom_file) + if hasattr(self.config, "jira_plugin") and self.config.jira_plugin.enabled: + jira_config = { + "enabled": self.config.jira_plugin.enabled, + "levels": self.config.jira_plugin.levels or [], + **(self.config.jira_plugin.config or {}) + } + + plugin_mgr = PluginManager({"jira": jira_config}) + + # The Jira plugin knows how to build title + description from diff/config + plugin_mgr.send(diff_report, config=self.config) self.save_sbom_file(diff_report, self.config.sbom_file) diff --git a/socketsecurity/plugins/__init__.py b/socketsecurity/plugins/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/socketsecurity/plugins/base.py b/socketsecurity/plugins/base.py new file mode 100644 index 0000000..3aac71c --- /dev/null +++ b/socketsecurity/plugins/base.py @@ -0,0 +1,6 @@ +class Plugin: + def __init__(self, config): + self.config = config + + def send(self, message, level): + raise NotImplementedError("Plugin must implement send()") \ No newline at end of file diff --git a/socketsecurity/plugins/jira.py b/socketsecurity/plugins/jira.py new file mode 100644 index 0000000..7dc6fe0 --- /dev/null +++ b/socketsecurity/plugins/jira.py @@ -0,0 +1,158 @@ +from .base import Plugin +import requests +import base64 +from socketsecurity.core.classes import Diff +from socketsecurity.config import CliConfig +from socketsecurity.core import log + + +class JiraPlugin(Plugin): + def send(self, diff: Diff, config: CliConfig): + if not self.config.get("enabled", False): + return + log.debug("Jira Plugin Enabled") + alert_levels = self.config.get("levels", ["block", "warn"]) + log.debug(f"Alert levels: {alert_levels}") + # has_blocking = any(getattr(a, "blocking", False) for a in diff.new_alerts) + # if "block" not in alert_levels and has_blocking: + # return + # if "warn" not in alert_levels and not has_blocking: + # return + parts = ["Security Issues found in Socket Security results"] + pr = getattr(config, "pr_number", "") + sha = getattr(config, "commit_sha", "")[:8] if getattr(config, "commit_sha", "") else "" + scan_link = getattr(diff, "diff_url", "") + + if pr and pr != "0": + parts.append(f"for PR {pr}") + if sha: + parts.append(f"- {sha}") + title = " ".join(parts) + + description_adf = { + "type": "doc", + "version": 1, + "content": [ + { + "type": "paragraph", + "content": [ + {"type": "text", "text": "Security issues were found in this scan:"}, + {"type": "text", "text": "\n"}, + { + "type": "text", + "text": "View Socket Security scan results", + "marks": [{"type": "link", "attrs": {"href": scan_link}}] + } + ] + }, + self.create_adf_table_from_diff(diff) + ] + } + # log.debug("ADF Description Payload:\n" + json.dumps(description_adf, indent=2)) + log.debug("Sending Jira Issue") + # 🛠️ Build and send the Jira issue + url = self.config["url"] + project = self.config["project"] + auth = base64.b64encode( + f"{self.config['email']}:{self.config['api_token']}".encode() + ).decode() + + payload = { + "fields": { + "project": {"key": project}, + "summary": title, + "description": description_adf, + "issuetype": {"name": "Task"} + } + } + + headers = { + "Authorization": f"Basic {auth}", + "Content-Type": "application/json" + } + jira_url = f"{url}/rest/api/3/issue" + log.debug(f"Jira URL: {jira_url}") + response = requests.post(jira_url, json=payload, headers=headers) + if response.status_code >= 300: + log.error(f"Jira error {response.status_code}: {response.text}") + else: + log.info(f"Jira ticket created: {response.json().get('key')}") + + @staticmethod + def flatten_adf_to_text(adf): + def extract_text(node): + if isinstance(node, dict): + if node.get("type") == "text": + return node.get("text", "") + return "".join(extract_text(child) for child in node.get("content", [])) + elif isinstance(node, list): + return "".join(extract_text(child) for child in node) + return "" + + return extract_text(adf) + + @staticmethod + def create_adf_table_from_diff(diff): + from socketsecurity.core.messages import Messages + + def make_cell(text): + return { + "type": "tableCell", + "content": [ + { + "type": "paragraph", + "content": [{"type": "text", "text": text}] + } + ] + } + + def make_link_cell(text, url): + return { + "type": "tableCell", + "content": [ + { + "type": "paragraph", + "content": [{ + "type": "text", + "text": text, + "marks": [{"type": "link", "attrs": {"href": url}}] + }] + } + ] + } + + # Header row (must use tableCell not tableHeader!) + header_row = { + "type": "tableRow", + "content": [ + make_cell("Alert"), + make_cell("Package"), + make_cell("Introduced by"), + make_cell("Manifest File"), + make_cell("CI") + ] + } + + rows = [header_row] + + for alert in diff.new_alerts: + manifest_str, source_str = Messages.create_sources(alert, "plain") + + row = { + "type": "tableRow", + "content": [ + make_cell(alert.title), + make_link_cell(alert.purl, alert.url) if alert.url else make_cell(alert.purl), + make_cell(source_str), + make_cell(manifest_str), + make_cell("🚫" if alert.error else "⚠️") + ] + } + + rows.append(row) + + # Final return is a block array + return { + "type": "table", + "content": rows + } diff --git a/socketsecurity/plugins/manager.py b/socketsecurity/plugins/manager.py new file mode 100644 index 0000000..b2397d1 --- /dev/null +++ b/socketsecurity/plugins/manager.py @@ -0,0 +1,21 @@ +from . import jira, webhook, slack, teams + +PLUGIN_CLASSES = { + "jira": jira.JiraPlugin, + "slack": slack.SlackPlugin, + "webhook": webhook.WebhookPlugin, + "teams": teams.TeamsPlugin, +} + +class PluginManager: + def __init__(self, config): + self.plugins = [] + for name, conf in config.items(): + if conf.get("enabled"): + plugin_cls = PLUGIN_CLASSES.get(name) + if plugin_cls: + self.plugins.append(plugin_cls(conf)) + + def send(self, diff, config): + for plugin in self.plugins: + plugin.send(diff, config) \ No newline at end of file diff --git a/socketsecurity/plugins/slack.py b/socketsecurity/plugins/slack.py new file mode 100644 index 0000000..bcd6efb --- /dev/null +++ b/socketsecurity/plugins/slack.py @@ -0,0 +1,12 @@ +from .base import Plugin +import requests + +class SlackPlugin(Plugin): + def send(self, message, level): + if not self.config.get("enabled", False): + return + if level not in self.config.get("levels", ["block", "warn"]): + return + + payload = {"text": message.get("title", "No title")} + requests.post(self.config["webhook_url"], json=payload) \ No newline at end of file diff --git a/socketsecurity/plugins/teams.py b/socketsecurity/plugins/teams.py new file mode 100644 index 0000000..def9522 --- /dev/null +++ b/socketsecurity/plugins/teams.py @@ -0,0 +1,12 @@ +from .base import Plugin +import requests + +class TeamsPlugin(Plugin): + def send(self, message, level): + if not self.config.get("enabled", False): + return + if level not in self.config.get("levels", ["block", "warn"]): + return + + payload = {"text": message.get("title", "No title")} + requests.post(self.config["webhook_url"], json=payload) \ No newline at end of file diff --git a/socketsecurity/plugins/webhook.py b/socketsecurity/plugins/webhook.py new file mode 100644 index 0000000..4793c67 --- /dev/null +++ b/socketsecurity/plugins/webhook.py @@ -0,0 +1,13 @@ +from .base import Plugin +import requests + +class WebhookPlugin(Plugin): + def send(self, message, level): + if not self.config.get("enabled", False): + return + if level not in self.config.get("levels", ["block", "warn"]): + return + + url = self.config["url"] + headers = self.config.get("headers", {"Content-Type": "application/json"}) + requests.post(url, json=message, headers=headers) \ No newline at end of file From e75a1d756381dc24d0f26f660f3e82d52df42059 Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 16 Apr 2025 08:07:52 -0700 Subject: [PATCH 063/149] Added Slack plugin support (#77) --- README.md | 13 ++++++ pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 6 +++ socketsecurity/output.py | 16 +++++-- socketsecurity/plugins/base.py | 2 +- socketsecurity/plugins/slack.py | 81 +++++++++++++++++++++++++++++++-- socketsecurity/socketcli.py | 2 +- 8 files changed, 111 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 0e95f6a..148c6a5 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,7 @@ If you don't want to provide the Socket API Token every time then you can use th The Python CLI currently Supports the following plugins: - Jira +- Slack ##### Jira @@ -95,6 +96,18 @@ Example `SOCKET_JIRA_CONFIG_JSON` value {"url": "https://REPLACE_ME.atlassian.net", "email": "example@example.com", "api_token": "REPLACE_ME", "project": "REPLACE_ME" } ```` +##### Slack + +| Environment Variable | Required | Default | Description | +|:-------------------------|:---------|:--------|:-----------------------------------| +| SOCKET_SLACK_ENABLED | False | false | Enables/Disables the Slack Plugin | +| SOCKET_SLACK_CONFIG_JSON | True | None | Required if the Plugin is enabled. | + +Example `SOCKET_SLACK_CONFIG_JSON` value + +````json +{"url": "https://REPLACE_ME_WEBHOOK"} +```` ## File Selection Behavior diff --git a/pyproject.toml b/pyproject.toml index 028ddae..243b608 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.50" +version = "2.0.51" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 45c32f5..8b2cf1e 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.50' +__version__ = '2.0.51' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 42b4684..007eae2 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -52,6 +52,7 @@ class CliConfig: include_module_folders: bool = False version: str = __version__ jira_plugin: PluginConfig = field(default_factory=PluginConfig) + slack_plugin: PluginConfig = field(default_factory=PluginConfig) @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': @@ -100,6 +101,11 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': enabled=os.getenv("SOCKET_JIRA_ENABLED", "false").lower() == "true", levels=os.getenv("SOCKET_JIRA_LEVELS", "block,warn").split(","), config=get_plugin_config_from_env("SOCKET_JIRA") + ), + "slack_plugin": PluginConfig( + enabled=os.getenv("SOCKET_SLACK_ENABLED", "false").lower() == "true", + levels=os.getenv("SOCKET_SLACK_LEVELS", "block,warn").split(","), + config=get_plugin_config_from_env("SOCKET_SLACK") ) }) diff --git a/socketsecurity/output.py b/socketsecurity/output.py index 61b8f76..2b523d5 100644 --- a/socketsecurity/output.py +++ b/socketsecurity/output.py @@ -6,13 +6,14 @@ from .core.classes import Diff, Issue from .config import CliConfig from socketsecurity.plugins.manager import PluginManager +from socketdev import socketdev class OutputHandler: config: CliConfig logger: logging.Logger - def __init__(self, config: CliConfig): + def __init__(self, config: CliConfig, sdk: socketdev): self.config = config self.logger = logging.getLogger("socketcli") @@ -24,16 +25,23 @@ def handle_output(self, diff_report: Diff) -> None: self.output_console_sarif(diff_report, self.config.sbom_file) else: self.output_console_comments(diff_report, self.config.sbom_file) - if hasattr(self.config, "jira_plugin") and self.config.jira_plugin.enabled: + if self.config.jira_plugin.enabled: jira_config = { "enabled": self.config.jira_plugin.enabled, "levels": self.config.jira_plugin.levels or [], **(self.config.jira_plugin.config or {}) } - plugin_mgr = PluginManager({"jira": jira_config}) + plugin_mgr.send(diff_report, config=self.config) + + if self.config.slack_plugin.enabled: + slack_config = { + "enabled": self.config.slack_plugin.enabled, + "levels": self.config.slack_plugin.levels or [], + **(self.config.slack_plugin.config or {}) + } - # The Jira plugin knows how to build title + description from diff/config + plugin_mgr = PluginManager({"slack": slack_config}) plugin_mgr.send(diff_report, config=self.config) self.save_sbom_file(diff_report, self.config.sbom_file) diff --git a/socketsecurity/plugins/base.py b/socketsecurity/plugins/base.py index 3aac71c..3aba645 100644 --- a/socketsecurity/plugins/base.py +++ b/socketsecurity/plugins/base.py @@ -2,5 +2,5 @@ class Plugin: def __init__(self, config): self.config = config - def send(self, message, level): + def send(self, diff, config): raise NotImplementedError("Plugin must implement send()") \ No newline at end of file diff --git a/socketsecurity/plugins/slack.py b/socketsecurity/plugins/slack.py index bcd6efb..2ab60c3 100644 --- a/socketsecurity/plugins/slack.py +++ b/socketsecurity/plugins/slack.py @@ -1,12 +1,83 @@ -from .base import Plugin +import logging import requests +from config import CliConfig +from .base import Plugin +from socketsecurity.core.classes import Diff +from socketsecurity.core.messages import Messages + +logger = logging.getLogger(__name__) + class SlackPlugin(Plugin): - def send(self, message, level): + @staticmethod + def get_name(): + return "slack" + + def send(self, diff, config: CliConfig): if not self.config.get("enabled", False): return - if level not in self.config.get("levels", ["block", "warn"]): + if not self.config.get("url"): + logger.warning("Slack webhook URL not configured.") + return + else: + url = self.config.get("url") + + if not diff.new_alerts: + logger.debug("No new alerts to notify via Slack.") return - payload = {"text": message.get("title", "No title")} - requests.post(self.config["webhook_url"], json=payload) \ No newline at end of file + logger.debug("Slack Plugin Enabled") + logger.debug("Alert levels: %s", self.config.get("levels")) + + message = self.create_slack_blocks_from_diff(diff, config) + logger.debug(f"Sending message to {url}") + response = requests.post( + url, + json={"blocks": message} + ) + + if response.status_code >= 400: + logger.error("Slack error %s: %s", response.status_code, response.text) + + @staticmethod + def create_slack_blocks_from_diff(diff: Diff, config: CliConfig): + pr = getattr(config, "pr_number", None) + sha = getattr(config, "commit_sha", None) + scan_link = getattr(diff, "diff_url", "") + scan = f"<{scan_link}|scan>" + title_part = "" + if pr: + title_part += f" for PR {pr}" + if sha: + title_part += f" - {sha[:8]}" + blocks = [ + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": f"*Socket Security issues were found in this *{scan}*{title_part}*" + } + }, + {"type": "divider"} + ] + + for alert in diff.new_alerts: + manifest_str, source_str = Messages.create_sources(alert, "plain") + manifest_str = manifest_str.lstrip("• ") + source_str = source_str.lstrip("• ") + blocks.append({ + "type": "section", + "text": { + "type": "mrkdwn", + "text": ( + f"*{alert.title}*\n" + f"<{alert.url}|{alert.purl}>\n" + f"*Introduced by:* `{source_str}`\n" + f"*Manifest:* `{manifest_str}`\n" + f"*CI Status:* {'Block' if alert.error else 'Warn'}" + ) + } + }) + blocks.append({"type": "divider"}) + + return blocks diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index c471bc1..64c3f3c 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -47,7 +47,6 @@ def main_code(): config = CliConfig.from_args() log.info(f"Starting Socket Security CLI version {config.version}") log.debug(f"config: {config.to_dict()}") - output_handler = OutputHandler(config) # Validate API token if not config.api_token: @@ -57,6 +56,7 @@ def main_code(): sys.exit(3) sdk = socketdev(token=config.api_token) + output_handler = OutputHandler(config, sdk) log.debug("sdk loaded") if config.enable_debug: From e8336f76606d22dcb442690dc711e784f13d95ba Mon Sep 17 00:00:00 2001 From: Douglas Date: Wed, 16 Apr 2025 14:33:46 -0700 Subject: [PATCH 064/149] Fixed slack import breaking bug (#78) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/plugins/slack.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 243b608..d500e71 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.51" +version = "2.0.52" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 8b2cf1e..61801ac 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.51' +__version__ = '2.0.52' diff --git a/socketsecurity/plugins/slack.py b/socketsecurity/plugins/slack.py index 2ab60c3..0c592dc 100644 --- a/socketsecurity/plugins/slack.py +++ b/socketsecurity/plugins/slack.py @@ -1,6 +1,6 @@ import logging import requests -from config import CliConfig +from socketsecurity.config import CliConfig from .base import Plugin from socketsecurity.core.classes import Diff from socketsecurity.core.messages import Messages From 4693beb497bb70fdfc22717c24250ec387eac77e Mon Sep 17 00:00:00 2001 From: Douglas Date: Mon, 21 Apr 2025 08:01:00 -0700 Subject: [PATCH 065/149] Doug/update comment template (#79) * Changed Dependency Overview to new template * Updated the Security Issue comment to the new template --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 18 ++- socketsecurity/core/classes.py | 2 +- socketsecurity/core/messages.py | 170 +++++++++++++++++++++------- socketsecurity/core/scm_comments.py | 110 +++++++++++++++++- 6 files changed, 251 insertions(+), 53 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index d500e71..1799b19 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.0.52" +version = "2.0.54" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 61801ac..92958d3 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.0.52' +__version__ = '2.0.54' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index a5925a6..007af25 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -21,7 +21,7 @@ FullScan, Issue, Package, - Purl, + Purl ) from socketsecurity.core.exceptions import APIResourceNotFound from socketsecurity.core.licenses import Licenses @@ -644,7 +644,7 @@ def create_diff_report( seen_removed_packages = set() for package_id, package in added_packages.items(): - purl = Core.create_purl(package_id, added_packages) + purl = self.create_purl(package_id, added_packages) base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" if (not direct_only or package.direct) and base_purl not in seen_new_packages: @@ -658,7 +658,7 @@ def create_diff_report( ) for package_id, package in removed_packages.items(): - purl = Core.create_purl(package_id, removed_packages) + purl = self.create_purl(package_id, removed_packages) base_purl = f"{purl.ecosystem}/{purl.name}@{purl.version}" if (not direct_only or package.direct) and base_purl not in seen_removed_packages: @@ -682,8 +682,13 @@ def create_diff_report( return diff - @staticmethod - def create_purl(package_id: str, packages: dict[str, Package]) -> Purl: + def get_all_scores(self, packages: dict[str, Package]) -> dict[str, Package]: + components = [] + for package_id in packages: + package = packages[package_id] + return packages + + def create_purl(self, package_id: str, packages: dict[str, Package]) -> Purl: """ Creates the extended PURL data for package identification and tracking. @@ -707,7 +712,8 @@ def create_purl(package_id: str, packages: dict[str, Package]) -> Purl: size=package.size, transitives=package.transitives, url=package.url, - purl=package.purl + purl=package.purl, + scores=package.score ) return purl diff --git a/socketsecurity/core/classes.py b/socketsecurity/core/classes.py index 416cd06..aefb0ab 100644 --- a/socketsecurity/core/classes.py +++ b/socketsecurity/core/classes.py @@ -370,7 +370,6 @@ def __init__(self, **kwargs): def __str__(self): return json.dumps(self.__dict__) - class Purl: """ Represents a Package URL (PURL) with extended metadata. @@ -392,6 +391,7 @@ class Purl: author_url: str url: str purl: str + scores: dict[str, int] def __init__(self, **kwargs): if kwargs: diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index db4c85f..b86b37f 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -302,26 +302,95 @@ def create_security_comment_json(diff: Diff) -> dict: @staticmethod def security_comment_template(diff: Diff) -> str: """ - Creates the security comment template - :param diff: Diff - Diff report with the data needed for the template - :return: + Generates the security comment template in the new required format. + Dynamically determines placement of the alerts table if markers like `` are used. + + :param diff: Diff - Contains the detected vulnerabilities and warnings. + :return: str - The formatted Markdown/HTML string. """ - md = MdUtils(file_name="markdown_security_temp.md") - md.new_line("") - md.new_header(level=1, title="Socket Security: Issues Report") - md.new_line("Potential security issues detected. Learn more about [socket.dev](https://socket.dev)") - md.new_line("To accept the risk, merge this PR and you will not be notified again.") - md.new_line() - md.new_line("") - md, ignore_commands, next_steps = Messages.create_security_alert_table(diff, md) - md.new_line("") - md.new_line() - md = Messages.create_next_steps(md, next_steps) - md = Messages.create_deeper_look(md) - md = Messages.create_remove_package(md) - md = Messages.create_acceptable_risk(md, ignore_commands) - md.create_md_file() - return md.file_data_text.lstrip() + # Start of the comment + comment = """ + +> **❗️ Caution** +> **Review the following alerts detected in dependencies.** +> +> According to your organization’s Security Policy, you **must** resolve all **“Block”** alerts before proceeding. It’s recommended to resolve **“Warn”** alerts too. +> Learn more about [Socket for GitHub](https://socket.dev?utm_medium=gh). + + + + + + + + + + + + """ + + # Loop through alerts, dynamically generating rows + for alert in diff.new_alerts: + severity_icon = Messages.get_severity_icon(alert.severity) + action = "Block" if alert.error else "Warn" + details_open = "" + # Generate a table row for each alert + comment += f""" + + + + + + + + """ + + # Close table and comment + comment += """ + +
    ActionSeverityAlert (click for details)
    {action} + {alert.severity} + +
    + {alert.pkg_name}@{alert.pkg_version} - {alert.title} +

    Note: {alert.description}

    +

    Source: Manifest File

    +

    ℹ️ Read more on: + This package | + This alert | + What is known malware?

    +
    +

    Suggestion: {alert.suggestion}

    +

    Mark as acceptable risk: To ignore this alert only in this pull request, reply with:
    + @SocketSecurity ignore {alert.pkg_name}@{alert.pkg_version}
    + Or ignore all future alerts with:
    + @SocketSecurity ignore-all

    +
    +
    +
    + + +[View full report](https://socket.dev/...&action=error%2Cwarn) + """ + + return comment + + @staticmethod + def get_severity_icon(severity: str) -> str: + """ + Maps severity levels to their corresponding badge/icon URLs. + + :param severity: str - Severity level (e.g., "Critical", "High"). + :return: str - Badge/icon URL. + """ + severity_map = { + "critical": "https://github-app-statics.socket.dev/severity-3.svg", + "high": "https://github-app-statics.socket.dev/severity-2.svg", + "medium": "https://github-app-statics.socket.dev/severity-1.svg", + "low": "https://github-app-statics.socket.dev/severity-0.svg", + } + return severity_map.get(severity.lower(), "https://github-app-statics.socket.dev/severity-0.svg") + @staticmethod def create_next_steps(md: MdUtils, next_steps: dict): @@ -456,11 +525,9 @@ def dependency_overview_template(diff: Diff) -> str: md = MdUtils(file_name="markdown_overview_temp.md") md.new_line("") md.new_header(level=1, title="Socket Security: Dependency Overview") - md.new_line("New and removed dependencies detected. Learn more about [socket.dev](https://socket.dev)") + md.new_line("Review the following changes in direct dependencies. Learn more about [socket.dev](https://socket.dev)") md.new_line() md = Messages.create_added_table(diff, md) - if len(diff.removed_packages) > 0: - md = Messages.create_remove_line(diff, md) md.create_md_file() if len(md.file_data_text.lstrip()) >= 65500: md = Messages.short_dependency_overview_comment(diff) @@ -471,7 +538,7 @@ def short_dependency_overview_comment(diff: Diff) -> MdUtils: md = MdUtils(file_name="markdown_overview_temp.md") md.new_line("") md.new_header(level=1, title="Socket Security: Dependency Overview") - md.new_line("New and removed dependencies detected. Learn more about [socket.dev](https://socket.dev)") + md.new_line("Review the following changes in direct dependencies. Learn more about [socket.dev](https://socket.dev)") md.new_line() md.new_line("The amount of dependency changes were to long for this comment. Please check out the full report") md.new_line(f"To view more information about this report checkout the [Full Report]({diff.diff_url})") @@ -498,40 +565,63 @@ def create_remove_line(diff: Diff, md: MdUtils) -> MdUtils: def create_added_table(diff: Diff, md: MdUtils) -> MdUtils: """ Create the Added packages table for the Dependency Overview template - :param diff: Diff - Diff report with the Added packages information + :param diff: Diff - Diff report with the Added package information :param md: MdUtils - Main markdown variable :return: """ + # Table column headers overview_table = [ + "Diff", "Package", - "Direct", - "Capabilities", - "Transitives", - "Size", - "Author" + "Supply Chain
    Security", + "Vulnerability", + "Quality", + "Maintenance", + "License" ] num_of_overview_columns = len(overview_table) + count = 0 for added in diff.new_packages: - added: Purl - package_url = Messages.create_purl_link(added) - capabilities = ", ".join(added.capabilities) + added: Purl # Ensure `added` has scores and relevant attributes. + + package_url = f"[{added.purl}]({added.url})" + diff_badge = f"[![+](https://github-app-statics.socket.dev/diff-added.svg)]({added.url})" + + # Scores dynamically converted to badge URLs and linked + def score_to_badge(score): + score_percent = int(score * 100) # Convert to integer percentage + return f"[![{score_percent}](https://github-app-statics.socket.dev/score-{score_percent}.svg)]({added.url})" + + # Generate badges for each score type + supply_chain_risk_badge = score_to_badge(added.scores.get("supplyChain", 100)) + vulnerability_badge = score_to_badge(added.scores.get("vulnerability", 100)) + quality_badge = score_to_badge(added.scores.get("quality", 100)) + maintenance_badge = score_to_badge(added.scores.get("maintenance", 100)) + license_badge = score_to_badge(added.scores.get("license", 100)) + + # Add the row for this package row = [ + diff_badge, package_url, - added.direct, - capabilities, - added.transitives, - f"{added.size} KB", - added.author_url + supply_chain_risk_badge, + vulnerability_badge, + quality_badge, + maintenance_badge, + license_badge ] overview_table.extend(row) - count += 1 - num_of_overview_rows = count + 1 + count += 1 # Count total packages + + # Calculate total rows for table + num_of_overview_rows = count + 1 # Include header row + + # Generate Markdown table md.new_table( columns=num_of_overview_columns, rows=num_of_overview_rows, text=overview_table, - text_align="left" + text_align="center" ) return md diff --git a/socketsecurity/core/scm_comments.py b/socketsecurity/core/scm_comments.py index 7bcb203..bd1b4d7 100644 --- a/socketsecurity/core/scm_comments.py +++ b/socketsecurity/core/scm_comments.py @@ -84,9 +84,22 @@ def is_heading_line(line) -> bool: @staticmethod def process_security_comment(comment: Comment, comments) -> str: - lines = [] - start = False ignore_all, ignore_commands = Comments.get_ignore_options(comments) + if "start-socket-alerts-table" in "".join(comment.body_list): + new_body = Comments.process_original_security_comment(comment, ignore_all, ignore_commands) + else: + new_body = Comments.process_updated_security_comment(comment, ignore_all, ignore_commands) + + return new_body + + @staticmethod + def process_original_security_comment( + comment: Comment, + ignore_all: bool, + ignore_commands: list[tuple[str, str]] + ) -> str: + start = False + lines = [] for line in comment.body_list: line = line.strip() if "start-socket-alerts-table" in line: @@ -110,8 +123,97 @@ def process_security_comment(comment: Comment, comments) -> str: lines.append(line) else: lines.append(line) - new_body = "\n".join(lines) - return new_body + return "\n".join(lines) + + @staticmethod + def process_updated_security_comment( + comment: Comment, + ignore_all: bool, + ignore_commands: list[tuple[str, str]] + ) -> str: + """ + Processes an updated security comment containing an HTML table with alert sections. + Removes entire sections marked by start and end hidden comments if the alert matches + ignore conditions. + + :param comment: Comment - The raw comment object containing the existing information. + :param ignore_all: bool - Flag to ignore all alerts. + :param ignore_commands: list of tuples - Specific ignore commands representing (pkg_name, pkg_version). + :return: str - The updated comment as a single string. + """ + lines = [] + ignore_section = False + pkg_name = pkg_version = "" # Track current package and version + + # Loop through the comment lines + for line in comment.body_list: + line = line.strip() + + # Detect the start of an alert section + if line.startswith(" > **❗️ Caution** > **Review the following alerts detected in dependencies.** > -> According to your organization’s Security Policy, you **must** resolve all **“Block”** alerts before proceeding. It’s recommended to resolve **“Warn”** alerts too. +> According to your organization's Security Policy, you **must** resolve all **"Block"** alerts before proceeding. It's recommended to resolve **"Warn"** alerts too. > Learn more about [Socket for GitHub](https://socket.dev?utm_medium=gh). @@ -330,8 +343,8 @@ def security_comment_template(diff: Diff) -> str: """ - # Loop through alerts, dynamically generating rows - for alert in diff.new_alerts: + # Loop through security alerts (non-license), dynamically generating rows + for alert in security_alerts: severity_icon = Messages.get_severity_icon(alert.severity) action = "Block" if alert.error else "Warn" details_open = "" @@ -365,7 +378,48 @@ def security_comment_template(diff: Diff) -> str: """ - # Close table and comment + # Add license policy violation entries grouped by PURL + for purl_key, alerts in license_groups.items(): + action = "Block" if any(alert.error for alert in alerts) else "Warn" + first_alert = alerts[0] + + # Use orange diamond for license policy violations + license_icon = "🔶" + + # Build license findings list + license_findings = [] + for alert in alerts: + license_findings.append(alert.title) + + comment += f""" + + + {action} + {license_icon} + +
    + {first_alert.pkg_name}@{first_alert.pkg_version} has a License Policy Violation. +

    License findings:

    +
      +""" + for finding in license_findings: + comment += f"
    • {finding}
      • \n" + + comment += f"""
    +

    From: {first_alert.manifests}

    +

    ℹ️ Read more on: This package | What is a license policy violation?

    +
    +

    Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

    +

    Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license.

    +

    Mark the package as acceptable risk: To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore {first_alert.pkg_name}@{first_alert.pkg_version}. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

    +
    +
    + + + + """ + + # Close table comment += """ diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index b1100d1..7731a5d 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -125,7 +125,7 @@ def main_code(): if not config.branch: config.branch = git_repo.branch if not config.committers: - config.committers = [git_repo.author] + config.committers = [git_repo.get_formatted_committer()] if not config.commit_message: config.commit_message = git_repo.commit_message except InvalidGitRepositoryError: @@ -320,6 +320,33 @@ def main_code(): diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) output_handler.handle_output(diff) + + elif config.enable_diff and not force_api_mode: + # New logic: --enable-diff forces diff mode even with --integration api (no SCM) + log.info("Diff mode enabled without SCM integration") + diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + output_handler.handle_output(diff) + + elif config.enable_diff and force_api_mode: + # User requested diff mode but no manifest files were detected + log.warning("--enable-diff was specified but no supported manifest files were detected in the changed files. Falling back to full scan mode.") + log.info("Creating Socket Report (full scan)") + serializable_params = { + key: value if isinstance(value, (int, float, str, list, dict, bool, type(None))) else str(value) + for key, value in params.__dict__.items() + } + log.debug(f"params={serializable_params}") + diff = core.create_full_scan_with_report_url( + config.target_path, + params, + no_change=should_skip_scan, + save_files_list_path=config.save_submitted_files_list, + save_manifest_tar_path=config.save_manifest_tar + ) + log.info(f"Full scan created with ID: {diff.id}") + log.info(f"Full scan report URL: {diff.report_url}") + output_handler.handle_output(diff) + else: if force_api_mode: log.info("No Manifest files changed, creating Socket Report") diff --git a/tests/unit/test_cli_config.py b/tests/unit/test_cli_config.py index db7b1f5..40178d3 100644 --- a/tests/unit/test_cli_config.py +++ b/tests/unit/test_cli_config.py @@ -24,8 +24,20 @@ def test_default_values(self): @pytest.mark.parametrize("flag,attr", [ ("--enable-debug", "enable_debug"), ("--disable-blocking", "disable_blocking"), - ("--allow-unverified", "allow_unverified") + ("--allow-unverified", "allow_unverified"), + ("--enable-diff", "enable_diff") ]) def test_boolean_flags(self, flag, attr): config = CliConfig.from_args(["--api-token", "test", flag]) - assert getattr(config, attr) is True \ No newline at end of file + assert getattr(config, attr) is True + + def test_enable_diff_default_false(self): + """Test that enable_diff defaults to False""" + config = CliConfig.from_args(["--api-token", "test"]) + assert config.enable_diff is False + + def test_enable_diff_with_integration_api(self): + """Test that enable_diff can be used with integration api""" + config = CliConfig.from_args(["--api-token", "test", "--integration", "api", "--enable-diff"]) + assert config.enable_diff is True + assert config.integration_type == "api" \ No newline at end of file From a2d97ab2664cb60ca7a07d3e95ecfe1c33549677 Mon Sep 17 00:00:00 2001 From: Douglas Date: Sat, 23 Aug 2025 07:23:56 -0700 Subject: [PATCH 096/149] improve gitlab token usage (#112) * Removing test files * Adding support for both gitlab token styles --- README.md | 74 ++++++++++++ pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/scm/client.py | 47 +++++++- socketsecurity/core/scm/gitlab.py | 120 +++++++++++++++++-- tests/unit/test_gitlab_auth.py | 116 +++++++++++++++++++ tests/unit/test_gitlab_auth_fallback.py | 148 ++++++++++++++++++++++++ workflows/gitlab-ci.yml | 3 + 8 files changed, 500 insertions(+), 12 deletions(-) create mode 100644 tests/unit/test_gitlab_auth.py create mode 100644 tests/unit/test_gitlab_auth_fallback.py diff --git a/README.md b/README.md index 6f9ca2b..f0cf94b 100644 --- a/README.md +++ b/README.md @@ -179,6 +179,74 @@ The CLI uses intelligent default branch detection with the following priority: Both `--default-branch` and `--pending-head` parameters are automatically synchronized to ensure consistent behavior. +## GitLab Token Configuration + +The CLI supports GitLab integration with automatic authentication pattern detection for different token types. + +### Supported Token Types + +GitLab API supports two authentication methods, and the CLI automatically detects which one to use: + +1. **Bearer Token Authentication** (`Authorization: Bearer `) + - GitLab CI Job Tokens (`$CI_JOB_TOKEN`) + - Personal Access Tokens with `glpat-` prefix + - OAuth 2.0 tokens (long alphanumeric tokens) + +2. **Private Token Authentication** (`PRIVATE-TOKEN: `) + - Legacy personal access tokens + - Custom tokens that don't match Bearer patterns + +### Token Detection Logic + +The CLI automatically determines the authentication method using this logic: + +``` +if token == $CI_JOB_TOKEN: + use Bearer authentication +elif token starts with "glpat-": + use Bearer authentication +elif token is long (>40 chars) and alphanumeric: + use Bearer authentication +else: + use PRIVATE-TOKEN authentication +``` + +### Automatic Fallback + +If the initial authentication method fails with a 401 error, the CLI automatically retries with the alternative method: + +- **Bearer → PRIVATE-TOKEN**: If Bearer authentication fails, retry with PRIVATE-TOKEN +- **PRIVATE-TOKEN → Bearer**: If PRIVATE-TOKEN fails, retry with Bearer authentication + +This ensures maximum compatibility across different GitLab configurations and token types. + +### Environment Variables + +| Variable | Description | Example | +|:---------|:------------|:--------| +| `GITLAB_TOKEN` | GitLab API token (required for GitLab integration) | `glpat-xxxxxxxxxxxxxxxxxxxx` | +| `CI_JOB_TOKEN` | GitLab CI job token (automatically used in GitLab CI) | Automatically provided by GitLab CI | + +### Usage Examples + +**GitLab CI with job token (recommended):** +```yaml +variables: + GITLAB_TOKEN: $CI_JOB_TOKEN +``` + +**GitLab CI with personal access token:** +```yaml +variables: + GITLAB_TOKEN: $GITLAB_PERSONAL_ACCESS_TOKEN # Set in GitLab project/group variables +``` + +**Local development:** +```bash +export GITLAB_TOKEN="glpat-your-personal-access-token" +socketcli --integration gitlab --repo owner/repo --pr-number 123 +``` + ### Scan Behavior The CLI determines scanning behavior intelligently: @@ -340,4 +408,10 @@ Implementation targets: ### Environment Variables +#### Core Configuration +- `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter) - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python) + +#### GitLab Integration +- `GITLAB_TOKEN`: GitLab API token for GitLab integration (supports both Bearer and PRIVATE-TOKEN authentication) +- `CI_JOB_TOKEN`: GitLab CI job token (automatically provided in GitLab CI environments) diff --git a/pyproject.toml b/pyproject.toml index 2f5c9e7..e4c54e3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.0" +version = "2.2.2" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 9309f87..c0d192a 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.0' +__version__ = '2.2.2' diff --git a/socketsecurity/core/scm/client.py b/socketsecurity/core/scm/client.py index e5bbb73..1033613 100644 --- a/socketsecurity/core/scm/client.py +++ b/socketsecurity/core/scm/client.py @@ -34,8 +34,51 @@ def get_headers(self) -> Dict: class GitlabClient(ScmClient): def get_headers(self) -> Dict: - return { - 'Authorization': f"Bearer {self.token}", + """ + Determine the appropriate authentication headers for GitLab API. + Uses the same logic as GitlabConfig._get_auth_headers() + """ + return self._get_gitlab_auth_headers(self.token) + + @staticmethod + def _get_gitlab_auth_headers(token: str) -> dict: + """ + Determine the appropriate authentication headers for GitLab API. + + GitLab supports two authentication patterns: + 1. Bearer token (OAuth 2.0 tokens, personal access tokens with api scope) + 2. Private token (personal access tokens) + """ + import os + + base_headers = { 'User-Agent': 'SocketPythonScript/0.0.1', "accept": "application/json" } + + # Check if this is a GitLab CI job token + if token == os.getenv('CI_JOB_TOKEN'): + return { + **base_headers, + 'Authorization': f"Bearer {token}" + } + + # Check for personal access token pattern + if token.startswith('glpat-'): + return { + **base_headers, + 'Authorization': f"Bearer {token}" + } + + # Check for OAuth token pattern (typically longer and alphanumeric) + if len(token) > 40 and token.isalnum(): + return { + **base_headers, + 'Authorization': f"Bearer {token}" + } + + # Default to PRIVATE-TOKEN for other token types + return { + **base_headers, + 'PRIVATE-TOKEN': f"{token}" + } diff --git a/socketsecurity/core/scm/gitlab.py b/socketsecurity/core/scm/gitlab.py index 24b1df3..b5f46b7 100644 --- a/socketsecurity/core/scm/gitlab.py +++ b/socketsecurity/core/scm/gitlab.py @@ -42,6 +42,9 @@ def from_env(cls) -> 'GitlabConfig': mr_source_branch = os.getenv('CI_MERGE_REQUEST_SOURCE_BRANCH_NAME') default_branch = os.getenv('CI_DEFAULT_BRANCH', '') + # Determine which authentication pattern to use + headers = cls._get_auth_headers(token) + return cls( commit_sha=os.getenv('CI_COMMIT_SHA', ''), api_url=os.getenv('CI_API_V4_URL', ''), @@ -57,18 +60,119 @@ def from_env(cls) -> 'GitlabConfig': token=token, repository=project_name, is_default_branch=(mr_source_branch == default_branch if mr_source_branch else False), - headers={ - 'Authorization': f"Bearer {token}", - 'User-Agent': 'SocketPythonScript/0.0.1', - "accept": "application/json" - } + headers=headers ) + @staticmethod + def _get_auth_headers(token: str) -> dict: + """ + Determine the appropriate authentication headers for GitLab API. + + GitLab supports two authentication patterns: + 1. Bearer token (OAuth 2.0 tokens, personal access tokens with api scope) + 2. Private token (personal access tokens) + + Logic for token type determination: + - CI_JOB_TOKEN: Always use Bearer (GitLab CI job token) + - Tokens starting with 'glpat-': Personal access tokens, try Bearer first + - OAuth tokens: Use Bearer + - Other tokens: Use PRIVATE-TOKEN as fallback + """ + base_headers = { + 'User-Agent': 'SocketPythonScript/0.0.1', + "accept": "application/json" + } + + # Check if this is a GitLab CI job token + if token == os.getenv('CI_JOB_TOKEN'): + log.debug("Using Bearer authentication for GitLab CI job token") + return { + **base_headers, + 'Authorization': f"Bearer {token}" + } + + # Check for personal access token pattern + if token.startswith('glpat-'): + log.debug("Using Bearer authentication for GitLab personal access token") + return { + **base_headers, + 'Authorization': f"Bearer {token}" + } + + # Check for OAuth token pattern (typically longer and alphanumeric) + if len(token) > 40 and token.isalnum(): + log.debug("Using Bearer authentication for potential OAuth token") + return { + **base_headers, + 'Authorization': f"Bearer {token}" + } + + # Default to PRIVATE-TOKEN for other token types + log.debug("Using PRIVATE-TOKEN authentication for GitLab token") + return { + **base_headers, + 'PRIVATE-TOKEN': f"{token}" + } + class Gitlab: def __init__(self, client: CliClient, config: Optional[GitlabConfig] = None): self.config = config or GitlabConfig.from_env() self.client = client + def _request_with_fallback(self, **kwargs): + """ + Make a request with automatic fallback between Bearer and PRIVATE-TOKEN authentication. + This provides robustness when the initial token type detection is incorrect. + """ + try: + # Try the initial request with the configured headers + return self.client.request(**kwargs) + except Exception as e: + # Check if this is an authentication error (401) + if hasattr(e, 'response') and e.response and e.response.status_code == 401: + log.debug(f"Authentication failed with initial headers, trying fallback method") + + # Determine the fallback headers + original_headers = kwargs.get('headers', self.config.headers) + fallback_headers = self._get_fallback_headers(original_headers) + + if fallback_headers and fallback_headers != original_headers: + log.debug("Retrying request with fallback authentication method") + kwargs['headers'] = fallback_headers + return self.client.request(**kwargs) + + # Re-raise the original exception if it's not an auth error or fallback failed + raise + + def _get_fallback_headers(self, original_headers: dict) -> dict: + """ + Generate fallback authentication headers. + If using Bearer, fallback to PRIVATE-TOKEN and vice versa. + """ + base_headers = { + 'User-Agent': 'SocketPythonScript/0.0.1', + "accept": "application/json" + } + + # If currently using Bearer, try PRIVATE-TOKEN + if 'Authorization' in original_headers and 'Bearer' in original_headers['Authorization']: + log.debug("Falling back from Bearer to PRIVATE-TOKEN authentication") + return { + **base_headers, + 'PRIVATE-TOKEN': f"{self.config.token}" + } + + # If currently using PRIVATE-TOKEN, try Bearer + elif 'PRIVATE-TOKEN' in original_headers: + log.debug("Falling back from PRIVATE-TOKEN to Bearer authentication") + return { + **base_headers, + 'Authorization': f"Bearer {self.config.token}" + } + + # No fallback available + return None + def check_event_type(self) -> str: pipeline_source = self.config.pipeline_source.lower() if pipeline_source in ["web", 'merge_request_event', "push", "api"]: @@ -84,7 +188,7 @@ def check_event_type(self) -> str: def post_comment(self, body: str) -> None: path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes" payload = {"body": body} - self.client.request( + self._request_with_fallback( path=path, payload=payload, method="POST", @@ -95,7 +199,7 @@ def post_comment(self, body: str) -> None: def update_comment(self, body: str, comment_id: str) -> None: path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes/{comment_id}" payload = {"body": body} - self.client.request( + self._request_with_fallback( path=path, payload=payload, method="PUT", @@ -106,7 +210,7 @@ def update_comment(self, body: str, comment_id: str) -> None: def get_comments_for_pr(self) -> dict: log.debug(f"Getting Gitlab comments for Repo {self.config.repository} for PR {self.config.mr_iid}") path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes" - response = self.client.request( + response = self._request_with_fallback( path=path, headers=self.config.headers, base_url=self.config.api_url diff --git a/tests/unit/test_gitlab_auth.py b/tests/unit/test_gitlab_auth.py new file mode 100644 index 0000000..be34224 --- /dev/null +++ b/tests/unit/test_gitlab_auth.py @@ -0,0 +1,116 @@ +"""Tests for GitLab authentication patterns""" +import os +import pytest +from unittest.mock import patch, MagicMock + +from socketsecurity.core.scm.gitlab import GitlabConfig + + +class TestGitlabAuthHeaders: + """Test GitLab authentication header generation""" + + def test_ci_job_token_uses_bearer(self): + """CI_JOB_TOKEN should always use Bearer authentication""" + with patch.dict(os.environ, {'CI_JOB_TOKEN': 'ci-job-token-123'}): + headers = GitlabConfig._get_auth_headers('ci-job-token-123') + assert 'Authorization' in headers + assert headers['Authorization'] == 'Bearer ci-job-token-123' + assert 'PRIVATE-TOKEN' not in headers + + def test_personal_access_token_uses_bearer(self): + """Personal access tokens (glpat-*) should use Bearer authentication""" + token = 'glpat-xxxxxxxxxxxxxxxxxxxx' + headers = GitlabConfig._get_auth_headers(token) + assert 'Authorization' in headers + assert headers['Authorization'] == f'Bearer {token}' + assert 'PRIVATE-TOKEN' not in headers + + def test_oauth_token_uses_bearer(self): + """Long alphanumeric tokens (OAuth) should use Bearer authentication""" + token = 'a' * 50 # 50 character alphanumeric token + headers = GitlabConfig._get_auth_headers(token) + assert 'Authorization' in headers + assert headers['Authorization'] == f'Bearer {token}' + assert 'PRIVATE-TOKEN' not in headers + + def test_short_token_uses_private_token(self): + """Short tokens should use PRIVATE-TOKEN authentication""" + token = 'short-token-123' + headers = GitlabConfig._get_auth_headers(token) + assert 'PRIVATE-TOKEN' in headers + assert headers['PRIVATE-TOKEN'] == token + assert 'Authorization' not in headers + + def test_mixed_alphanumeric_token_uses_private_token(self): + """Tokens with non-alphanumeric characters should use PRIVATE-TOKEN""" + token = 'token-with-dashes-and_underscores' + headers = GitlabConfig._get_auth_headers(token) + assert 'PRIVATE-TOKEN' in headers + assert headers['PRIVATE-TOKEN'] == token + assert 'Authorization' not in headers + + def test_all_headers_include_base_headers(self): + """All authentication patterns should include base headers""" + test_tokens = [ + 'glpat-xxxxxxxxxxxxxxxxxxxx', # Bearer + 'short-token' # PRIVATE-TOKEN + ] + + for token in test_tokens: + headers = GitlabConfig._get_auth_headers(token) + assert headers['User-Agent'] == 'SocketPythonScript/0.0.1' + assert headers['accept'] == 'application/json' + + @patch.dict(os.environ, {'CI_JOB_TOKEN': 'ci-token-123'}) + def test_ci_job_token_detection_priority(self): + """CI_JOB_TOKEN should be detected even if token doesn't match CI_JOB_TOKEN value""" + # This tests the case where GITLAB_TOKEN != CI_JOB_TOKEN + headers = GitlabConfig._get_auth_headers('different-token') + # Should not use Bearer since token doesn't match CI_JOB_TOKEN + assert 'PRIVATE-TOKEN' in headers + assert headers['PRIVATE-TOKEN'] == 'different-token' + + +class TestGitlabConfigFromEnv: + """Test GitlabConfig.from_env() method""" + + @patch.dict(os.environ, { + 'GITLAB_TOKEN': 'glpat-test-token', + 'CI_PROJECT_NAME': 'test-project', + 'CI_API_V4_URL': 'https://gitlab.example.com/api/v4', + 'CI_COMMIT_SHA': 'abc123', + 'CI_PROJECT_DIR': '/builds/test', + 'CI_PIPELINE_SOURCE': 'merge_request_event' + }) + def test_from_env_creates_config_with_correct_headers(self): + """from_env should create config with appropriate auth headers""" + config = GitlabConfig.from_env() + + # Should use Bearer for glpat- token + assert 'Authorization' in config.headers + assert config.headers['Authorization'] == 'Bearer glpat-test-token' + assert 'PRIVATE-TOKEN' not in config.headers + assert config.token == 'glpat-test-token' + + @patch.dict(os.environ, { + 'GITLAB_TOKEN': 'custom-token', + 'CI_PROJECT_NAME': 'test-project' + }, clear=True) + def test_from_env_with_private_token(self): + """from_env should use PRIVATE-TOKEN for non-standard tokens""" + config = GitlabConfig.from_env() + + # Should use PRIVATE-TOKEN for custom token + assert 'PRIVATE-TOKEN' in config.headers + assert config.headers['PRIVATE-TOKEN'] == 'custom-token' + assert 'Authorization' not in config.headers + + def test_from_env_missing_token_exits(self): + """from_env should exit when GITLAB_TOKEN is missing""" + with patch.dict(os.environ, {}, clear=True): + with pytest.raises(SystemExit): + GitlabConfig.from_env() + + +if __name__ == '__main__': + pytest.main([__file__]) diff --git a/tests/unit/test_gitlab_auth_fallback.py b/tests/unit/test_gitlab_auth_fallback.py new file mode 100644 index 0000000..e9e9b0c --- /dev/null +++ b/tests/unit/test_gitlab_auth_fallback.py @@ -0,0 +1,148 @@ +"""Integration test demonstrating GitLab authentication fallback""" +import os +from unittest.mock import patch, MagicMock +import pytest + +from socketsecurity.core.scm.gitlab import Gitlab, GitlabConfig +from socketsecurity.socketcli import CliClient + + +class TestGitlabAuthFallback: + """Test GitLab authentication fallback mechanism""" + + @patch.dict(os.environ, { + 'GITLAB_TOKEN': 'test-token', + 'CI_PROJECT_NAME': 'test-project', + 'CI_API_V4_URL': 'https://gitlab.example.com/api/v4', + 'CI_MERGE_REQUEST_IID': '123', + 'CI_MERGE_REQUEST_PROJECT_ID': '456' + }) + def test_fallback_from_private_token_to_bearer(self): + """Test fallback from PRIVATE-TOKEN to Bearer authentication""" + # Create a mock client that simulates auth failure then success + mock_client = MagicMock(spec=CliClient) + + # First call (with PRIVATE-TOKEN) fails with 401 + auth_error = Exception() + auth_error.response = MagicMock() + auth_error.response.status_code = 401 + + # Second call (with Bearer) succeeds + success_response = {'notes': []} + + mock_client.request.side_effect = [auth_error, success_response] + + # Create GitLab instance with mock client + gitlab = Gitlab(client=mock_client) + + # This should trigger the fallback mechanism + result = gitlab.get_comments_for_pr() + + # Verify two requests were made + assert mock_client.request.call_count == 2 + + # First call should use PRIVATE-TOKEN (default for 'test-token') + first_call_headers = mock_client.request.call_args_list[0][1]['headers'] + assert 'PRIVATE-TOKEN' in first_call_headers + assert first_call_headers['PRIVATE-TOKEN'] == 'test-token' + + # Second call should use Bearer (fallback) + second_call_headers = mock_client.request.call_args_list[1][1]['headers'] + assert 'Authorization' in second_call_headers + assert second_call_headers['Authorization'] == 'Bearer test-token' + + @patch.dict(os.environ, { + 'GITLAB_TOKEN': 'glpat-test-token', + 'CI_PROJECT_NAME': 'test-project', + 'CI_API_V4_URL': 'https://gitlab.example.com/api/v4', + 'CI_MERGE_REQUEST_IID': '123', + 'CI_MERGE_REQUEST_PROJECT_ID': '456' + }) + def test_fallback_from_bearer_to_private_token(self): + """Test fallback from Bearer to PRIVATE-TOKEN authentication""" + # Create a mock client that simulates auth failure then success + mock_client = MagicMock(spec=CliClient) + + # First call (with Bearer) fails with 401 + auth_error = Exception() + auth_error.response = MagicMock() + auth_error.response.status_code = 401 + + # Second call (with PRIVATE-TOKEN) succeeds + success_response = {'notes': []} + + mock_client.request.side_effect = [auth_error, success_response] + + # Create GitLab instance with mock client + gitlab = Gitlab(client=mock_client) + + # This should trigger the fallback mechanism + result = gitlab.get_comments_for_pr() + + # Verify two requests were made + assert mock_client.request.call_count == 2 + + # First call should use Bearer (default for 'glpat-' token) + first_call_headers = mock_client.request.call_args_list[0][1]['headers'] + assert 'Authorization' in first_call_headers + assert first_call_headers['Authorization'] == 'Bearer glpat-test-token' + + # Second call should use PRIVATE-TOKEN (fallback) + second_call_headers = mock_client.request.call_args_list[1][1]['headers'] + assert 'PRIVATE-TOKEN' in second_call_headers + assert second_call_headers['PRIVATE-TOKEN'] == 'glpat-test-token' + + @patch.dict(os.environ, { + 'GITLAB_TOKEN': 'test-token', + 'CI_PROJECT_NAME': 'test-project', + 'CI_API_V4_URL': 'https://gitlab.example.com/api/v4', + 'CI_MERGE_REQUEST_IID': '123', + 'CI_MERGE_REQUEST_PROJECT_ID': '456' + }) + def test_non_auth_error_not_retried(self): + """Test that non-authentication errors are not retried""" + # Create a mock client that simulates a non-auth error + mock_client = MagicMock(spec=CliClient) + + # Simulate a 500 error (not auth-related) + server_error = Exception() + server_error.response = MagicMock() + server_error.response.status_code = 500 + + mock_client.request.side_effect = server_error + + # Create GitLab instance with mock client + gitlab = Gitlab(client=mock_client) + + # This should NOT trigger the fallback mechanism + with pytest.raises(Exception): + gitlab.get_comments_for_pr() + + # Verify only one request was made (no retry) + assert mock_client.request.call_count == 1 + + @patch.dict(os.environ, { + 'GITLAB_TOKEN': 'test-token', + 'CI_PROJECT_NAME': 'test-project', + 'CI_API_V4_URL': 'https://gitlab.example.com/api/v4', + 'CI_MERGE_REQUEST_IID': '123', + 'CI_MERGE_REQUEST_PROJECT_ID': '456' + }) + def test_successful_first_attempt_no_fallback(self): + """Test that successful requests don't trigger fallback""" + # Create a mock client that succeeds on first try + mock_client = MagicMock(spec=CliClient) + mock_client.request.return_value = {'notes': []} + + # Create GitLab instance with mock client + gitlab = Gitlab(client=mock_client) + + # This should succeed on first try + result = gitlab.get_comments_for_pr() + + # Verify only one request was made + assert mock_client.request.call_count == 1 + + +if __name__ == '__main__': + pytest.main([__file__]) diff --git a/workflows/gitlab-ci.yml b/workflows/gitlab-ci.yml index 4e44580..59ea864 100644 --- a/workflows/gitlab-ci.yml +++ b/workflows/gitlab-ci.yml @@ -43,6 +43,9 @@ socket-security: # Required for GitLab integration to work properly variables: SOCKET_SECURITY_API_KEY: $SOCKET_SECURITY_API_KEY + # GitLab token for API access - supports both authentication patterns: + # 1. CI_JOB_TOKEN: Built-in GitLab CI token (automatically uses Bearer auth) + # 2. Personal Access Token: Custom token (auto-detects Bearer vs PRIVATE-TOKEN) GITLAB_TOKEN: $CI_JOB_TOKEN # Optional: Run only when manifest files change (more efficient) From f808583abf3b8f9816922e24391958d29ae0a400 Mon Sep 17 00:00:00 2001 From: Douglas Date: Sat, 23 Aug 2025 17:16:32 -0700 Subject: [PATCH 097/149] Migrate from socket-sdk-python to socketdev>=3.0.0 and switch to uv (#113) * Migrate from socket-sdk-python to socketdev>=3.0.0 and switch to uv - Update pyproject.toml to use socketdev>=3.0.0,<4.0.0 instead of socket-sdk-python - Replace pip-tools with uv for dependency management - Update Makefile to use uv commands (uv pip compile, uv pip sync, etc.) - Update Dockerfile to install socketdev instead of socket-sdk-python - Update deployment scripts to reference socketdev - Update README to reflect uv usage - Regenerate all requirements files with uv - Add requirements-test.txt file - Update SOCKET_SDK_PATH references to point to ../socketdev - Version bump to 2.2.3 * Switch to uv.lock for dependency management - Replace requirements.txt files with uv.lock - Update Makefile to use 'uv sync' instead of pip-compile workflow - Simplify dependency management with 'uv lock' and 'uv sync --all-extras' - Update test and lint commands to use 'uv run' - Remove old requirements.txt, requirements-dev.txt, requirements-test.txt files - Update README documentation to reflect uv.lock workflow - Version bump to 2.2.4 --- Dockerfile | 2 +- Makefile | 51 +- README.md | 18 +- pyproject.toml | 6 +- requirements-dev.lock | 73 -- requirements-dev.txt | 73 -- requirements.lock | 71 -- requirements.txt | 71 -- scripts/deploy-test-docker.sh | 2 +- socketsecurity/__init__.py | 2 +- uv.lock | 1388 +++++++++++++++++++++++++++++++++ 11 files changed, 1424 insertions(+), 333 deletions(-) delete mode 100644 requirements-dev.lock delete mode 100644 requirements-dev.txt delete mode 100644 requirements.lock delete mode 100644 requirements.txt create mode 100644 uv.lock diff --git a/Dockerfile b/Dockerfile index 76d3721..040036d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,5 +18,5 @@ RUN for i in $(seq 1 10); do \ sleep 30; \ done && \ if [ ! -z "$SDK_VERSION" ]; then \ - pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socket-sdk-python==${SDK_VERSION}; \ + pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \ fi \ No newline at end of file diff --git a/Makefile b/Makefile index e1bc1ad..c0fb1b0 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ -.PHONY: setup compile-deps sync-deps clean test lint init-tools local-dev first-time-setup update-deps dev-setup sync-all first-time-local-setup +.PHONY: setup sync clean test lint update-lock local-dev first-time-setup dev-setup sync-all first-time-local-setup # Environment variable for local SDK path (optional) -SOCKET_SDK_PATH ?= ../socket-sdk-python +SOCKET_SDK_PATH ?= ../socketdev # Environment variable to control local development mode USE_LOCAL_SDK ?= false @@ -16,44 +16,37 @@ first-time-local-setup: $(MAKE) clean $(MAKE) USE_LOCAL_SDK=true dev-setup -# Update dependencies after changing pyproject.toml -update-deps: compile-deps sync-deps +# Update lock file after changing pyproject.toml +update-lock: + uv lock # Setup for local development dev-setup: clean local-dev setup # Sync all dependencies after pulling changes -sync-all: sync-deps +sync-all: sync # === Implementation targets === -# Creates virtual environment and installs pip-tools -init-tools: - python -m venv .venv - . .venv/bin/activate && pip install pip-tools - # Installs dependencies needed for local development -# Currently: socket-sdk-python from test PyPI or local path -local-dev: init-tools +# Currently: socketdev from test PyPI or local path +local-dev: ifeq ($(USE_LOCAL_SDK),true) - . .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH) + uv add --editable $(SOCKET_SDK_PATH) endif -# Creates/updates requirements.txt files with locked versions based on pyproject.toml -compile-deps: local-dev - . .venv/bin/activate && pip-compile --output-file=requirements.txt pyproject.toml - . .venv/bin/activate && pip-compile --extra=dev --output-file=requirements-dev.txt pyproject.toml - . .venv/bin/activate && pip-compile --extra=test --output-file=requirements-test.txt pyproject.toml - -# Creates virtual environment and installs dependencies from pyproject.toml -setup: compile-deps - . .venv/bin/activate && pip install -e ".[dev,test]" +# Creates virtual environment and installs dependencies from uv.lock +setup: update-lock + uv sync --all-extras +ifeq ($(USE_LOCAL_SDK),true) + uv add --editable $(SOCKET_SDK_PATH) +endif -# Installs exact versions from requirements.txt into your virtual environment -sync-deps: - . .venv/bin/activate && pip-sync requirements.txt requirements-dev.txt requirements-test.txt +# Installs exact versions from uv.lock into your virtual environment +sync: + uv sync --all-extras ifeq ($(USE_LOCAL_SDK),true) - . .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH) + uv add --editable $(SOCKET_SDK_PATH) endif # Removes virtual environment and cache files @@ -62,8 +55,8 @@ clean: find . -type d -name "__pycache__" -exec rm -rf {} + test: - pytest + uv run pytest lint: - ruff check . - ruff format --check . \ No newline at end of file + uv run ruff check . + uv run ruff format --check . \ No newline at end of file diff --git a/README.md b/README.md index f0cf94b..5295e95 100644 --- a/README.md +++ b/README.md @@ -371,9 +371,9 @@ make first-time-setup 2. Local Development Setup (for SDK development): ```bash pyenv local 3.11 # Ensure correct Python version -SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup +SOCKET_SDK_PATH=~/path/to/socketdev make first-time-local-setup ``` -The default SDK path is `../socket-sdk-python` if not specified. +The default SDK path is `../socketdev` if not specified. #### Ongoing Development Tasks @@ -392,25 +392,23 @@ make sync-all High-level workflows: - `make first-time-setup`: Complete setup using PyPI packages - `make first-time-local-setup`: Complete setup for local SDK development -- `make update-deps`: Update requirements.txt files and sync dependencies +- `make update-lock`: Update uv.lock file after changing pyproject.toml - `make sync-all`: Sync dependencies after pulling changes - `make dev-setup`: Setup for local development (included in first-time-local-setup) Implementation targets: -- `make init-tools`: Creates virtual environment and installs pip-tools - `make local-dev`: Installs dependencies needed for local development -- `make compile-deps`: Generates requirements.txt files with locked versions -- `make setup`: Creates virtual environment and installs dependencies -- `make sync-deps`: Installs exact versions from requirements.txt +- `make setup`: Creates virtual environment and installs dependencies from uv.lock +- `make sync`: Installs exact versions from uv.lock - `make clean`: Removes virtual environment and cache files -- `make test`: Runs pytest suite -- `make lint`: Runs ruff for code formatting and linting +- `make test`: Runs pytest suite using uv run +- `make lint`: Runs ruff for code formatting and linting using uv run ### Environment Variables #### Core Configuration - `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter) -- `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python) +- `SOCKET_SDK_PATH`: Path to local socketdev repository (default: ../socketdev) #### GitLab Integration - `GITLAB_TOKEN`: GitLab API token for GitLab integration (supports both Bearer and PRIVATE-TOKEN authentication) diff --git a/pyproject.toml b/pyproject.toml index e4c54e3..1783718 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.2" +version = "2.2.4" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socket-sdk-python>=2.1.8,<3' + 'socketdev>=3.0.0,<4.0.0' ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -45,7 +45,7 @@ test = [ dev = [ "ruff>=0.3.0", "twine", # for building - "pip-tools>=7.4.0", # for pip-compile + "uv>=0.1.0", # for dependency management "pre-commit", "hatch" ] diff --git a/requirements-dev.lock b/requirements-dev.lock deleted file mode 100644 index 099e79b..0000000 --- a/requirements-dev.lock +++ /dev/null @@ -1,73 +0,0 @@ -# generated by rye -# use `rye lock` or `rye sync` to update this lockfile -# -# last locked with the following flags: -# pre: false -# features: ["test"] -# all-features: false -# with-sources: false -# generate-hashes: false -# universal: false - -hatchling==1.27.0 -hatch==1.14.0 -argparse==1.4.0 - # via socketsecurity -certifi==2024.12.14 - # via requests -charset-normalizer==3.4.1 - # via requests -colorama==0.4.6 - # via pytest-watch -coverage==7.6.10 - # via pytest-cov -docopt==0.6.2 - # via pytest-watch -gitdb==4.0.12 - # via gitpython -gitpython==3.1.44 - # via socketsecurity -idna==3.10 - # via requests -iniconfig==2.0.0 - # via pytest -mdutils==1.6.0 - # via socketsecurity -packaging==24.2 - # via pytest - # via socketsecurity -pluggy==1.5.0 - # via pytest -prettytable==3.12.0 - # via socketsecurity -pytest==8.3.4 - # via pytest-asyncio - # via pytest-cov - # via pytest-mock - # via pytest-watch - # via socketsecurity -pytest-asyncio==0.25.1 - # via socketsecurity -pytest-cov==6.0.0 - # via socketsecurity -pytest-mock==3.14.0 - # via socketsecurity -pytest-watch==4.2.0 - # via socketsecurity -python-dotenv==1.0.1 - # via socketsecurity -requests==2.32.3 - # via socket-sdk-python - # via socketsecurity -smmap==5.0.2 - # via gitdb -socket-sdk-python==2.0.15 - # via socketsecurity -typing-extensions==4.12.2 - # via socket-sdk-python -urllib3==2.3.0 - # via requests -watchdog==6.0.0 - # via pytest-watch -wcwidth==0.2.13 - # via prettytable diff --git a/requirements-dev.txt b/requirements-dev.txt deleted file mode 100644 index bef361b..0000000 --- a/requirements-dev.txt +++ /dev/null @@ -1,73 +0,0 @@ -# generated by rye -# use `rye lock` or `rye sync` to update this lockfile -# -# last locked with the following flags: -# pre: false -# features: ["test"] -# all-features: false -# with-sources: false -# generate-hashes: false -# universal: false - -hatchling==1.27.0 -hatch==1.14.0 -argparse==1.4.0 - # via socketsecurity -certifi==2024.12.14 - # via requests -charset-normalizer==3.4.1 - # via requests -colorama==0.4.6 - # via pytest-watch -coverage==7.6.10 - # via pytest-cov -docopt==0.6.2 - # via pytest-watch -gitdb==4.0.12 - # via gitpython -gitpython==3.1.44 - # via socketsecurity -idna==3.10 - # via requests -iniconfig==2.0.0 - # via pytest -mdutils==1.6.0 - # via socketsecurity -packaging==24.2 - # via pytest - # via socketsecurity -pluggy==1.5.0 - # via pytest -prettytable==3.12.0 - # via socketsecurity -pytest==8.3.4 - # via pytest-asyncio - # via pytest-cov - # via pytest-mock - # via pytest-watch - # via socketsecurity -pytest-asyncio==0.25.1 - # via socketsecurity -pytest-cov==6.0.0 - # via socketsecurity -pytest-mock==3.14.0 - # via socketsecurity -pytest-watch==4.2.0 - # via socketsecurity -python-dotenv==1.0.1 - # via socketsecurity -requests==2.32.4 - # via socket-sdk-python - # via socketsecurity -smmap==5.0.2 - # via gitdb -socket-sdk-python==2.0.15 - # via socketsecurity -typing-extensions==4.12.2 - # via socket-sdk-python -urllib3==2.5.0 - # via requests -watchdog==6.0.0 - # via pytest-watch -wcwidth==0.2.13 - # via prettytable diff --git a/requirements.lock b/requirements.lock deleted file mode 100644 index 6d0be66..0000000 --- a/requirements.lock +++ /dev/null @@ -1,71 +0,0 @@ -# generated by rye -# use `rye lock` or `rye sync` to update this lockfile -# -# last locked with the following flags: -# pre: false -# features: ["test"] -# all-features: false -# with-sources: false -# generate-hashes: false -# universal: false - -argparse==1.4.0 - # via socketsecurity -certifi==2024.12.14 - # via requests -charset-normalizer==3.4.1 - # via requests -colorama==0.4.6 - # via pytest-watch -coverage==7.6.10 - # via pytest-cov -docopt==0.6.2 - # via pytest-watch -gitdb==4.0.12 - # via gitpython -gitpython==3.1.44 - # via socketsecurity -idna==3.10 - # via requests -iniconfig==2.0.0 - # via pytest -mdutils==1.6.0 - # via socketsecurity -packaging==24.2 - # via pytest - # via socketsecurity -pluggy==1.5.0 - # via pytest -prettytable==3.12.0 - # via socketsecurity -pytest==8.3.4 - # via pytest-asyncio - # via pytest-cov - # via pytest-mock - # via pytest-watch - # via socketsecurity -pytest-asyncio==0.25.1 - # via socketsecurity -pytest-cov==6.0.0 - # via socketsecurity -pytest-mock==3.14.0 - # via socketsecurity -pytest-watch==4.2.0 - # via socketsecurity -python-dotenv==1.0.1 - # via socketsecurity -requests==2.32.3 - # via socket-sdk-python - # via socketsecurity -smmap==5.0.2 - # via gitdb -socket-sdk-python==2.0.15 - # via socketsecurity -typing-extensions==4.12.2 - # via socket-sdk-python -urllib3==2.3.0 - # via requests -watchdog==6.0.0 - # via pytest-watch -wcwidth==0.2.13 - # via prettytable diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index b2a6676..0000000 --- a/requirements.txt +++ /dev/null @@ -1,71 +0,0 @@ -# generated by rye -# use `rye lock` or `rye sync` to update this lockfile -# -# last locked with the following flags: -# pre: false -# features: ["test"] -# all-features: false -# with-sources: false -# generate-hashes: false -# universal: false - -argparse==1.4.0 - # via socketsecurity -certifi==2024.12.14 - # via requests -charset-normalizer==3.4.1 - # via requests -colorama==0.4.6 - # via pytest-watch -coverage==7.6.10 - # via pytest-cov -docopt==0.6.2 - # via pytest-watch -gitdb==4.0.12 - # via gitpython -gitpython==3.1.44 - # via socketsecurity -idna==3.10 - # via requests -iniconfig==2.0.0 - # via pytest -mdutils==1.6.0 - # via socketsecurity -packaging==24.2 - # via pytest - # via socketsecurity -pluggy==1.5.0 - # via pytest -prettytable==3.12.0 - # via socketsecurity -pytest==8.3.4 - # via pytest-asyncio - # via pytest-cov - # via pytest-mock - # via pytest-watch - # via socketsecurity -pytest-asyncio==0.25.1 - # via socketsecurity -pytest-cov==6.0.0 - # via socketsecurity -pytest-mock==3.14.0 - # via socketsecurity -pytest-watch==4.2.0 - # via socketsecurity -python-dotenv==1.0.1 - # via socketsecurity -requests==2.32.4 - # via socket-sdk-python - # via socketsecurity -smmap==5.0.2 - # via gitdb -socket-sdk-python==2.1.8 - # via socketsecurity -typing-extensions==4.12.2 - # via socket-sdk-python -urllib3==2.5.0 - # via requests -watchdog==6.0.0 - # via pytest-watch -wcwidth==0.2.13 - # via prettytable diff --git a/scripts/deploy-test-docker.sh b/scripts/deploy-test-docker.sh index c9526e2..9c17eb3 100755 --- a/scripts/deploy-test-docker.sh +++ b/scripts/deploy-test-docker.sh @@ -29,7 +29,7 @@ fi if [ -z "$SDK_VERSION" ]; then echo "No SDK version specified, checking TestPyPI for latest version..." - SDK_VERSION=$(get_latest_version "socket-sdk-python") + SDK_VERSION=$(get_latest_version "socketdev") echo "Latest SDK version on TestPyPI is: $SDK_VERSION" fi diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c0d192a..c70ff49 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.2' +__version__ = '2.2.4' diff --git a/uv.lock b/uv.lock new file mode 100644 index 0000000..80b661a --- /dev/null +++ b/uv.lock @@ -0,0 +1,1388 @@ +version = 1 +revision = 3 +requires-python = ">=3.10" + +[[package]] +name = "anyio" +version = "4.10.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "exceptiongroup", marker = "python_full_version < '3.11'" }, + { name = "idna" }, + { name = "sniffio" }, + { name = "typing-extensions", marker = "python_full_version < '3.13'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/f1/b4/636b3b65173d3ce9a38ef5f0522789614e590dab6a8d505340a4efe4c567/anyio-4.10.0.tar.gz", hash = "sha256:3f3fae35c96039744587aa5b8371e7e8e603c0702999535961dd336026973ba6", size = 213252, upload-time = "2025-08-04T08:54:26.451Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/6f/12/e5e0282d673bb9746bacfb6e2dba8719989d3660cdb2ea79aee9a9651afb/anyio-4.10.0-py3-none-any.whl", hash = "sha256:60e474ac86736bbfd6f210f7a61218939c318f43f9972497381f1c5e930ed3d1", size = 107213, upload-time = "2025-08-04T08:54:24.882Z" }, +] + +[[package]] +name = "backports-asyncio-runner" +version = "1.2.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/8e/ff/70dca7d7cb1cbc0edb2c6cc0c38b65cba36cccc491eca64cabd5fe7f8670/backports_asyncio_runner-1.2.0.tar.gz", hash = "sha256:a5aa7b2b7d8f8bfcaa2b57313f70792df84e32a2a746f585213373f900b42162", size = 69893, upload-time = "2025-07-02T02:27:15.685Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/a0/59/76ab57e3fe74484f48a53f8e337171b4a2349e506eabe136d7e01d059086/backports_asyncio_runner-1.2.0-py3-none-any.whl", hash = "sha256:0da0a936a8aeb554eccb426dc55af3ba63bcdc69fa1a600b5bb305413a4477b5", size = 12313, upload-time = "2025-07-02T02:27:14.263Z" }, +] + +[[package]] +name = "backports-tarfile" +version = "1.2.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/86/72/cd9b395f25e290e633655a100af28cb253e4393396264a98bd5f5951d50f/backports_tarfile-1.2.0.tar.gz", hash = "sha256:d75e02c268746e1b8144c278978b6e98e85de6ad16f8e4b0844a154557eca991", size = 86406, upload-time = "2024-05-28T17:01:54.731Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b9/fa/123043af240e49752f1c4bd24da5053b6bd00cad78c2be53c0d1e8b975bc/backports.tarfile-1.2.0-py3-none-any.whl", hash = "sha256:77e284d754527b01fb1e6fa8a1afe577858ebe4e9dad8919e34c862cb399bc34", size = 30181, upload-time = "2024-05-28T17:01:53.112Z" }, +] + +[[package]] +name = "certifi" +version = "2025.8.3" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/dc/67/960ebe6bf230a96cda2e0abcf73af550ec4f090005363542f0765df162e0/certifi-2025.8.3.tar.gz", hash = "sha256:e564105f78ded564e3ae7c923924435e1daa7463faeab5bb932bc53ffae63407", size = 162386, upload-time = "2025-08-03T03:07:47.08Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/e5/48/1549795ba7742c948d2ad169c1c8cdbae65bc450d6cd753d124b17c8cd32/certifi-2025.8.3-py3-none-any.whl", hash = "sha256:f6c12493cfb1b06ba2ff328595af9350c65d6644968e5d3a2ffd78699af217a5", size = 161216, upload-time = "2025-08-03T03:07:45.777Z" }, +] + +[[package]] +name = "cffi" +version = "1.17.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "pycparser" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/fc/97/c783634659c2920c3fc70419e3af40972dbaf758daa229a7d6ea6135c90d/cffi-1.17.1.tar.gz", hash = "sha256:1c39c6016c32bc48dd54561950ebd6836e1670f2ae46128f67cf49e789c52824", size = 516621, upload-time = "2024-09-04T20:45:21.852Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/de/cc/4635c320081c78d6ffc2cab0a76025b691a91204f4aa317d568ff9280a2d/cffi-1.17.1-cp310-cp310-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:edae79245293e15384b51f88b00613ba9f7198016a5948b5dddf4917d4d26382", size = 426024, upload-time = "2024-09-04T20:43:34.186Z" }, + { url = "https://files.pythonhosted.org/packages/b6/7b/3b2b250f3aab91abe5f8a51ada1b717935fdaec53f790ad4100fe2ec64d1/cffi-1.17.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:45398b671ac6d70e67da8e4224a065cec6a93541bb7aebe1b198a61b58c7b702", size = 448188, upload-time = "2024-09-04T20:43:36.286Z" }, + { url = "https://files.pythonhosted.org/packages/d3/48/1b9283ebbf0ec065148d8de05d647a986c5f22586b18120020452fff8f5d/cffi-1.17.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:ad9413ccdeda48c5afdae7e4fa2192157e991ff761e7ab8fdd8926f40b160cc3", size = 455571, upload-time = "2024-09-04T20:43:38.586Z" }, + { url = "https://files.pythonhosted.org/packages/40/87/3b8452525437b40f39ca7ff70276679772ee7e8b394934ff60e63b7b090c/cffi-1.17.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5da5719280082ac6bd9aa7becb3938dc9f9cbd57fac7d2871717b1feb0902ab6", size = 436687, upload-time = "2024-09-04T20:43:40.084Z" }, + { url = "https://files.pythonhosted.org/packages/8d/fb/4da72871d177d63649ac449aec2e8a29efe0274035880c7af59101ca2232/cffi-1.17.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2bb1a08b8008b281856e5971307cc386a8e9c5b625ac297e853d36da6efe9c17", size = 446211, upload-time = "2024-09-04T20:43:41.526Z" }, + { url = "https://files.pythonhosted.org/packages/ab/a0/62f00bcb411332106c02b663b26f3545a9ef136f80d5df746c05878f8c4b/cffi-1.17.1-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:045d61c734659cc045141be4bae381a41d89b741f795af1dd018bfb532fd0df8", size = 461325, upload-time = "2024-09-04T20:43:43.117Z" }, + { url = "https://files.pythonhosted.org/packages/36/83/76127035ed2e7e27b0787604d99da630ac3123bfb02d8e80c633f218a11d/cffi-1.17.1-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:6883e737d7d9e4899a8a695e00ec36bd4e5e4f18fabe0aca0efe0a4b44cdb13e", size = 438784, upload-time = "2024-09-04T20:43:45.256Z" }, + { url = "https://files.pythonhosted.org/packages/21/81/a6cd025db2f08ac88b901b745c163d884641909641f9b826e8cb87645942/cffi-1.17.1-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:6b8b4a92e1c65048ff98cfe1f735ef8f1ceb72e3d5f0c25fdb12087a23da22be", size = 461564, upload-time = "2024-09-04T20:43:46.779Z" }, + { url = "https://files.pythonhosted.org/packages/94/dd/a3f0118e688d1b1a57553da23b16bdade96d2f9bcda4d32e7d2838047ff7/cffi-1.17.1-cp311-cp311-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f75c7ab1f9e4aca5414ed4d8e5c0e303a34f4421f8a0d47a4d019ceff0ab6af4", size = 445259, upload-time = "2024-09-04T20:43:56.123Z" }, + { url = "https://files.pythonhosted.org/packages/2e/ea/70ce63780f096e16ce8588efe039d3c4f91deb1dc01e9c73a287939c79a6/cffi-1.17.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a1ed2dd2972641495a3ec98445e09766f077aee98a1c896dcb4ad0d303628e41", size = 469200, upload-time = "2024-09-04T20:43:57.891Z" }, + { url = "https://files.pythonhosted.org/packages/1c/a0/a4fa9f4f781bda074c3ddd57a572b060fa0df7655d2a4247bbe277200146/cffi-1.17.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:46bf43160c1a35f7ec506d254e5c890f3c03648a4dbac12d624e4490a7046cd1", size = 477235, upload-time = "2024-09-04T20:44:00.18Z" }, + { url = "https://files.pythonhosted.org/packages/62/12/ce8710b5b8affbcdd5c6e367217c242524ad17a02fe5beec3ee339f69f85/cffi-1.17.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:a24ed04c8ffd54b0729c07cee15a81d964e6fee0e3d4d342a27b020d22959dc6", size = 459721, upload-time = "2024-09-04T20:44:01.585Z" }, + { url = "https://files.pythonhosted.org/packages/ff/6b/d45873c5e0242196f042d555526f92aa9e0c32355a1be1ff8c27f077fd37/cffi-1.17.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:610faea79c43e44c71e1ec53a554553fa22321b65fae24889706c0a84d4ad86d", size = 467242, upload-time = "2024-09-04T20:44:03.467Z" }, + { url = "https://files.pythonhosted.org/packages/1a/52/d9a0e523a572fbccf2955f5abe883cfa8bcc570d7faeee06336fbd50c9fc/cffi-1.17.1-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:a9b15d491f3ad5d692e11f6b71f7857e7835eb677955c00cc0aefcd0669adaf6", size = 477999, upload-time = "2024-09-04T20:44:05.023Z" }, + { url = "https://files.pythonhosted.org/packages/44/74/f2a2460684a1a2d00ca799ad880d54652841a780c4c97b87754f660c7603/cffi-1.17.1-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:de2ea4b5833625383e464549fec1bc395c1bdeeb5f25c4a3a82b5a8c756ec22f", size = 454242, upload-time = "2024-09-04T20:44:06.444Z" }, + { url = "https://files.pythonhosted.org/packages/f8/4a/34599cac7dfcd888ff54e801afe06a19c17787dfd94495ab0c8d35fe99fb/cffi-1.17.1-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:fc48c783f9c87e60831201f2cce7f3b2e4846bf4d8728eabe54d60700b318a0b", size = 478604, upload-time = "2024-09-04T20:44:08.206Z" }, + { url = "https://files.pythonhosted.org/packages/cc/b6/db007700f67d151abadf508cbfd6a1884f57eab90b1bb985c4c8c02b0f28/cffi-1.17.1-cp312-cp312-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1257bdabf294dceb59f5e70c64a3e2f462c30c7ad68092d01bbbfb1c16b1ba36", size = 454803, upload-time = "2024-09-04T20:44:15.231Z" }, + { url = "https://files.pythonhosted.org/packages/1a/df/f8d151540d8c200eb1c6fba8cd0dfd40904f1b0682ea705c36e6c2e97ab3/cffi-1.17.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:da95af8214998d77a98cc14e3a3bd00aa191526343078b530ceb0bd710fb48a5", size = 478850, upload-time = "2024-09-04T20:44:17.188Z" }, + { url = "https://files.pythonhosted.org/packages/28/c0/b31116332a547fd2677ae5b78a2ef662dfc8023d67f41b2a83f7c2aa78b1/cffi-1.17.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:d63afe322132c194cf832bfec0dc69a99fb9bb6bbd550f161a49e9e855cc78ff", size = 485729, upload-time = "2024-09-04T20:44:18.688Z" }, + { url = "https://files.pythonhosted.org/packages/91/2b/9a1ddfa5c7f13cab007a2c9cc295b70fbbda7cb10a286aa6810338e60ea1/cffi-1.17.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f79fc4fc25f1c8698ff97788206bb3c2598949bfe0fef03d299eb1b5356ada99", size = 471256, upload-time = "2024-09-04T20:44:20.248Z" }, + { url = "https://files.pythonhosted.org/packages/b2/d5/da47df7004cb17e4955df6a43d14b3b4ae77737dff8bf7f8f333196717bf/cffi-1.17.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b62ce867176a75d03a665bad002af8e6d54644fad99a3c70905c543130e39d93", size = 479424, upload-time = "2024-09-04T20:44:21.673Z" }, + { url = "https://files.pythonhosted.org/packages/0b/ac/2a28bcf513e93a219c8a4e8e125534f4f6db03e3179ba1c45e949b76212c/cffi-1.17.1-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:386c8bf53c502fff58903061338ce4f4950cbdcb23e2902d86c0f722b786bbe3", size = 484568, upload-time = "2024-09-04T20:44:23.245Z" }, + { url = "https://files.pythonhosted.org/packages/d4/38/ca8a4f639065f14ae0f1d9751e70447a261f1a30fa7547a828ae08142465/cffi-1.17.1-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:4ceb10419a9adf4460ea14cfd6bc43d08701f0835e979bf821052f1805850fe8", size = 488736, upload-time = "2024-09-04T20:44:24.757Z" }, + { url = "https://files.pythonhosted.org/packages/0e/2d/eab2e858a91fdff70533cab61dcff4a1f55ec60425832ddfdc9cd36bc8af/cffi-1.17.1-cp313-cp313-manylinux_2_12_i686.manylinux2010_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d01b12eeeb4427d3110de311e1774046ad344f5b1a7403101878976ecd7a10f3", size = 454792, upload-time = "2024-09-04T20:44:32.01Z" }, + { url = "https://files.pythonhosted.org/packages/75/b2/fbaec7c4455c604e29388d55599b99ebcc250a60050610fadde58932b7ee/cffi-1.17.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:706510fe141c86a69c8ddc029c7910003a17353970cff3b904ff0686a5927683", size = 478893, upload-time = "2024-09-04T20:44:33.606Z" }, + { url = "https://files.pythonhosted.org/packages/4f/b7/6e4a2162178bf1935c336d4da8a9352cccab4d3a5d7914065490f08c0690/cffi-1.17.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:de55b766c7aa2e2a3092c51e0483d700341182f08e67c63630d5b6f200bb28e5", size = 485810, upload-time = "2024-09-04T20:44:35.191Z" }, + { url = "https://files.pythonhosted.org/packages/c7/8a/1d0e4a9c26e54746dc08c2c6c037889124d4f59dffd853a659fa545f1b40/cffi-1.17.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:c59d6e989d07460165cc5ad3c61f9fd8f1b4796eacbd81cee78957842b834af4", size = 471200, upload-time = "2024-09-04T20:44:36.743Z" }, + { url = "https://files.pythonhosted.org/packages/26/9f/1aab65a6c0db35f43c4d1b4f580e8df53914310afc10ae0397d29d697af4/cffi-1.17.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:dd398dbc6773384a17fe0d3e7eeb8d1a21c2200473ee6806bb5e6a8e62bb73dd", size = 479447, upload-time = "2024-09-04T20:44:38.492Z" }, + { url = "https://files.pythonhosted.org/packages/5f/e4/fb8b3dd8dc0e98edf1135ff067ae070bb32ef9d509d6cb0f538cd6f7483f/cffi-1.17.1-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:3edc8d958eb099c634dace3c7e16560ae474aa3803a5df240542b305d14e14ed", size = 484358, upload-time = "2024-09-04T20:44:40.046Z" }, + { url = "https://files.pythonhosted.org/packages/f1/47/d7145bf2dc04684935d57d67dff9d6d795b2ba2796806bb109864be3a151/cffi-1.17.1-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:72e72408cad3d5419375fc87d289076ee319835bdfa2caad331e377589aebba9", size = 488469, upload-time = "2024-09-04T20:44:41.616Z" }, +] + +[[package]] +name = "cfgv" +version = "3.4.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/11/74/539e56497d9bd1d484fd863dd69cbbfa653cd2aa27abfe35653494d85e94/cfgv-3.4.0.tar.gz", hash = "sha256:e52591d4c5f5dead8e0f673fb16db7949d2cfb3f7da4582893288f0ded8fe560", size = 7114, upload-time = "2023-08-12T20:38:17.776Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/c5/55/51844dd50c4fc7a33b653bfaba4c2456f06955289ca770a5dbd5fd267374/cfgv-3.4.0-py2.py3-none-any.whl", hash = "sha256:b7265b1f29fd3316bfcd2b330d63d024f2bfd8bcb8b0272f8e19a504856c48f9", size = 7249, upload-time = "2023-08-12T20:38:16.269Z" }, +] + +[[package]] +name = "charset-normalizer" +version = "3.4.3" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/83/2d/5fd176ceb9b2fc619e63405525573493ca23441330fcdaee6bef9460e924/charset_normalizer-3.4.3.tar.gz", hash = "sha256:6fce4b8500244f6fcb71465d4a4930d132ba9ab8e71a7859e6a5d59851068d14", size = 122371, upload-time = "2025-08-09T07:57:28.46Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/d6/98/f3b8013223728a99b908c9344da3aa04ee6e3fa235f19409033eda92fb78/charset_normalizer-3.4.3-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:fb7f67a1bfa6e40b438170ebdc8158b78dc465a5a67b6dde178a46987b244a72", size = 207695, upload-time = "2025-08-09T07:55:36.452Z" }, + { url = "https://files.pythonhosted.org/packages/21/40/5188be1e3118c82dcb7c2a5ba101b783822cfb413a0268ed3be0468532de/charset_normalizer-3.4.3-cp310-cp310-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:cc9370a2da1ac13f0153780040f465839e6cccb4a1e44810124b4e22483c93fe", size = 147153, upload-time = "2025-08-09T07:55:38.467Z" }, + { url = "https://files.pythonhosted.org/packages/37/60/5d0d74bc1e1380f0b72c327948d9c2aca14b46a9efd87604e724260f384c/charset_normalizer-3.4.3-cp310-cp310-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:07a0eae9e2787b586e129fdcbe1af6997f8d0e5abaa0bc98c0e20e124d67e601", size = 160428, upload-time = "2025-08-09T07:55:40.072Z" }, + { url = "https://files.pythonhosted.org/packages/85/9a/d891f63722d9158688de58d050c59dc3da560ea7f04f4c53e769de5140f5/charset_normalizer-3.4.3-cp310-cp310-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:74d77e25adda8581ffc1c720f1c81ca082921329452eba58b16233ab1842141c", size = 157627, upload-time = "2025-08-09T07:55:41.706Z" }, + { url = "https://files.pythonhosted.org/packages/65/1a/7425c952944a6521a9cfa7e675343f83fd82085b8af2b1373a2409c683dc/charset_normalizer-3.4.3-cp310-cp310-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:d0e909868420b7049dafd3a31d45125b31143eec59235311fc4c57ea26a4acd2", size = 152388, upload-time = "2025-08-09T07:55:43.262Z" }, + { url = "https://files.pythonhosted.org/packages/f0/c9/a2c9c2a355a8594ce2446085e2ec97fd44d323c684ff32042e2a6b718e1d/charset_normalizer-3.4.3-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:c6f162aabe9a91a309510d74eeb6507fab5fff92337a15acbe77753d88d9dcf0", size = 150077, upload-time = "2025-08-09T07:55:44.903Z" }, + { url = "https://files.pythonhosted.org/packages/3b/38/20a1f44e4851aa1c9105d6e7110c9d020e093dfa5836d712a5f074a12bf7/charset_normalizer-3.4.3-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:4ca4c094de7771a98d7fbd67d9e5dbf1eb73efa4f744a730437d8a3a5cf994f0", size = 161631, upload-time = "2025-08-09T07:55:46.346Z" }, + { url = "https://files.pythonhosted.org/packages/a4/fa/384d2c0f57edad03d7bec3ebefb462090d8905b4ff5a2d2525f3bb711fac/charset_normalizer-3.4.3-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:02425242e96bcf29a49711b0ca9f37e451da7c70562bc10e8ed992a5a7a25cc0", size = 159210, upload-time = "2025-08-09T07:55:47.539Z" }, + { url = "https://files.pythonhosted.org/packages/33/9e/eca49d35867ca2db336b6ca27617deed4653b97ebf45dfc21311ce473c37/charset_normalizer-3.4.3-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:78deba4d8f9590fe4dae384aeff04082510a709957e968753ff3c48399f6f92a", size = 153739, upload-time = "2025-08-09T07:55:48.744Z" }, + { url = "https://files.pythonhosted.org/packages/2a/91/26c3036e62dfe8de8061182d33be5025e2424002125c9500faff74a6735e/charset_normalizer-3.4.3-cp310-cp310-win32.whl", hash = "sha256:d79c198e27580c8e958906f803e63cddb77653731be08851c7df0b1a14a8fc0f", size = 99825, upload-time = "2025-08-09T07:55:50.305Z" }, + { url = "https://files.pythonhosted.org/packages/e2/c6/f05db471f81af1fa01839d44ae2a8bfeec8d2a8b4590f16c4e7393afd323/charset_normalizer-3.4.3-cp310-cp310-win_amd64.whl", hash = "sha256:c6e490913a46fa054e03699c70019ab869e990270597018cef1d8562132c2669", size = 107452, upload-time = "2025-08-09T07:55:51.461Z" }, + { url = "https://files.pythonhosted.org/packages/7f/b5/991245018615474a60965a7c9cd2b4efbaabd16d582a5547c47ee1c7730b/charset_normalizer-3.4.3-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:b256ee2e749283ef3ddcff51a675ff43798d92d746d1a6e4631bf8c707d22d0b", size = 204483, upload-time = "2025-08-09T07:55:53.12Z" }, + { url = "https://files.pythonhosted.org/packages/c7/2a/ae245c41c06299ec18262825c1569c5d3298fc920e4ddf56ab011b417efd/charset_normalizer-3.4.3-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:13faeacfe61784e2559e690fc53fa4c5ae97c6fcedb8eb6fb8d0a15b475d2c64", size = 145520, upload-time = "2025-08-09T07:55:54.712Z" }, + { url = "https://files.pythonhosted.org/packages/3a/a4/b3b6c76e7a635748c4421d2b92c7b8f90a432f98bda5082049af37ffc8e3/charset_normalizer-3.4.3-cp311-cp311-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:00237675befef519d9af72169d8604a067d92755e84fe76492fef5441db05b91", size = 158876, upload-time = "2025-08-09T07:55:56.024Z" }, + { url = "https://files.pythonhosted.org/packages/e2/e6/63bb0e10f90a8243c5def74b5b105b3bbbfb3e7bb753915fe333fb0c11ea/charset_normalizer-3.4.3-cp311-cp311-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:585f3b2a80fbd26b048a0be90c5aae8f06605d3c92615911c3a2b03a8a3b796f", size = 156083, upload-time = "2025-08-09T07:55:57.582Z" }, + { url = "https://files.pythonhosted.org/packages/87/df/b7737ff046c974b183ea9aa111b74185ac8c3a326c6262d413bd5a1b8c69/charset_normalizer-3.4.3-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:0e78314bdc32fa80696f72fa16dc61168fda4d6a0c014e0380f9d02f0e5d8a07", size = 150295, upload-time = "2025-08-09T07:55:59.147Z" }, + { url = "https://files.pythonhosted.org/packages/61/f1/190d9977e0084d3f1dc169acd060d479bbbc71b90bf3e7bf7b9927dec3eb/charset_normalizer-3.4.3-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:96b2b3d1a83ad55310de8c7b4a2d04d9277d5591f40761274856635acc5fcb30", size = 148379, upload-time = "2025-08-09T07:56:00.364Z" }, + { url = "https://files.pythonhosted.org/packages/4c/92/27dbe365d34c68cfe0ca76f1edd70e8705d82b378cb54ebbaeabc2e3029d/charset_normalizer-3.4.3-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:939578d9d8fd4299220161fdd76e86c6a251987476f5243e8864a7844476ba14", size = 160018, upload-time = "2025-08-09T07:56:01.678Z" }, + { url = "https://files.pythonhosted.org/packages/99/04/baae2a1ea1893a01635d475b9261c889a18fd48393634b6270827869fa34/charset_normalizer-3.4.3-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:fd10de089bcdcd1be95a2f73dbe6254798ec1bda9f450d5828c96f93e2536b9c", size = 157430, upload-time = "2025-08-09T07:56:02.87Z" }, + { url = "https://files.pythonhosted.org/packages/2f/36/77da9c6a328c54d17b960c89eccacfab8271fdaaa228305330915b88afa9/charset_normalizer-3.4.3-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:1e8ac75d72fa3775e0b7cb7e4629cec13b7514d928d15ef8ea06bca03ef01cae", size = 151600, upload-time = "2025-08-09T07:56:04.089Z" }, + { url = "https://files.pythonhosted.org/packages/64/d4/9eb4ff2c167edbbf08cdd28e19078bf195762e9bd63371689cab5ecd3d0d/charset_normalizer-3.4.3-cp311-cp311-win32.whl", hash = "sha256:6cf8fd4c04756b6b60146d98cd8a77d0cdae0e1ca20329da2ac85eed779b6849", size = 99616, upload-time = "2025-08-09T07:56:05.658Z" }, + { url = "https://files.pythonhosted.org/packages/f4/9c/996a4a028222e7761a96634d1820de8a744ff4327a00ada9c8942033089b/charset_normalizer-3.4.3-cp311-cp311-win_amd64.whl", hash = "sha256:31a9a6f775f9bcd865d88ee350f0ffb0e25936a7f930ca98995c05abf1faf21c", size = 107108, upload-time = "2025-08-09T07:56:07.176Z" }, + { url = "https://files.pythonhosted.org/packages/e9/5e/14c94999e418d9b87682734589404a25854d5f5d0408df68bc15b6ff54bb/charset_normalizer-3.4.3-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:e28e334d3ff134e88989d90ba04b47d84382a828c061d0d1027b1b12a62b39b1", size = 205655, upload-time = "2025-08-09T07:56:08.475Z" }, + { url = "https://files.pythonhosted.org/packages/7d/a8/c6ec5d389672521f644505a257f50544c074cf5fc292d5390331cd6fc9c3/charset_normalizer-3.4.3-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:0cacf8f7297b0c4fcb74227692ca46b4a5852f8f4f24b3c766dd94a1075c4884", size = 146223, upload-time = "2025-08-09T07:56:09.708Z" }, + { url = "https://files.pythonhosted.org/packages/fc/eb/a2ffb08547f4e1e5415fb69eb7db25932c52a52bed371429648db4d84fb1/charset_normalizer-3.4.3-cp312-cp312-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:c6fd51128a41297f5409deab284fecbe5305ebd7e5a1f959bee1c054622b7018", size = 159366, upload-time = "2025-08-09T07:56:11.326Z" }, + { url = "https://files.pythonhosted.org/packages/82/10/0fd19f20c624b278dddaf83b8464dcddc2456cb4b02bb902a6da126b87a1/charset_normalizer-3.4.3-cp312-cp312-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:3cfb2aad70f2c6debfbcb717f23b7eb55febc0bb23dcffc0f076009da10c6392", size = 157104, upload-time = "2025-08-09T07:56:13.014Z" }, + { url = "https://files.pythonhosted.org/packages/16/ab/0233c3231af734f5dfcf0844aa9582d5a1466c985bbed6cedab85af9bfe3/charset_normalizer-3.4.3-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:1606f4a55c0fd363d754049cdf400175ee96c992b1f8018b993941f221221c5f", size = 151830, upload-time = "2025-08-09T07:56:14.428Z" }, + { url = "https://files.pythonhosted.org/packages/ae/02/e29e22b4e02839a0e4a06557b1999d0a47db3567e82989b5bb21f3fbbd9f/charset_normalizer-3.4.3-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:027b776c26d38b7f15b26a5da1044f376455fb3766df8fc38563b4efbc515154", size = 148854, upload-time = "2025-08-09T07:56:16.051Z" }, + { url = "https://files.pythonhosted.org/packages/05/6b/e2539a0a4be302b481e8cafb5af8792da8093b486885a1ae4d15d452bcec/charset_normalizer-3.4.3-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:42e5088973e56e31e4fa58eb6bd709e42fc03799c11c42929592889a2e54c491", size = 160670, upload-time = "2025-08-09T07:56:17.314Z" }, + { url = "https://files.pythonhosted.org/packages/31/e7/883ee5676a2ef217a40ce0bffcc3d0dfbf9e64cbcfbdf822c52981c3304b/charset_normalizer-3.4.3-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:cc34f233c9e71701040d772aa7490318673aa7164a0efe3172b2981218c26d93", size = 158501, upload-time = "2025-08-09T07:56:18.641Z" }, + { url = "https://files.pythonhosted.org/packages/c1/35/6525b21aa0db614cf8b5792d232021dca3df7f90a1944db934efa5d20bb1/charset_normalizer-3.4.3-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:320e8e66157cc4e247d9ddca8e21f427efc7a04bbd0ac8a9faf56583fa543f9f", size = 153173, upload-time = "2025-08-09T07:56:20.289Z" }, + { url = "https://files.pythonhosted.org/packages/50/ee/f4704bad8201de513fdc8aac1cabc87e38c5818c93857140e06e772b5892/charset_normalizer-3.4.3-cp312-cp312-win32.whl", hash = "sha256:fb6fecfd65564f208cbf0fba07f107fb661bcd1a7c389edbced3f7a493f70e37", size = 99822, upload-time = "2025-08-09T07:56:21.551Z" }, + { url = "https://files.pythonhosted.org/packages/39/f5/3b3836ca6064d0992c58c7561c6b6eee1b3892e9665d650c803bd5614522/charset_normalizer-3.4.3-cp312-cp312-win_amd64.whl", hash = "sha256:86df271bf921c2ee3818f0522e9a5b8092ca2ad8b065ece5d7d9d0e9f4849bcc", size = 107543, upload-time = "2025-08-09T07:56:23.115Z" }, + { url = "https://files.pythonhosted.org/packages/65/ca/2135ac97709b400c7654b4b764daf5c5567c2da45a30cdd20f9eefe2d658/charset_normalizer-3.4.3-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:14c2a87c65b351109f6abfc424cab3927b3bdece6f706e4d12faaf3d52ee5efe", size = 205326, upload-time = "2025-08-09T07:56:24.721Z" }, + { url = "https://files.pythonhosted.org/packages/71/11/98a04c3c97dd34e49c7d247083af03645ca3730809a5509443f3c37f7c99/charset_normalizer-3.4.3-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:41d1fc408ff5fdfb910200ec0e74abc40387bccb3252f3f27c0676731df2b2c8", size = 146008, upload-time = "2025-08-09T07:56:26.004Z" }, + { url = "https://files.pythonhosted.org/packages/60/f5/4659a4cb3c4ec146bec80c32d8bb16033752574c20b1252ee842a95d1a1e/charset_normalizer-3.4.3-cp313-cp313-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:1bb60174149316da1c35fa5233681f7c0f9f514509b8e399ab70fea5f17e45c9", size = 159196, upload-time = "2025-08-09T07:56:27.25Z" }, + { url = "https://files.pythonhosted.org/packages/86/9e/f552f7a00611f168b9a5865a1414179b2c6de8235a4fa40189f6f79a1753/charset_normalizer-3.4.3-cp313-cp313-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:30d006f98569de3459c2fc1f2acde170b7b2bd265dc1943e87e1a4efe1b67c31", size = 156819, upload-time = "2025-08-09T07:56:28.515Z" }, + { url = "https://files.pythonhosted.org/packages/7e/95/42aa2156235cbc8fa61208aded06ef46111c4d3f0de233107b3f38631803/charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:416175faf02e4b0810f1f38bcb54682878a4af94059a1cd63b8747244420801f", size = 151350, upload-time = "2025-08-09T07:56:29.716Z" }, + { url = "https://files.pythonhosted.org/packages/c2/a9/3865b02c56f300a6f94fc631ef54f0a8a29da74fb45a773dfd3dcd380af7/charset_normalizer-3.4.3-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:6aab0f181c486f973bc7262a97f5aca3ee7e1437011ef0c2ec04b5a11d16c927", size = 148644, upload-time = "2025-08-09T07:56:30.984Z" }, + { url = "https://files.pythonhosted.org/packages/77/d9/cbcf1a2a5c7d7856f11e7ac2d782aec12bdfea60d104e60e0aa1c97849dc/charset_normalizer-3.4.3-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:fdabf8315679312cfa71302f9bd509ded4f2f263fb5b765cf1433b39106c3cc9", size = 160468, upload-time = "2025-08-09T07:56:32.252Z" }, + { url = "https://files.pythonhosted.org/packages/f6/42/6f45efee8697b89fda4d50580f292b8f7f9306cb2971d4b53f8914e4d890/charset_normalizer-3.4.3-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:bd28b817ea8c70215401f657edef3a8aa83c29d447fb0b622c35403780ba11d5", size = 158187, upload-time = "2025-08-09T07:56:33.481Z" }, + { url = "https://files.pythonhosted.org/packages/70/99/f1c3bdcfaa9c45b3ce96f70b14f070411366fa19549c1d4832c935d8e2c3/charset_normalizer-3.4.3-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:18343b2d246dc6761a249ba1fb13f9ee9a2bcd95decc767319506056ea4ad4dc", size = 152699, upload-time = "2025-08-09T07:56:34.739Z" }, + { url = "https://files.pythonhosted.org/packages/a3/ad/b0081f2f99a4b194bcbb1934ef3b12aa4d9702ced80a37026b7607c72e58/charset_normalizer-3.4.3-cp313-cp313-win32.whl", hash = "sha256:6fb70de56f1859a3f71261cbe41005f56a7842cc348d3aeb26237560bfa5e0ce", size = 99580, upload-time = "2025-08-09T07:56:35.981Z" }, + { url = "https://files.pythonhosted.org/packages/9a/8f/ae790790c7b64f925e5c953b924aaa42a243fb778fed9e41f147b2a5715a/charset_normalizer-3.4.3-cp313-cp313-win_amd64.whl", hash = "sha256:cf1ebb7d78e1ad8ec2a8c4732c7be2e736f6e5123a4146c5b89c9d1f585f8cef", size = 107366, upload-time = "2025-08-09T07:56:37.339Z" }, + { url = "https://files.pythonhosted.org/packages/8e/91/b5a06ad970ddc7a0e513112d40113e834638f4ca1120eb727a249fb2715e/charset_normalizer-3.4.3-cp314-cp314-macosx_10_13_universal2.whl", hash = "sha256:3cd35b7e8aedeb9e34c41385fda4f73ba609e561faedfae0a9e75e44ac558a15", size = 204342, upload-time = "2025-08-09T07:56:38.687Z" }, + { url = "https://files.pythonhosted.org/packages/ce/ec/1edc30a377f0a02689342f214455c3f6c2fbedd896a1d2f856c002fc3062/charset_normalizer-3.4.3-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:b89bc04de1d83006373429975f8ef9e7932534b8cc9ca582e4db7d20d91816db", size = 145995, upload-time = "2025-08-09T07:56:40.048Z" }, + { url = "https://files.pythonhosted.org/packages/17/e5/5e67ab85e6d22b04641acb5399c8684f4d37caf7558a53859f0283a650e9/charset_normalizer-3.4.3-cp314-cp314-manylinux2014_ppc64le.manylinux_2_17_ppc64le.manylinux_2_28_ppc64le.whl", hash = "sha256:2001a39612b241dae17b4687898843f254f8748b796a2e16f1051a17078d991d", size = 158640, upload-time = "2025-08-09T07:56:41.311Z" }, + { url = "https://files.pythonhosted.org/packages/f1/e5/38421987f6c697ee3722981289d554957c4be652f963d71c5e46a262e135/charset_normalizer-3.4.3-cp314-cp314-manylinux2014_s390x.manylinux_2_17_s390x.manylinux_2_28_s390x.whl", hash = "sha256:8dcfc373f888e4fb39a7bc57e93e3b845e7f462dacc008d9749568b1c4ece096", size = 156636, upload-time = "2025-08-09T07:56:43.195Z" }, + { url = "https://files.pythonhosted.org/packages/a0/e4/5a075de8daa3ec0745a9a3b54467e0c2967daaaf2cec04c845f73493e9a1/charset_normalizer-3.4.3-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:18b97b8404387b96cdbd30ad660f6407799126d26a39ca65729162fd810a99aa", size = 150939, upload-time = "2025-08-09T07:56:44.819Z" }, + { url = "https://files.pythonhosted.org/packages/02/f7/3611b32318b30974131db62b4043f335861d4d9b49adc6d57c1149cc49d4/charset_normalizer-3.4.3-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:ccf600859c183d70eb47e05a44cd80a4ce77394d1ac0f79dbd2dd90a69a3a049", size = 148580, upload-time = "2025-08-09T07:56:46.684Z" }, + { url = "https://files.pythonhosted.org/packages/7e/61/19b36f4bd67f2793ab6a99b979b4e4f3d8fc754cbdffb805335df4337126/charset_normalizer-3.4.3-cp314-cp314-musllinux_1_2_ppc64le.whl", hash = "sha256:53cd68b185d98dde4ad8990e56a58dea83a4162161b1ea9272e5c9182ce415e0", size = 159870, upload-time = "2025-08-09T07:56:47.941Z" }, + { url = "https://files.pythonhosted.org/packages/06/57/84722eefdd338c04cf3030ada66889298eaedf3e7a30a624201e0cbe424a/charset_normalizer-3.4.3-cp314-cp314-musllinux_1_2_s390x.whl", hash = "sha256:30a96e1e1f865f78b030d65241c1ee850cdf422d869e9028e2fc1d5e4db73b92", size = 157797, upload-time = "2025-08-09T07:56:49.756Z" }, + { url = "https://files.pythonhosted.org/packages/72/2a/aff5dd112b2f14bcc3462c312dce5445806bfc8ab3a7328555da95330e4b/charset_normalizer-3.4.3-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:d716a916938e03231e86e43782ca7878fb602a125a91e7acb8b5112e2e96ac16", size = 152224, upload-time = "2025-08-09T07:56:51.369Z" }, + { url = "https://files.pythonhosted.org/packages/b7/8c/9839225320046ed279c6e839d51f028342eb77c91c89b8ef2549f951f3ec/charset_normalizer-3.4.3-cp314-cp314-win32.whl", hash = "sha256:c6dbd0ccdda3a2ba7c2ecd9d77b37f3b5831687d8dc1b6ca5f56a4880cc7b7ce", size = 100086, upload-time = "2025-08-09T07:56:52.722Z" }, + { url = "https://files.pythonhosted.org/packages/ee/7a/36fbcf646e41f710ce0a563c1c9a343c6edf9be80786edeb15b6f62e17db/charset_normalizer-3.4.3-cp314-cp314-win_amd64.whl", hash = "sha256:73dc19b562516fc9bcf6e5d6e596df0b4eb98d87e4f79f3ae71840e6ed21361c", size = 107400, upload-time = "2025-08-09T07:56:55.172Z" }, + { url = "https://files.pythonhosted.org/packages/8a/1f/f041989e93b001bc4e44bb1669ccdcf54d3f00e628229a85b08d330615c5/charset_normalizer-3.4.3-py3-none-any.whl", hash = "sha256:ce571ab16d890d23b5c278547ba694193a45011ff86a9162a71307ed9f86759a", size = 53175, upload-time = "2025-08-09T07:57:26.864Z" }, +] + +[[package]] +name = "click" +version = "8.2.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "colorama", marker = "sys_platform == 'win32'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/60/6c/8ca2efa64cf75a977a0d7fac081354553ebe483345c734fb6b6515d96bbc/click-8.2.1.tar.gz", hash = "sha256:27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202", size = 286342, upload-time = "2025-05-20T23:19:49.832Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", hash = "sha256:61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", size = 102215, upload-time = "2025-05-20T23:19:47.796Z" }, +] + +[[package]] +name = "colorama" +version = "0.4.6" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/d8/53/6f443c9a4a8358a93a6792e2acffb9d9d5cb0a5cfd8802644b7b1c9a02e4/colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44", size = 27697, upload-time = "2022-10-25T02:36:22.414Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/d1/d6/3965ed04c63042e047cb6a3e6ed1a63a35087b6a609aa3a15ed8ac56c221/colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6", size = 25335, upload-time = "2022-10-25T02:36:20.889Z" }, +] + +[[package]] +name = "coverage" +version = "7.10.5" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/61/83/153f54356c7c200013a752ce1ed5448573dca546ce125801afca9e1ac1a4/coverage-7.10.5.tar.gz", hash = "sha256:f2e57716a78bc3ae80b2207be0709a3b2b63b9f2dcf9740ee6ac03588a2015b6", size = 821662, upload-time = "2025-08-23T14:42:44.78Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/af/70/e77b0061a6c7157bfce645c6b9a715a08d4c86b3360a7b3252818080b817/coverage-7.10.5-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:c6a5c3414bfc7451b879141ce772c546985163cf553f08e0f135f0699a911801", size = 216774, upload-time = "2025-08-23T14:40:26.301Z" }, + { url = "https://files.pythonhosted.org/packages/91/08/2a79de5ecf37ee40f2d898012306f11c161548753391cec763f92647837b/coverage-7.10.5-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:bc8e4d99ce82f1710cc3c125adc30fd1487d3cf6c2cd4994d78d68a47b16989a", size = 217175, upload-time = "2025-08-23T14:40:29.142Z" }, + { url = "https://files.pythonhosted.org/packages/64/57/0171d69a699690149a6ba6a4eb702814448c8d617cf62dbafa7ce6bfdf63/coverage-7.10.5-cp310-cp310-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:02252dc1216e512a9311f596b3169fad54abcb13827a8d76d5630c798a50a754", size = 243931, upload-time = "2025-08-23T14:40:30.735Z" }, + { url = "https://files.pythonhosted.org/packages/15/06/3a67662c55656702bd398a727a7f35df598eb11104fcb34f1ecbb070291a/coverage-7.10.5-cp310-cp310-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:73269df37883e02d460bee0cc16be90509faea1e3bd105d77360b512d5bb9c33", size = 245740, upload-time = "2025-08-23T14:40:32.302Z" }, + { url = "https://files.pythonhosted.org/packages/00/f4/f8763aabf4dc30ef0d0012522d312f0b7f9fede6246a1f27dbcc4a1e523c/coverage-7.10.5-cp310-cp310-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:1f8a81b0614642f91c9effd53eec284f965577591f51f547a1cbeb32035b4c2f", size = 247600, upload-time = "2025-08-23T14:40:33.66Z" }, + { url = "https://files.pythonhosted.org/packages/9c/31/6632219a9065e1b83f77eda116fed4c76fb64908a6a9feae41816dab8237/coverage-7.10.5-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:6a29f8e0adb7f8c2b95fa2d4566a1d6e6722e0a637634c6563cb1ab844427dd9", size = 245640, upload-time = "2025-08-23T14:40:35.248Z" }, + { url = "https://files.pythonhosted.org/packages/6e/e2/3dba9b86037b81649b11d192bb1df11dde9a81013e434af3520222707bc8/coverage-7.10.5-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:fcf6ab569436b4a647d4e91accba12509ad9f2554bc93d3aee23cc596e7f99c3", size = 243659, upload-time = "2025-08-23T14:40:36.815Z" }, + { url = "https://files.pythonhosted.org/packages/02/b9/57170bd9f3e333837fc24ecc88bc70fbc2eb7ccfd0876854b0c0407078c3/coverage-7.10.5-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:90dc3d6fb222b194a5de60af8d190bedeeddcbc7add317e4a3cd333ee6b7c879", size = 244537, upload-time = "2025-08-23T14:40:38.737Z" }, + { url = "https://files.pythonhosted.org/packages/b3/1c/93ac36ef1e8b06b8d5777393a3a40cb356f9f3dab980be40a6941e443588/coverage-7.10.5-cp310-cp310-win32.whl", hash = "sha256:414a568cd545f9dc75f0686a0049393de8098414b58ea071e03395505b73d7a8", size = 219285, upload-time = "2025-08-23T14:40:40.342Z" }, + { url = "https://files.pythonhosted.org/packages/30/95/23252277e6e5fe649d6cd3ed3f35d2307e5166de4e75e66aa7f432abc46d/coverage-7.10.5-cp310-cp310-win_amd64.whl", hash = "sha256:e551f9d03347196271935fd3c0c165f0e8c049220280c1120de0084d65e9c7ff", size = 220185, upload-time = "2025-08-23T14:40:42.026Z" }, + { url = "https://files.pythonhosted.org/packages/cb/f2/336d34d2fc1291ca7c18eeb46f64985e6cef5a1a7ef6d9c23720c6527289/coverage-7.10.5-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:c177e6ffe2ebc7c410785307758ee21258aa8e8092b44d09a2da767834f075f2", size = 216890, upload-time = "2025-08-23T14:40:43.627Z" }, + { url = "https://files.pythonhosted.org/packages/39/ea/92448b07cc1cf2b429d0ce635f59cf0c626a5d8de21358f11e92174ff2a6/coverage-7.10.5-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:14d6071c51ad0f703d6440827eaa46386169b5fdced42631d5a5ac419616046f", size = 217287, upload-time = "2025-08-23T14:40:45.214Z" }, + { url = "https://files.pythonhosted.org/packages/96/ba/ad5b36537c5179c808d0ecdf6e4aa7630b311b3c12747ad624dcd43a9b6b/coverage-7.10.5-cp311-cp311-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:61f78c7c3bc272a410c5ae3fde7792b4ffb4acc03d35a7df73ca8978826bb7ab", size = 247683, upload-time = "2025-08-23T14:40:46.791Z" }, + { url = "https://files.pythonhosted.org/packages/28/e5/fe3bbc8d097029d284b5fb305b38bb3404895da48495f05bff025df62770/coverage-7.10.5-cp311-cp311-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:f39071caa126f69d63f99b324fb08c7b1da2ec28cbb1fe7b5b1799926492f65c", size = 249614, upload-time = "2025-08-23T14:40:48.082Z" }, + { url = "https://files.pythonhosted.org/packages/69/9c/a1c89a8c8712799efccb32cd0a1ee88e452f0c13a006b65bb2271f1ac767/coverage-7.10.5-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:343a023193f04d46edc46b2616cdbee68c94dd10208ecd3adc56fcc54ef2baa1", size = 251719, upload-time = "2025-08-23T14:40:49.349Z" }, + { url = "https://files.pythonhosted.org/packages/e9/be/5576b5625865aa95b5633315f8f4142b003a70c3d96e76f04487c3b5cc95/coverage-7.10.5-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:585ffe93ae5894d1ebdee69fc0b0d4b7c75d8007983692fb300ac98eed146f78", size = 249411, upload-time = "2025-08-23T14:40:50.624Z" }, + { url = "https://files.pythonhosted.org/packages/94/0a/e39a113d4209da0dbbc9385608cdb1b0726a4d25f78672dc51c97cfea80f/coverage-7.10.5-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:b0ef4e66f006ed181df29b59921bd8fc7ed7cd6a9289295cd8b2824b49b570df", size = 247466, upload-time = "2025-08-23T14:40:52.362Z" }, + { url = "https://files.pythonhosted.org/packages/40/cb/aebb2d8c9e3533ee340bea19b71c5b76605a0268aa49808e26fe96ec0a07/coverage-7.10.5-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:eb7b0bbf7cc1d0453b843eca7b5fa017874735bef9bfdfa4121373d2cc885ed6", size = 248104, upload-time = "2025-08-23T14:40:54.064Z" }, + { url = "https://files.pythonhosted.org/packages/08/e6/26570d6ccce8ff5de912cbfd268e7f475f00597cb58da9991fa919c5e539/coverage-7.10.5-cp311-cp311-win32.whl", hash = "sha256:1d043a8a06987cc0c98516e57c4d3fc2c1591364831e9deb59c9e1b4937e8caf", size = 219327, upload-time = "2025-08-23T14:40:55.424Z" }, + { url = "https://files.pythonhosted.org/packages/79/79/5f48525e366e518b36e66167e3b6e5db6fd54f63982500c6a5abb9d3dfbd/coverage-7.10.5-cp311-cp311-win_amd64.whl", hash = "sha256:fefafcca09c3ac56372ef64a40f5fe17c5592fab906e0fdffd09543f3012ba50", size = 220213, upload-time = "2025-08-23T14:40:56.724Z" }, + { url = "https://files.pythonhosted.org/packages/40/3c/9058128b7b0bf333130c320b1eb1ae485623014a21ee196d68f7737f8610/coverage-7.10.5-cp311-cp311-win_arm64.whl", hash = "sha256:7e78b767da8b5fc5b2faa69bb001edafcd6f3995b42a331c53ef9572c55ceb82", size = 218893, upload-time = "2025-08-23T14:40:58.011Z" }, + { url = "https://files.pythonhosted.org/packages/27/8e/40d75c7128f871ea0fd829d3e7e4a14460cad7c3826e3b472e6471ad05bd/coverage-7.10.5-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:c2d05c7e73c60a4cecc7d9b60dbfd603b4ebc0adafaef371445b47d0f805c8a9", size = 217077, upload-time = "2025-08-23T14:40:59.329Z" }, + { url = "https://files.pythonhosted.org/packages/18/a8/f333f4cf3fb5477a7f727b4d603a2eb5c3c5611c7fe01329c2e13b23b678/coverage-7.10.5-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:32ddaa3b2c509778ed5373b177eb2bf5662405493baeff52278a0b4f9415188b", size = 217310, upload-time = "2025-08-23T14:41:00.628Z" }, + { url = "https://files.pythonhosted.org/packages/ec/2c/fbecd8381e0a07d1547922be819b4543a901402f63930313a519b937c668/coverage-7.10.5-cp312-cp312-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:dd382410039fe062097aa0292ab6335a3f1e7af7bba2ef8d27dcda484918f20c", size = 248802, upload-time = "2025-08-23T14:41:02.012Z" }, + { url = "https://files.pythonhosted.org/packages/3f/bc/1011da599b414fb6c9c0f34086736126f9ff71f841755786a6b87601b088/coverage-7.10.5-cp312-cp312-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:7fa22800f3908df31cea6fb230f20ac49e343515d968cc3a42b30d5c3ebf9b5a", size = 251550, upload-time = "2025-08-23T14:41:03.438Z" }, + { url = "https://files.pythonhosted.org/packages/4c/6f/b5c03c0c721c067d21bc697accc3642f3cef9f087dac429c918c37a37437/coverage-7.10.5-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:f366a57ac81f5e12797136552f5b7502fa053c861a009b91b80ed51f2ce651c6", size = 252684, upload-time = "2025-08-23T14:41:04.85Z" }, + { url = "https://files.pythonhosted.org/packages/f9/50/d474bc300ebcb6a38a1047d5c465a227605d6473e49b4e0d793102312bc5/coverage-7.10.5-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:5f1dc8f1980a272ad4a6c84cba7981792344dad33bf5869361576b7aef42733a", size = 250602, upload-time = "2025-08-23T14:41:06.719Z" }, + { url = "https://files.pythonhosted.org/packages/4a/2d/548c8e04249cbba3aba6bd799efdd11eee3941b70253733f5d355d689559/coverage-7.10.5-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:2285c04ee8676f7938b02b4936d9b9b672064daab3187c20f73a55f3d70e6b4a", size = 248724, upload-time = "2025-08-23T14:41:08.429Z" }, + { url = "https://files.pythonhosted.org/packages/e2/96/a7c3c0562266ac39dcad271d0eec8fc20ab576e3e2f64130a845ad2a557b/coverage-7.10.5-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:c2492e4dd9daab63f5f56286f8a04c51323d237631eb98505d87e4c4ff19ec34", size = 250158, upload-time = "2025-08-23T14:41:09.749Z" }, + { url = "https://files.pythonhosted.org/packages/f3/75/74d4be58c70c42ef0b352d597b022baf12dbe2b43e7cb1525f56a0fb1d4b/coverage-7.10.5-cp312-cp312-win32.whl", hash = "sha256:38a9109c4ee8135d5df5505384fc2f20287a47ccbe0b3f04c53c9a1989c2bbaf", size = 219493, upload-time = "2025-08-23T14:41:11.095Z" }, + { url = "https://files.pythonhosted.org/packages/4f/08/364e6012d1d4d09d1e27437382967efed971d7613f94bca9add25f0c1f2b/coverage-7.10.5-cp312-cp312-win_amd64.whl", hash = "sha256:6b87f1ad60b30bc3c43c66afa7db6b22a3109902e28c5094957626a0143a001f", size = 220302, upload-time = "2025-08-23T14:41:12.449Z" }, + { url = "https://files.pythonhosted.org/packages/db/d5/7c8a365e1f7355c58af4fe5faf3f90cc8e587590f5854808d17ccb4e7077/coverage-7.10.5-cp312-cp312-win_arm64.whl", hash = "sha256:672a6c1da5aea6c629819a0e1461e89d244f78d7b60c424ecf4f1f2556c041d8", size = 218936, upload-time = "2025-08-23T14:41:13.872Z" }, + { url = "https://files.pythonhosted.org/packages/9f/08/4166ecfb60ba011444f38a5a6107814b80c34c717bc7a23be0d22e92ca09/coverage-7.10.5-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:ef3b83594d933020f54cf65ea1f4405d1f4e41a009c46df629dd964fcb6e907c", size = 217106, upload-time = "2025-08-23T14:41:15.268Z" }, + { url = "https://files.pythonhosted.org/packages/25/d7/b71022408adbf040a680b8c64bf6ead3be37b553e5844f7465643979f7ca/coverage-7.10.5-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:2b96bfdf7c0ea9faebce088a3ecb2382819da4fbc05c7b80040dbc428df6af44", size = 217353, upload-time = "2025-08-23T14:41:16.656Z" }, + { url = "https://files.pythonhosted.org/packages/74/68/21e0d254dbf8972bb8dd95e3fe7038f4be037ff04ba47d6d1b12b37510ba/coverage-7.10.5-cp313-cp313-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:63df1fdaffa42d914d5c4d293e838937638bf75c794cf20bee12978fc8c4e3bc", size = 248350, upload-time = "2025-08-23T14:41:18.128Z" }, + { url = "https://files.pythonhosted.org/packages/90/65/28752c3a896566ec93e0219fc4f47ff71bd2b745f51554c93e8dcb659796/coverage-7.10.5-cp313-cp313-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:8002dc6a049aac0e81ecec97abfb08c01ef0c1fbf962d0c98da3950ace89b869", size = 250955, upload-time = "2025-08-23T14:41:19.577Z" }, + { url = "https://files.pythonhosted.org/packages/a5/eb/ca6b7967f57f6fef31da8749ea20417790bb6723593c8cd98a987be20423/coverage-7.10.5-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:63d4bb2966d6f5f705a6b0c6784c8969c468dbc4bcf9d9ded8bff1c7e092451f", size = 252230, upload-time = "2025-08-23T14:41:20.959Z" }, + { url = "https://files.pythonhosted.org/packages/bc/29/17a411b2a2a18f8b8c952aa01c00f9284a1fbc677c68a0003b772ea89104/coverage-7.10.5-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:1f672efc0731a6846b157389b6e6d5d5e9e59d1d1a23a5c66a99fd58339914d5", size = 250387, upload-time = "2025-08-23T14:41:22.644Z" }, + { url = "https://files.pythonhosted.org/packages/c7/89/97a9e271188c2fbb3db82235c33980bcbc733da7da6065afbaa1d685a169/coverage-7.10.5-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:3f39cef43d08049e8afc1fde4a5da8510fc6be843f8dea350ee46e2a26b2f54c", size = 248280, upload-time = "2025-08-23T14:41:24.061Z" }, + { url = "https://files.pythonhosted.org/packages/d1/c6/0ad7d0137257553eb4706b4ad6180bec0a1b6a648b092c5bbda48d0e5b2c/coverage-7.10.5-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:2968647e3ed5a6c019a419264386b013979ff1fb67dd11f5c9886c43d6a31fc2", size = 249894, upload-time = "2025-08-23T14:41:26.165Z" }, + { url = "https://files.pythonhosted.org/packages/84/56/fb3aba936addb4c9e5ea14f5979393f1c2466b4c89d10591fd05f2d6b2aa/coverage-7.10.5-cp313-cp313-win32.whl", hash = "sha256:0d511dda38595b2b6934c2b730a1fd57a3635c6aa2a04cb74714cdfdd53846f4", size = 219536, upload-time = "2025-08-23T14:41:27.694Z" }, + { url = "https://files.pythonhosted.org/packages/fc/54/baacb8f2f74431e3b175a9a2881feaa8feb6e2f187a0e7e3046f3c7742b2/coverage-7.10.5-cp313-cp313-win_amd64.whl", hash = "sha256:9a86281794a393513cf117177fd39c796b3f8e3759bb2764259a2abba5cce54b", size = 220330, upload-time = "2025-08-23T14:41:29.081Z" }, + { url = "https://files.pythonhosted.org/packages/64/8a/82a3788f8e31dee51d350835b23d480548ea8621f3effd7c3ba3f7e5c006/coverage-7.10.5-cp313-cp313-win_arm64.whl", hash = "sha256:cebd8e906eb98bb09c10d1feed16096700b1198d482267f8bf0474e63a7b8d84", size = 218961, upload-time = "2025-08-23T14:41:30.511Z" }, + { url = "https://files.pythonhosted.org/packages/d8/a1/590154e6eae07beee3b111cc1f907c30da6fc8ce0a83ef756c72f3c7c748/coverage-7.10.5-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:0520dff502da5e09d0d20781df74d8189ab334a1e40d5bafe2efaa4158e2d9e7", size = 217819, upload-time = "2025-08-23T14:41:31.962Z" }, + { url = "https://files.pythonhosted.org/packages/0d/ff/436ffa3cfc7741f0973c5c89405307fe39b78dcf201565b934e6616fc4ad/coverage-7.10.5-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:d9cd64aca68f503ed3f1f18c7c9174cbb797baba02ca8ab5112f9d1c0328cd4b", size = 218040, upload-time = "2025-08-23T14:41:33.472Z" }, + { url = "https://files.pythonhosted.org/packages/a0/ca/5787fb3d7820e66273913affe8209c534ca11241eb34ee8c4fd2aaa9dd87/coverage-7.10.5-cp313-cp313t-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:0913dd1613a33b13c4f84aa6e3f4198c1a21ee28ccb4f674985c1f22109f0aae", size = 259374, upload-time = "2025-08-23T14:41:34.914Z" }, + { url = "https://files.pythonhosted.org/packages/b5/89/21af956843896adc2e64fc075eae3c1cadb97ee0a6960733e65e696f32dd/coverage-7.10.5-cp313-cp313t-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:1b7181c0feeb06ed8a02da02792f42f829a7b29990fef52eff257fef0885d760", size = 261551, upload-time = "2025-08-23T14:41:36.333Z" }, + { url = "https://files.pythonhosted.org/packages/e1/96/390a69244ab837e0ac137989277879a084c786cf036c3c4a3b9637d43a89/coverage-7.10.5-cp313-cp313t-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:36d42b7396b605f774d4372dd9c49bed71cbabce4ae1ccd074d155709dd8f235", size = 263776, upload-time = "2025-08-23T14:41:38.25Z" }, + { url = "https://files.pythonhosted.org/packages/00/32/cfd6ae1da0a521723349f3129b2455832fc27d3f8882c07e5b6fefdd0da2/coverage-7.10.5-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:b4fdc777e05c4940b297bf47bf7eedd56a39a61dc23ba798e4b830d585486ca5", size = 261326, upload-time = "2025-08-23T14:41:40.343Z" }, + { url = "https://files.pythonhosted.org/packages/4c/c4/bf8d459fb4ce2201e9243ce6c015936ad283a668774430a3755f467b39d1/coverage-7.10.5-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:42144e8e346de44a6f1dbd0a56575dd8ab8dfa7e9007da02ea5b1c30ab33a7db", size = 259090, upload-time = "2025-08-23T14:41:42.106Z" }, + { url = "https://files.pythonhosted.org/packages/f4/5d/a234f7409896468e5539d42234016045e4015e857488b0b5b5f3f3fa5f2b/coverage-7.10.5-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:66c644cbd7aed8fe266d5917e2c9f65458a51cfe5eeff9c05f15b335f697066e", size = 260217, upload-time = "2025-08-23T14:41:43.591Z" }, + { url = "https://files.pythonhosted.org/packages/f3/ad/87560f036099f46c2ddd235be6476dd5c1d6be6bb57569a9348d43eeecea/coverage-7.10.5-cp313-cp313t-win32.whl", hash = "sha256:2d1b73023854068c44b0c554578a4e1ef1b050ed07cf8b431549e624a29a66ee", size = 220194, upload-time = "2025-08-23T14:41:45.051Z" }, + { url = "https://files.pythonhosted.org/packages/36/a8/04a482594fdd83dc677d4a6c7e2d62135fff5a1573059806b8383fad9071/coverage-7.10.5-cp313-cp313t-win_amd64.whl", hash = "sha256:54a1532c8a642d8cc0bd5a9a51f5a9dcc440294fd06e9dda55e743c5ec1a8f14", size = 221258, upload-time = "2025-08-23T14:41:46.44Z" }, + { url = "https://files.pythonhosted.org/packages/eb/ad/7da28594ab66fe2bc720f1bc9b131e62e9b4c6e39f044d9a48d18429cc21/coverage-7.10.5-cp313-cp313t-win_arm64.whl", hash = "sha256:74d5b63fe3f5f5d372253a4ef92492c11a4305f3550631beaa432fc9df16fcff", size = 219521, upload-time = "2025-08-23T14:41:47.882Z" }, + { url = "https://files.pythonhosted.org/packages/d3/7f/c8b6e4e664b8a95254c35a6c8dd0bf4db201ec681c169aae2f1256e05c85/coverage-7.10.5-cp314-cp314-macosx_10_13_x86_64.whl", hash = "sha256:68c5e0bc5f44f68053369fa0d94459c84548a77660a5f2561c5e5f1e3bed7031", size = 217090, upload-time = "2025-08-23T14:41:49.327Z" }, + { url = "https://files.pythonhosted.org/packages/44/74/3ee14ede30a6e10a94a104d1d0522d5fb909a7c7cac2643d2a79891ff3b9/coverage-7.10.5-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:cf33134ffae93865e32e1e37df043bef15a5e857d8caebc0099d225c579b0fa3", size = 217365, upload-time = "2025-08-23T14:41:50.796Z" }, + { url = "https://files.pythonhosted.org/packages/41/5f/06ac21bf87dfb7620d1f870dfa3c2cae1186ccbcdc50b8b36e27a0d52f50/coverage-7.10.5-cp314-cp314-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:ad8fa9d5193bafcf668231294241302b5e683a0518bf1e33a9a0dfb142ec3031", size = 248413, upload-time = "2025-08-23T14:41:52.5Z" }, + { url = "https://files.pythonhosted.org/packages/21/bc/cc5bed6e985d3a14228539631573f3863be6a2587381e8bc5fdf786377a1/coverage-7.10.5-cp314-cp314-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:146fa1531973d38ab4b689bc764592fe6c2f913e7e80a39e7eeafd11f0ef6db2", size = 250943, upload-time = "2025-08-23T14:41:53.922Z" }, + { url = "https://files.pythonhosted.org/packages/8d/43/6a9fc323c2c75cd80b18d58db4a25dc8487f86dd9070f9592e43e3967363/coverage-7.10.5-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:6013a37b8a4854c478d3219ee8bc2392dea51602dd0803a12d6f6182a0061762", size = 252301, upload-time = "2025-08-23T14:41:56.528Z" }, + { url = "https://files.pythonhosted.org/packages/69/7c/3e791b8845f4cd515275743e3775adb86273576596dc9f02dca37357b4f2/coverage-7.10.5-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:eb90fe20db9c3d930fa2ad7a308207ab5b86bf6a76f54ab6a40be4012d88fcae", size = 250302, upload-time = "2025-08-23T14:41:58.171Z" }, + { url = "https://files.pythonhosted.org/packages/5c/bc/5099c1e1cb0c9ac6491b281babea6ebbf999d949bf4aa8cdf4f2b53505e8/coverage-7.10.5-cp314-cp314-musllinux_1_2_i686.whl", hash = "sha256:384b34482272e960c438703cafe63316dfbea124ac62006a455c8410bf2a2262", size = 248237, upload-time = "2025-08-23T14:41:59.703Z" }, + { url = "https://files.pythonhosted.org/packages/7e/51/d346eb750a0b2f1e77f391498b753ea906fde69cc11e4b38dca28c10c88c/coverage-7.10.5-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:467dc74bd0a1a7de2bedf8deaf6811f43602cb532bd34d81ffd6038d6d8abe99", size = 249726, upload-time = "2025-08-23T14:42:01.343Z" }, + { url = "https://files.pythonhosted.org/packages/a3/85/eebcaa0edafe427e93286b94f56ea7e1280f2c49da0a776a6f37e04481f9/coverage-7.10.5-cp314-cp314-win32.whl", hash = "sha256:556d23d4e6393ca898b2e63a5bca91e9ac2d5fb13299ec286cd69a09a7187fde", size = 219825, upload-time = "2025-08-23T14:42:03.263Z" }, + { url = "https://files.pythonhosted.org/packages/3c/f7/6d43e037820742603f1e855feb23463979bf40bd27d0cde1f761dcc66a3e/coverage-7.10.5-cp314-cp314-win_amd64.whl", hash = "sha256:f4446a9547681533c8fa3e3c6cf62121eeee616e6a92bd9201c6edd91beffe13", size = 220618, upload-time = "2025-08-23T14:42:05.037Z" }, + { url = "https://files.pythonhosted.org/packages/4a/b0/ed9432e41424c51509d1da603b0393404b828906236fb87e2c8482a93468/coverage-7.10.5-cp314-cp314-win_arm64.whl", hash = "sha256:5e78bd9cf65da4c303bf663de0d73bf69f81e878bf72a94e9af67137c69b9fe9", size = 219199, upload-time = "2025-08-23T14:42:06.662Z" }, + { url = "https://files.pythonhosted.org/packages/2f/54/5a7ecfa77910f22b659c820f67c16fc1e149ed132ad7117f0364679a8fa9/coverage-7.10.5-cp314-cp314t-macosx_10_13_x86_64.whl", hash = "sha256:5661bf987d91ec756a47c7e5df4fbcb949f39e32f9334ccd3f43233bbb65e508", size = 217833, upload-time = "2025-08-23T14:42:08.262Z" }, + { url = "https://files.pythonhosted.org/packages/4e/0e/25672d917cc57857d40edf38f0b867fb9627115294e4f92c8fcbbc18598d/coverage-7.10.5-cp314-cp314t-macosx_11_0_arm64.whl", hash = "sha256:a46473129244db42a720439a26984f8c6f834762fc4573616c1f37f13994b357", size = 218048, upload-time = "2025-08-23T14:42:10.247Z" }, + { url = "https://files.pythonhosted.org/packages/cb/7c/0b2b4f1c6f71885d4d4b2b8608dcfc79057adb7da4143eb17d6260389e42/coverage-7.10.5-cp314-cp314t-manylinux1_i686.manylinux_2_28_i686.manylinux_2_5_i686.whl", hash = "sha256:1f64b8d3415d60f24b058b58d859e9512624bdfa57a2d1f8aff93c1ec45c429b", size = 259549, upload-time = "2025-08-23T14:42:11.811Z" }, + { url = "https://files.pythonhosted.org/packages/94/73/abb8dab1609abec7308d83c6aec547944070526578ee6c833d2da9a0ad42/coverage-7.10.5-cp314-cp314t-manylinux1_x86_64.manylinux_2_28_x86_64.manylinux_2_5_x86_64.whl", hash = "sha256:44d43de99a9d90b20e0163f9770542357f58860a26e24dc1d924643bd6aa7cb4", size = 261715, upload-time = "2025-08-23T14:42:13.505Z" }, + { url = "https://files.pythonhosted.org/packages/0b/d1/abf31de21ec92731445606b8d5e6fa5144653c2788758fcf1f47adb7159a/coverage-7.10.5-cp314-cp314t-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:a931a87e5ddb6b6404e65443b742cb1c14959622777f2a4efd81fba84f5d91ba", size = 263969, upload-time = "2025-08-23T14:42:15.422Z" }, + { url = "https://files.pythonhosted.org/packages/9c/b3/ef274927f4ebede96056173b620db649cc9cb746c61ffc467946b9d0bc67/coverage-7.10.5-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:f9559b906a100029274448f4c8b8b0a127daa4dade5661dfd821b8c188058842", size = 261408, upload-time = "2025-08-23T14:42:16.971Z" }, + { url = "https://files.pythonhosted.org/packages/20/fc/83ca2812be616d69b4cdd4e0c62a7bc526d56875e68fd0f79d47c7923584/coverage-7.10.5-cp314-cp314t-musllinux_1_2_i686.whl", hash = "sha256:b08801e25e3b4526ef9ced1aa29344131a8f5213c60c03c18fe4c6170ffa2874", size = 259168, upload-time = "2025-08-23T14:42:18.512Z" }, + { url = "https://files.pythonhosted.org/packages/fc/4f/e0779e5716f72d5c9962e709d09815d02b3b54724e38567308304c3fc9df/coverage-7.10.5-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:ed9749bb8eda35f8b636fb7632f1c62f735a236a5d4edadd8bbcc5ea0542e732", size = 260317, upload-time = "2025-08-23T14:42:20.005Z" }, + { url = "https://files.pythonhosted.org/packages/2b/fe/4247e732f2234bb5eb9984a0888a70980d681f03cbf433ba7b48f08ca5d5/coverage-7.10.5-cp314-cp314t-win32.whl", hash = "sha256:609b60d123fc2cc63ccee6d17e4676699075db72d14ac3c107cc4976d516f2df", size = 220600, upload-time = "2025-08-23T14:42:22.027Z" }, + { url = "https://files.pythonhosted.org/packages/a7/a0/f294cff6d1034b87839987e5b6ac7385bec599c44d08e0857ac7f164ad0c/coverage-7.10.5-cp314-cp314t-win_amd64.whl", hash = "sha256:0666cf3d2c1626b5a3463fd5b05f5e21f99e6aec40a3192eee4d07a15970b07f", size = 221714, upload-time = "2025-08-23T14:42:23.616Z" }, + { url = "https://files.pythonhosted.org/packages/23/18/fa1afdc60b5528d17416df440bcbd8fd12da12bfea9da5b6ae0f7a37d0f7/coverage-7.10.5-cp314-cp314t-win_arm64.whl", hash = "sha256:bc85eb2d35e760120540afddd3044a5bf69118a91a296a8b3940dfc4fdcfe1e2", size = 219735, upload-time = "2025-08-23T14:42:25.156Z" }, + { url = "https://files.pythonhosted.org/packages/08/b6/fff6609354deba9aeec466e4bcaeb9d1ed3e5d60b14b57df2a36fb2273f2/coverage-7.10.5-py3-none-any.whl", hash = "sha256:0be24d35e4db1d23d0db5c0f6a74a962e2ec83c426b5cac09f4234aadef38e4a", size = 208736, upload-time = "2025-08-23T14:42:43.145Z" }, +] + +[package.optional-dependencies] +toml = [ + { name = "tomli", marker = "python_full_version <= '3.11'" }, +] + +[[package]] +name = "cryptography" +version = "45.0.6" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "cffi", marker = "platform_python_implementation != 'PyPy'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/d6/0d/d13399c94234ee8f3df384819dc67e0c5ce215fb751d567a55a1f4b028c7/cryptography-45.0.6.tar.gz", hash = "sha256:5c966c732cf6e4a276ce83b6e4c729edda2df6929083a952cc7da973c539c719", size = 744949, upload-time = "2025-08-05T23:59:27.93Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b3/b6/cabd07410f222f32c8d55486c464f432808abaa1f12af9afcbe8f2f19030/cryptography-45.0.6-cp311-abi3-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:44647c5d796f5fc042bbc6d61307d04bf29bccb74d188f18051b635f20a9c75f", size = 4206483, upload-time = "2025-08-05T23:58:27.132Z" }, + { url = "https://files.pythonhosted.org/packages/8b/9e/f9c7d36a38b1cfeb1cc74849aabe9bf817990f7603ff6eb485e0d70e0b27/cryptography-45.0.6-cp311-abi3-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:e40b80ecf35ec265c452eea0ba94c9587ca763e739b8e559c128d23bff7ebbbf", size = 4429679, upload-time = "2025-08-05T23:58:29.152Z" }, + { url = "https://files.pythonhosted.org/packages/9c/2a/4434c17eb32ef30b254b9e8b9830cee4e516f08b47fdd291c5b1255b8101/cryptography-45.0.6-cp311-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:00e8724bdad672d75e6f069b27970883179bd472cd24a63f6e620ca7e41cc0c5", size = 4210553, upload-time = "2025-08-05T23:58:30.596Z" }, + { url = "https://files.pythonhosted.org/packages/ef/1d/09a5df8e0c4b7970f5d1f3aff1b640df6d4be28a64cae970d56c6cf1c772/cryptography-45.0.6-cp311-abi3-manylinux_2_28_armv7l.manylinux_2_31_armv7l.whl", hash = "sha256:7a3085d1b319d35296176af31c90338eeb2ddac8104661df79f80e1d9787b8b2", size = 3894499, upload-time = "2025-08-05T23:58:32.03Z" }, + { url = "https://files.pythonhosted.org/packages/79/62/120842ab20d9150a9d3a6bdc07fe2870384e82f5266d41c53b08a3a96b34/cryptography-45.0.6-cp311-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:1b7fa6a1c1188c7ee32e47590d16a5a0646270921f8020efc9a511648e1b2e08", size = 4458484, upload-time = "2025-08-05T23:58:33.526Z" }, + { url = "https://files.pythonhosted.org/packages/fd/80/1bc3634d45ddfed0871bfba52cf8f1ad724761662a0c792b97a951fb1b30/cryptography-45.0.6-cp311-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:275ba5cc0d9e320cd70f8e7b96d9e59903c815ca579ab96c1e37278d231fc402", size = 4210281, upload-time = "2025-08-05T23:58:35.445Z" }, + { url = "https://files.pythonhosted.org/packages/7d/fe/ffb12c2d83d0ee625f124880a1f023b5878f79da92e64c37962bbbe35f3f/cryptography-45.0.6-cp311-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:f4028f29a9f38a2025abedb2e409973709c660d44319c61762202206ed577c42", size = 4456890, upload-time = "2025-08-05T23:58:36.923Z" }, + { url = "https://files.pythonhosted.org/packages/8c/8e/b3f3fe0dc82c77a0deb5f493b23311e09193f2268b77196ec0f7a36e3f3e/cryptography-45.0.6-cp311-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:ee411a1b977f40bd075392c80c10b58025ee5c6b47a822a33c1198598a7a5f05", size = 4333247, upload-time = "2025-08-05T23:58:38.781Z" }, + { url = "https://files.pythonhosted.org/packages/b3/a6/c3ef2ab9e334da27a1d7b56af4a2417d77e7806b2e0f90d6267ce120d2e4/cryptography-45.0.6-cp311-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:e2a21a8eda2d86bb604934b6b37691585bd095c1f788530c1fcefc53a82b3453", size = 4565045, upload-time = "2025-08-05T23:58:40.415Z" }, + { url = "https://files.pythonhosted.org/packages/98/c6/ea5173689e014f1a8470899cd5beeb358e22bb3cf5a876060f9d1ca78af4/cryptography-45.0.6-cp37-abi3-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:0d9ef57b6768d9fa58e92f4947cea96ade1233c0e236db22ba44748ffedca394", size = 4198169, upload-time = "2025-08-05T23:58:47.121Z" }, + { url = "https://files.pythonhosted.org/packages/ba/73/b12995edc0c7e2311ffb57ebd3b351f6b268fed37d93bfc6f9856e01c473/cryptography-45.0.6-cp37-abi3-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:ea3c42f2016a5bbf71825537c2ad753f2870191134933196bee408aac397b3d9", size = 4421273, upload-time = "2025-08-05T23:58:48.557Z" }, + { url = "https://files.pythonhosted.org/packages/f7/6e/286894f6f71926bc0da67408c853dd9ba953f662dcb70993a59fd499f111/cryptography-45.0.6-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:20ae4906a13716139d6d762ceb3e0e7e110f7955f3bc3876e3a07f5daadec5f3", size = 4199211, upload-time = "2025-08-05T23:58:50.139Z" }, + { url = "https://files.pythonhosted.org/packages/de/34/a7f55e39b9623c5cb571d77a6a90387fe557908ffc44f6872f26ca8ae270/cryptography-45.0.6-cp37-abi3-manylinux_2_28_armv7l.manylinux_2_31_armv7l.whl", hash = "sha256:2dac5ec199038b8e131365e2324c03d20e97fe214af051d20c49db129844e8b3", size = 3883732, upload-time = "2025-08-05T23:58:52.253Z" }, + { url = "https://files.pythonhosted.org/packages/f9/b9/c6d32edbcba0cd9f5df90f29ed46a65c4631c4fbe11187feb9169c6ff506/cryptography-45.0.6-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:18f878a34b90d688982e43f4b700408b478102dd58b3e39de21b5ebf6509c301", size = 4450655, upload-time = "2025-08-05T23:58:53.848Z" }, + { url = "https://files.pythonhosted.org/packages/77/2d/09b097adfdee0227cfd4c699b3375a842080f065bab9014248933497c3f9/cryptography-45.0.6-cp37-abi3-manylinux_2_34_aarch64.whl", hash = "sha256:5bd6020c80c5b2b2242d6c48487d7b85700f5e0038e67b29d706f98440d66eb5", size = 4198956, upload-time = "2025-08-05T23:58:55.209Z" }, + { url = "https://files.pythonhosted.org/packages/55/66/061ec6689207d54effdff535bbdf85cc380d32dd5377173085812565cf38/cryptography-45.0.6-cp37-abi3-manylinux_2_34_x86_64.whl", hash = "sha256:eccddbd986e43014263eda489abbddfbc287af5cddfd690477993dbb31e31016", size = 4449859, upload-time = "2025-08-05T23:58:56.639Z" }, + { url = "https://files.pythonhosted.org/packages/41/ff/e7d5a2ad2d035e5a2af116e1a3adb4d8fcd0be92a18032917a089c6e5028/cryptography-45.0.6-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:550ae02148206beb722cfe4ef0933f9352bab26b087af00e48fdfb9ade35c5b3", size = 4320254, upload-time = "2025-08-05T23:58:58.833Z" }, + { url = "https://files.pythonhosted.org/packages/82/27/092d311af22095d288f4db89fcaebadfb2f28944f3d790a4cf51fe5ddaeb/cryptography-45.0.6-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:5b64e668fc3528e77efa51ca70fadcd6610e8ab231e3e06ae2bab3b31c2b8ed9", size = 4554815, upload-time = "2025-08-05T23:59:00.283Z" }, + { url = "https://files.pythonhosted.org/packages/ec/24/55fc238fcaa122855442604b8badb2d442367dfbd5a7ca4bb0bd346e263a/cryptography-45.0.6-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:826b46dae41a1155a0c0e66fafba43d0ede1dc16570b95e40c4d83bfcf0a451d", size = 4141694, upload-time = "2025-08-05T23:59:06.66Z" }, + { url = "https://files.pythonhosted.org/packages/f9/7e/3ea4fa6fbe51baf3903806a0241c666b04c73d2358a3ecce09ebee8b9622/cryptography-45.0.6-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:cc4d66f5dc4dc37b89cfef1bd5044387f7a1f6f0abb490815628501909332d5d", size = 4375010, upload-time = "2025-08-05T23:59:08.14Z" }, + { url = "https://files.pythonhosted.org/packages/50/42/ec5a892d82d2a2c29f80fc19ced4ba669bca29f032faf6989609cff1f8dc/cryptography-45.0.6-pp310-pypy310_pp73-manylinux_2_34_aarch64.whl", hash = "sha256:f68f833a9d445cc49f01097d95c83a850795921b3f7cc6488731e69bde3288da", size = 4141377, upload-time = "2025-08-05T23:59:09.584Z" }, + { url = "https://files.pythonhosted.org/packages/e7/d7/246c4c973a22b9c2931999da953a2c19cae7c66b9154c2d62ffed811225e/cryptography-45.0.6-pp310-pypy310_pp73-manylinux_2_34_x86_64.whl", hash = "sha256:3b5bf5267e98661b9b888a9250d05b063220dfa917a8203744454573c7eb79db", size = 4374609, upload-time = "2025-08-05T23:59:11.923Z" }, + { url = "https://files.pythonhosted.org/packages/e3/fe/deea71e9f310a31fe0a6bfee670955152128d309ea2d1c79e2a5ae0f0401/cryptography-45.0.6-pp311-pypy311_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:3de77e4df42ac8d4e4d6cdb342d989803ad37707cf8f3fbf7b088c9cbdd46427", size = 4153022, upload-time = "2025-08-05T23:59:16.954Z" }, + { url = "https://files.pythonhosted.org/packages/60/45/a77452f5e49cb580feedba6606d66ae7b82c128947aa754533b3d1bd44b0/cryptography-45.0.6-pp311-pypy311_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:599c8d7df950aa68baa7e98f7b73f4f414c9f02d0e8104a30c0182a07732638b", size = 4386802, upload-time = "2025-08-05T23:59:18.55Z" }, + { url = "https://files.pythonhosted.org/packages/a3/b9/a2f747d2acd5e3075fdf5c145c7c3568895daaa38b3b0c960ef830db6cdc/cryptography-45.0.6-pp311-pypy311_pp73-manylinux_2_34_aarch64.whl", hash = "sha256:31a2b9a10530a1cb04ffd6aa1cd4d3be9ed49f7d77a4dafe198f3b382f41545c", size = 4152706, upload-time = "2025-08-05T23:59:20.044Z" }, + { url = "https://files.pythonhosted.org/packages/81/ec/381b3e8d0685a3f3f304a382aa3dfce36af2d76467da0fd4bb21ddccc7b2/cryptography-45.0.6-pp311-pypy311_pp73-manylinux_2_34_x86_64.whl", hash = "sha256:e5b3dda1b00fb41da3af4c5ef3f922a200e33ee5ba0f0bc9ecf0b0c173958385", size = 4386740, upload-time = "2025-08-05T23:59:21.525Z" }, +] + +[[package]] +name = "distlib" +version = "0.4.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/96/8e/709914eb2b5749865801041647dc7f4e6d00b549cfe88b65ca192995f07c/distlib-0.4.0.tar.gz", hash = "sha256:feec40075be03a04501a973d81f633735b4b69f98b05450592310c0f401a4e0d", size = 614605, upload-time = "2025-07-17T16:52:00.465Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/33/6b/e0547afaf41bf2c42e52430072fa5658766e3d65bd4b03a563d1b6336f57/distlib-0.4.0-py2.py3-none-any.whl", hash = "sha256:9659f7d87e46584a30b5780e43ac7a2143098441670ff0a49d5f9034c54a6c16", size = 469047, upload-time = "2025-07-17T16:51:58.613Z" }, +] + +[[package]] +name = "docopt" +version = "0.6.2" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/a2/55/8f8cab2afd404cf578136ef2cc5dfb50baa1761b68c9da1fb1e4eed343c9/docopt-0.6.2.tar.gz", hash = "sha256:49b3a825280bd66b3aa83585ef59c4a8c82f2c8a522dbe754a8bc8d08c85c491", size = 25901, upload-time = "2014-06-16T11:18:57.406Z" } + +[[package]] +name = "docutils" +version = "0.22" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/e9/86/5b41c32ecedcfdb4c77b28b6cb14234f252075f8cdb254531727a35547dd/docutils-0.22.tar.gz", hash = "sha256:ba9d57750e92331ebe7c08a1bbf7a7f8143b86c476acd51528b042216a6aad0f", size = 2277984, upload-time = "2025-07-29T15:20:31.06Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/44/57/8db39bc5f98f042e0153b1de9fb88e1a409a33cda4dd7f723c2ed71e01f6/docutils-0.22-py3-none-any.whl", hash = "sha256:4ed966a0e96a0477d852f7af31bdcb3adc049fbb35ccba358c2ea8a03287615e", size = 630709, upload-time = "2025-07-29T15:20:28.335Z" }, +] + +[[package]] +name = "exceptiongroup" +version = "1.3.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "typing-extensions", marker = "python_full_version < '3.13'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/0b/9f/a65090624ecf468cdca03533906e7c69ed7588582240cfe7cc9e770b50eb/exceptiongroup-1.3.0.tar.gz", hash = "sha256:b241f5885f560bc56a59ee63ca4c6a8bfa46ae4ad651af316d4e81817bb9fd88", size = 29749, upload-time = "2025-05-10T17:42:51.123Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/36/f4/c6e662dade71f56cd2f3735141b265c3c79293c109549c1e6933b0651ffc/exceptiongroup-1.3.0-py3-none-any.whl", hash = "sha256:4d111e6e0c13d0644cad6ddaa7ed0261a0b36971f6d23e7ec9b4b9097da78a10", size = 16674, upload-time = "2025-05-10T17:42:49.33Z" }, +] + +[[package]] +name = "filelock" +version = "3.19.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/40/bb/0ab3e58d22305b6f5440629d20683af28959bf793d98d11950e305c1c326/filelock-3.19.1.tar.gz", hash = "sha256:66eda1888b0171c998b35be2bcc0f6d75c388a7ce20c3f3f37aa8e96c2dddf58", size = 17687, upload-time = "2025-08-14T16:56:03.016Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/42/14/42b2651a2f46b022ccd948bca9f2d5af0fd8929c4eec235b8d6d844fbe67/filelock-3.19.1-py3-none-any.whl", hash = "sha256:d38e30481def20772f5baf097c122c3babc4fcdb7e14e57049eb9d88c6dc017d", size = 15988, upload-time = "2025-08-14T16:56:01.633Z" }, +] + +[[package]] +name = "gitdb" +version = "4.0.12" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "smmap" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/72/94/63b0fc47eb32792c7ba1fe1b694daec9a63620db1e313033d18140c2320a/gitdb-4.0.12.tar.gz", hash = "sha256:5ef71f855d191a3326fcfbc0d5da835f26b13fbcba60c32c21091c349ffdb571", size = 394684, upload-time = "2025-01-02T07:20:46.413Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/a0/61/5c78b91c3143ed5c14207f463aecfc8f9dbb5092fb2869baf37c273b2705/gitdb-4.0.12-py3-none-any.whl", hash = "sha256:67073e15955400952c6565cc3e707c554a4eea2e428946f7a4c162fab9bd9bcf", size = 62794, upload-time = "2025-01-02T07:20:43.624Z" }, +] + +[[package]] +name = "gitpython" +version = "3.1.45" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "gitdb" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/9a/c8/dd58967d119baab745caec2f9d853297cec1989ec1d63f677d3880632b88/gitpython-3.1.45.tar.gz", hash = "sha256:85b0ee964ceddf211c41b9f27a49086010a190fd8132a24e21f362a4b36a791c", size = 215076, upload-time = "2025-07-24T03:45:54.871Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/01/61/d4b89fec821f72385526e1b9d9a3a0385dda4a72b206d28049e2c7cd39b8/gitpython-3.1.45-py3-none-any.whl", hash = "sha256:8908cb2e02fb3b93b7eb0f2827125cb699869470432cc885f019b8fd0fccff77", size = 208168, upload-time = "2025-07-24T03:45:52.517Z" }, +] + +[[package]] +name = "h11" +version = "0.16.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/01/ee/02a2c011bdab74c6fb3c75474d40b3052059d95df7e73351460c8588d963/h11-0.16.0.tar.gz", hash = "sha256:4e35b956cf45792e4caa5885e69fba00bdbc6ffafbfa020300e549b208ee5ff1", size = 101250, upload-time = "2025-04-24T03:35:25.427Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/04/4b/29cac41a4d98d144bf5f6d33995617b185d14b22401f75ca86f384e87ff1/h11-0.16.0-py3-none-any.whl", hash = "sha256:63cf8bbe7522de3bf65932fda1d9c2772064ffb3dae62d55932da54b31cb6c86", size = 37515, upload-time = "2025-04-24T03:35:24.344Z" }, +] + +[[package]] +name = "hatch" +version = "1.14.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "click" }, + { name = "hatchling" }, + { name = "httpx" }, + { name = "hyperlink" }, + { name = "keyring" }, + { name = "packaging" }, + { name = "pexpect" }, + { name = "platformdirs" }, + { name = "rich" }, + { name = "shellingham" }, + { name = "tomli-w" }, + { name = "tomlkit" }, + { name = "userpath" }, + { name = "uv" }, + { name = "virtualenv" }, + { name = "zstandard" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/1f/43/c0b37db0e857a44ce5ffdb7e8a9b8fa6425d0b74dea698fafcd9bddb50d1/hatch-1.14.1.tar.gz", hash = "sha256:ca1aff788f8596b0dd1f8f8dfe776443d2724a86b1976fabaf087406ba3d0713", size = 5188180, upload-time = "2025-04-07T04:16:04.522Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/a5/40/19c0935bf9f25808541a0e3144ac459de696c5b6b6d4511a98d456c69604/hatch-1.14.1-py3-none-any.whl", hash = "sha256:39cdaa59e47ce0c5505d88a951f4324a9c5aafa17e4a877e2fde79b36ab66c21", size = 125770, upload-time = "2025-04-07T04:16:02.525Z" }, +] + +[[package]] +name = "hatchling" +version = "1.27.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "packaging" }, + { name = "pathspec" }, + { name = "pluggy" }, + { name = "tomli", marker = "python_full_version < '3.11'" }, + { name = "trove-classifiers" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/8f/8a/cc1debe3514da292094f1c3a700e4ca25442489731ef7c0814358816bb03/hatchling-1.27.0.tar.gz", hash = "sha256:971c296d9819abb3811112fc52c7a9751c8d381898f36533bb16f9791e941fd6", size = 54983, upload-time = "2024-12-15T17:08:11.894Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/08/e7/ae38d7a6dfba0533684e0b2136817d667588ae3ec984c1a4e5df5eb88482/hatchling-1.27.0-py3-none-any.whl", hash = "sha256:d3a2f3567c4f926ea39849cdf924c7e99e6686c9c8e288ae1037c8fa2a5d937b", size = 75794, upload-time = "2024-12-15T17:08:10.364Z" }, +] + +[[package]] +name = "httpcore" +version = "1.0.9" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "certifi" }, + { name = "h11" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/06/94/82699a10bca87a5556c9c59b5963f2d039dbd239f25bc2a63907a05a14cb/httpcore-1.0.9.tar.gz", hash = "sha256:6e34463af53fd2ab5d807f399a9b45ea31c3dfa2276f15a2c3f00afff6e176e8", size = 85484, upload-time = "2025-04-24T22:06:22.219Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/7e/f5/f66802a942d491edb555dd61e3a9961140fd64c90bce1eafd741609d334d/httpcore-1.0.9-py3-none-any.whl", hash = "sha256:2d400746a40668fc9dec9810239072b40b4484b640a8c38fd654a024c7a1bf55", size = 78784, upload-time = "2025-04-24T22:06:20.566Z" }, +] + +[[package]] +name = "httpx" +version = "0.28.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "anyio" }, + { name = "certifi" }, + { name = "httpcore" }, + { name = "idna" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/b1/df/48c586a5fe32a0f01324ee087459e112ebb7224f646c0b5023f5e79e9956/httpx-0.28.1.tar.gz", hash = "sha256:75e98c5f16b0f35b567856f597f06ff2270a374470a5c2392242528e3e3e42fc", size = 141406, upload-time = "2024-12-06T15:37:23.222Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/2a/39/e50c7c3a983047577ee07d2a9e53faf5a69493943ec3f6a384bdc792deb2/httpx-0.28.1-py3-none-any.whl", hash = "sha256:d909fcccc110f8c7faf814ca82a9a4d816bc5a6dbfea25d6591d6985b8ba59ad", size = 73517, upload-time = "2024-12-06T15:37:21.509Z" }, +] + +[[package]] +name = "hyperlink" +version = "21.0.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "idna" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/3a/51/1947bd81d75af87e3bb9e34593a4cf118115a8feb451ce7a69044ef1412e/hyperlink-21.0.0.tar.gz", hash = "sha256:427af957daa58bc909471c6c40f74c5450fa123dd093fc53efd2e91d2705a56b", size = 140743, upload-time = "2021-01-08T05:51:20.972Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/6e/aa/8caf6a0a3e62863cbb9dab27135660acba46903b703e224f14f447e57934/hyperlink-21.0.0-py2.py3-none-any.whl", hash = "sha256:e6b14c37ecb73e89c77d78cdb4c2cc8f3fb59a885c5b3f819ff4ed80f25af1b4", size = 74638, upload-time = "2021-01-08T05:51:22.906Z" }, +] + +[[package]] +name = "id" +version = "1.5.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "requests" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/22/11/102da08f88412d875fa2f1a9a469ff7ad4c874b0ca6fed0048fe385bdb3d/id-1.5.0.tar.gz", hash = "sha256:292cb8a49eacbbdbce97244f47a97b4c62540169c976552e497fd57df0734c1d", size = 15237, upload-time = "2024-12-04T19:53:05.575Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/9f/cb/18326d2d89ad3b0dd143da971e77afd1e6ca6674f1b1c3df4b6bec6279fc/id-1.5.0-py3-none-any.whl", hash = "sha256:f1434e1cef91f2cbb8a4ec64663d5a23b9ed43ef44c4c957d02583d61714c658", size = 13611, upload-time = "2024-12-04T19:53:03.02Z" }, +] + +[[package]] +name = "identify" +version = "2.6.13" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/82/ca/ffbabe3635bb839aa36b3a893c91a9b0d368cb4d8073e03a12896970af82/identify-2.6.13.tar.gz", hash = "sha256:da8d6c828e773620e13bfa86ea601c5a5310ba4bcd65edf378198b56a1f9fb32", size = 99243, upload-time = "2025-08-09T19:35:00.6Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/e7/ce/461b60a3ee109518c055953729bf9ed089a04db895d47e95444071dcdef2/identify-2.6.13-py2.py3-none-any.whl", hash = "sha256:60381139b3ae39447482ecc406944190f690d4a2997f2584062089848361b33b", size = 99153, upload-time = "2025-08-09T19:34:59.1Z" }, +] + +[[package]] +name = "idna" +version = "3.10" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/f1/70/7703c29685631f5a7590aa73f1f1d3fa9a380e654b86af429e0934a32f7d/idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9", size = 190490, upload-time = "2024-09-15T18:07:39.745Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/76/c6/c88e154df9c4e1a2a66ccf0005a88dfb2650c1dffb6f5ce603dfbd452ce3/idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3", size = 70442, upload-time = "2024-09-15T18:07:37.964Z" }, +] + +[[package]] +name = "importlib-metadata" +version = "8.7.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "zipp" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/76/66/650a33bd90f786193e4de4b3ad86ea60b53c89b669a5c7be931fac31cdb0/importlib_metadata-8.7.0.tar.gz", hash = "sha256:d13b81ad223b890aa16c5471f2ac3056cf76c5f10f82d6f9292f0b415f389000", size = 56641, upload-time = "2025-04-27T15:29:01.736Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/20/b0/36bd937216ec521246249be3bf9855081de4c5e06a0c9b4219dbeda50373/importlib_metadata-8.7.0-py3-none-any.whl", hash = "sha256:e5dd1551894c77868a30651cef00984d50e1002d06942a7101d34870c5f02afd", size = 27656, upload-time = "2025-04-27T15:29:00.214Z" }, +] + +[[package]] +name = "iniconfig" +version = "2.1.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/f2/97/ebf4da567aa6827c909642694d71c9fcf53e5b504f2d96afea02718862f3/iniconfig-2.1.0.tar.gz", hash = "sha256:3abbd2e30b36733fee78f9c7f7308f2d0050e88f0087fd25c2645f63c773e1c7", size = 4793, upload-time = "2025-03-19T20:09:59.721Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/2c/e1/e6716421ea10d38022b952c159d5161ca1193197fb744506875fbb87ea7b/iniconfig-2.1.0-py3-none-any.whl", hash = "sha256:9deba5723312380e77435581c6bf4935c94cbfab9b1ed33ef8d238ea168eb760", size = 6050, upload-time = "2025-03-19T20:10:01.071Z" }, +] + +[[package]] +name = "jaraco-classes" +version = "3.4.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "more-itertools" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/06/c0/ed4a27bc5571b99e3cff68f8a9fa5b56ff7df1c2251cc715a652ddd26402/jaraco.classes-3.4.0.tar.gz", hash = "sha256:47a024b51d0239c0dd8c8540c6c7f484be3b8fcf0b2d85c13825780d3b3f3acd", size = 11780, upload-time = "2024-03-31T07:27:36.643Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/7f/66/b15ce62552d84bbfcec9a4873ab79d993a1dd4edb922cbfccae192bd5b5f/jaraco.classes-3.4.0-py3-none-any.whl", hash = "sha256:f662826b6bed8cace05e7ff873ce0f9283b5c924470fe664fff1c2f00f581790", size = 6777, upload-time = "2024-03-31T07:27:34.792Z" }, +] + +[[package]] +name = "jaraco-context" +version = "6.0.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "backports-tarfile", marker = "python_full_version < '3.12'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/df/ad/f3777b81bf0b6e7bc7514a1656d3e637b2e8e15fab2ce3235730b3e7a4e6/jaraco_context-6.0.1.tar.gz", hash = "sha256:9bae4ea555cf0b14938dc0aee7c9f32ed303aa20a3b73e7dc80111628792d1b3", size = 13912, upload-time = "2024-08-20T03:39:27.358Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/ff/db/0c52c4cf5e4bd9f5d7135ec7669a3a767af21b3a308e1ed3674881e52b62/jaraco.context-6.0.1-py3-none-any.whl", hash = "sha256:f797fc481b490edb305122c9181830a3a5b76d84ef6d1aef2fb9b47ab956f9e4", size = 6825, upload-time = "2024-08-20T03:39:25.966Z" }, +] + +[[package]] +name = "jaraco-functools" +version = "4.3.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "more-itertools" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/f7/ed/1aa2d585304ec07262e1a83a9889880701079dde796ac7b1d1826f40c63d/jaraco_functools-4.3.0.tar.gz", hash = "sha256:cfd13ad0dd2c47a3600b439ef72d8615d482cedcff1632930d6f28924d92f294", size = 19755, upload-time = "2025-08-18T20:05:09.91Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b4/09/726f168acad366b11e420df31bf1c702a54d373a83f968d94141a8c3fde0/jaraco_functools-4.3.0-py3-none-any.whl", hash = "sha256:227ff8ed6f7b8f62c56deff101545fa7543cf2c8e7b82a7c2116e672f29c26e8", size = 10408, upload-time = "2025-08-18T20:05:08.69Z" }, +] + +[[package]] +name = "jeepney" +version = "0.9.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/7b/6f/357efd7602486741aa73ffc0617fb310a29b588ed0fd69c2399acbb85b0c/jeepney-0.9.0.tar.gz", hash = "sha256:cf0e9e845622b81e4a28df94c40345400256ec608d0e55bb8a3feaa9163f5732", size = 106758, upload-time = "2025-02-27T18:51:01.684Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b2/a3/e137168c9c44d18eff0376253da9f1e9234d0239e0ee230d2fee6cea8e55/jeepney-0.9.0-py3-none-any.whl", hash = "sha256:97e5714520c16fc0a45695e5365a2e11b81ea79bba796e26f9f1d178cb182683", size = 49010, upload-time = "2025-02-27T18:51:00.104Z" }, +] + +[[package]] +name = "keyring" +version = "25.6.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "importlib-metadata", marker = "python_full_version < '3.12'" }, + { name = "jaraco-classes" }, + { name = "jaraco-context" }, + { name = "jaraco-functools" }, + { name = "jeepney", marker = "sys_platform == 'linux'" }, + { name = "pywin32-ctypes", marker = "sys_platform == 'win32'" }, + { name = "secretstorage", marker = "sys_platform == 'linux'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/70/09/d904a6e96f76ff214be59e7aa6ef7190008f52a0ab6689760a98de0bf37d/keyring-25.6.0.tar.gz", hash = "sha256:0b39998aa941431eb3d9b0d4b2460bc773b9df6fed7621c2dfb291a7e0187a66", size = 62750, upload-time = "2024-12-25T15:26:45.782Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/d3/32/da7f44bcb1105d3e88a0b74ebdca50c59121d2ddf71c9e34ba47df7f3a56/keyring-25.6.0-py3-none-any.whl", hash = "sha256:552a3f7af126ece7ed5c89753650eec89c7eaae8617d0aa4d9ad2b75111266bd", size = 39085, upload-time = "2024-12-25T15:26:44.377Z" }, +] + +[[package]] +name = "markdown-it-py" +version = "4.0.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "mdurl" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/5b/f5/4ec618ed16cc4f8fb3b701563655a69816155e79e24a17b651541804721d/markdown_it_py-4.0.0.tar.gz", hash = "sha256:cb0a2b4aa34f932c007117b194e945bd74e0ec24133ceb5bac59009cda1cb9f3", size = 73070, upload-time = "2025-08-11T12:57:52.854Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/94/54/e7d793b573f298e1c9013b8c4dade17d481164aa517d1d7148619c2cedbf/markdown_it_py-4.0.0-py3-none-any.whl", hash = "sha256:87327c59b172c5011896038353a81343b6754500a08cd7a4973bb48c6d578147", size = 87321, upload-time = "2025-08-11T12:57:51.923Z" }, +] + +[[package]] +name = "mdurl" +version = "0.1.2" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/d6/54/cfe61301667036ec958cb99bd3efefba235e65cdeb9c84d24a8293ba1d90/mdurl-0.1.2.tar.gz", hash = "sha256:bb413d29f5eea38f31dd4754dd7377d4465116fb207585f97bf925588687c1ba", size = 8729, upload-time = "2022-08-14T12:40:10.846Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b3/38/89ba8ad64ae25be8de66a6d463314cf1eb366222074cfda9ee839c56a4b4/mdurl-0.1.2-py3-none-any.whl", hash = "sha256:84008a41e51615a49fc9966191ff91509e3c40b939176e643fd50a5c2196b8f8", size = 9979, upload-time = "2022-08-14T12:40:09.779Z" }, +] + +[[package]] +name = "mdutils" +version = "1.8.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/28/4b/df40d441a280f20fa173f224577fbbb2477851a73736080c89a61ff8a4dd/mdutils-1.8.0.tar.gz", hash = "sha256:091b605b4b550465a304f1c66d37647b6008b4a19e7b5154a7d39a148e903f6d", size = 23909, upload-time = "2025-07-10T19:09:41.194Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/9c/6b/d4c6e92daf6123696797e9914e4a3d36e2ba24a2ff1aad00c2d6d2afb82d/mdutils-1.8.0-py3-none-any.whl", hash = "sha256:0d3cf9af4a958f3bbd184c1097985bb1d1f9489887e1f7329942ada14359c7ba", size = 21647, upload-time = "2025-07-10T19:09:40.063Z" }, +] + +[[package]] +name = "more-itertools" +version = "10.7.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/ce/a0/834b0cebabbfc7e311f30b46c8188790a37f89fc8d756660346fe5abfd09/more_itertools-10.7.0.tar.gz", hash = "sha256:9fddd5403be01a94b204faadcff459ec3568cf110265d3c54323e1e866ad29d3", size = 127671, upload-time = "2025-04-22T14:17:41.838Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/2b/9f/7ba6f94fc1e9ac3d2b853fdff3035fb2fa5afbed898c4a72b8a020610594/more_itertools-10.7.0-py3-none-any.whl", hash = "sha256:d43980384673cb07d2f7d2d918c616b30c659c089ee23953f601d6609c67510e", size = 65278, upload-time = "2025-04-22T14:17:40.49Z" }, +] + +[[package]] +name = "nh3" +version = "0.3.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/c3/a4/96cff0977357f60f06ec4368c4c7a7a26cccfe7c9fcd54f5378bf0428fd3/nh3-0.3.0.tar.gz", hash = "sha256:d8ba24cb31525492ea71b6aac11a4adac91d828aadeff7c4586541bf5dc34d2f", size = 19655, upload-time = "2025-07-17T14:43:37.05Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b4/11/340b7a551916a4b2b68c54799d710f86cf3838a4abaad8e74d35360343bb/nh3-0.3.0-cp313-cp313t-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:a537ece1bf513e5a88d8cff8a872e12fe8d0f42ef71dd15a5e7520fecd191bbb", size = 1427992, upload-time = "2025-07-17T14:43:06.848Z" }, + { url = "https://files.pythonhosted.org/packages/ad/7f/7c6b8358cf1222921747844ab0eef81129e9970b952fcb814df417159fb9/nh3-0.3.0-cp313-cp313t-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7c915060a2c8131bef6a29f78debc29ba40859b6dbe2362ef9e5fd44f11487c2", size = 798194, upload-time = "2025-07-17T14:43:08.263Z" }, + { url = "https://files.pythonhosted.org/packages/63/da/c5fd472b700ba37d2df630a9e0d8cc156033551ceb8b4c49cc8a5f606b68/nh3-0.3.0-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:ba0caa8aa184196daa6e574d997a33867d6d10234018012d35f86d46024a2a95", size = 837884, upload-time = "2025-07-17T14:43:09.233Z" }, + { url = "https://files.pythonhosted.org/packages/4c/3c/cba7b26ccc0ef150c81646478aa32f9c9535234f54845603c838a1dc955c/nh3-0.3.0-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:80fe20171c6da69c7978ecba33b638e951b85fb92059259edd285ff108b82a6d", size = 996365, upload-time = "2025-07-17T14:43:10.243Z" }, + { url = "https://files.pythonhosted.org/packages/f3/ba/59e204d90727c25b253856e456ea61265ca810cda8ee802c35f3fadaab00/nh3-0.3.0-cp313-cp313t-musllinux_1_2_armv7l.whl", hash = "sha256:e90883f9f85288f423c77b3f5a6f4486375636f25f793165112679a7b6363b35", size = 1071042, upload-time = "2025-07-17T14:43:11.57Z" }, + { url = "https://files.pythonhosted.org/packages/10/71/2fb1834c10fab6d9291d62c95192ea2f4c7518bd32ad6c46aab5d095cb87/nh3-0.3.0-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:0649464ac8eee018644aacbc103874ccbfac80e3035643c3acaab4287e36e7f5", size = 995737, upload-time = "2025-07-17T14:43:12.659Z" }, + { url = "https://files.pythonhosted.org/packages/33/c1/8f8ccc2492a000b6156dce68a43253fcff8b4ce70ab4216d08f90a2ac998/nh3-0.3.0-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:1adeb1062a1c2974bc75b8d1ecb014c5fd4daf2df646bbe2831f7c23659793f9", size = 980552, upload-time = "2025-07-17T14:43:13.763Z" }, + { url = "https://files.pythonhosted.org/packages/2f/d6/f1c6e091cbe8700401c736c2bc3980c46dca770a2cf6a3b48a175114058e/nh3-0.3.0-cp313-cp313t-win32.whl", hash = "sha256:7275fdffaab10cc5801bf026e3c089d8de40a997afc9e41b981f7ac48c5aa7d5", size = 593618, upload-time = "2025-07-17T14:43:15.098Z" }, + { url = "https://files.pythonhosted.org/packages/23/1e/80a8c517655dd40bb13363fc4d9e66b2f13245763faab1a20f1df67165a7/nh3-0.3.0-cp313-cp313t-win_amd64.whl", hash = "sha256:423201bbdf3164a9e09aa01e540adbb94c9962cc177d5b1cbb385f5e1e79216e", size = 598948, upload-time = "2025-07-17T14:43:16.064Z" }, + { url = "https://files.pythonhosted.org/packages/9a/e0/af86d2a974c87a4ba7f19bc3b44a8eaa3da480de264138fec82fe17b340b/nh3-0.3.0-cp313-cp313t-win_arm64.whl", hash = "sha256:16f8670201f7e8e0e05ed1a590eb84bfa51b01a69dd5caf1d3ea57733de6a52f", size = 580479, upload-time = "2025-07-17T14:43:17.038Z" }, + { url = "https://files.pythonhosted.org/packages/0c/e0/cf1543e798ba86d838952e8be4cb8d18e22999be2a24b112a671f1c04fd6/nh3-0.3.0-cp38-abi3-macosx_10_12_x86_64.macosx_11_0_arm64.macosx_10_12_universal2.whl", hash = "sha256:ec6cfdd2e0399cb79ba4dcffb2332b94d9696c52272ff9d48a630c5dca5e325a", size = 1442218, upload-time = "2025-07-17T14:43:18.087Z" }, + { url = "https://files.pythonhosted.org/packages/5c/86/a96b1453c107b815f9ab8fac5412407c33cc5c7580a4daf57aabeb41b774/nh3-0.3.0-cp38-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ce5e7185599f89b0e391e2f29cc12dc2e206167380cea49b33beda4891be2fe1", size = 823791, upload-time = "2025-07-17T14:43:19.721Z" }, + { url = "https://files.pythonhosted.org/packages/97/33/11e7273b663839626f714cb68f6eb49899da5a0d9b6bc47b41fe870259c2/nh3-0.3.0-cp38-abi3-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:389d93d59b8214d51c400fb5b07866c2a4f79e4e14b071ad66c92184fec3a392", size = 811143, upload-time = "2025-07-17T14:43:20.779Z" }, + { url = "https://files.pythonhosted.org/packages/6a/1b/b15bd1ce201a1a610aeb44afd478d55ac018b4475920a3118ffd806e2483/nh3-0.3.0-cp38-abi3-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:e9e6a7e4d38f7e8dda9edd1433af5170c597336c1a74b4693c5cb75ab2b30f2a", size = 1064661, upload-time = "2025-07-17T14:43:21.839Z" }, + { url = "https://files.pythonhosted.org/packages/8f/14/079670fb2e848c4ba2476c5a7a2d1319826053f4f0368f61fca9bb4227ae/nh3-0.3.0-cp38-abi3-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:7852f038a054e0096dac12b8141191e02e93e0b4608c4b993ec7d4ffafea4e49", size = 997061, upload-time = "2025-07-17T14:43:23.179Z" }, + { url = "https://files.pythonhosted.org/packages/a3/e5/ac7fc565f5d8bce7f979d1afd68e8cb415020d62fa6507133281c7d49f91/nh3-0.3.0-cp38-abi3-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:af5aa8127f62bbf03d68f67a956627b1bd0469703a35b3dad28d0c1195e6c7fb", size = 924761, upload-time = "2025-07-17T14:43:24.23Z" }, + { url = "https://files.pythonhosted.org/packages/39/2c/6394301428b2017a9d5644af25f487fa557d06bc8a491769accec7524d9a/nh3-0.3.0-cp38-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f416c35efee3e6a6c9ab7716d9e57aa0a49981be915963a82697952cba1353e1", size = 803959, upload-time = "2025-07-17T14:43:26.377Z" }, + { url = "https://files.pythonhosted.org/packages/4e/9a/344b9f9c4bd1c2413a397f38ee6a3d5db30f1a507d4976e046226f12b297/nh3-0.3.0-cp38-abi3-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:37d3003d98dedca6cd762bf88f2e70b67f05100f6b949ffe540e189cc06887f9", size = 844073, upload-time = "2025-07-17T14:43:27.375Z" }, + { url = "https://files.pythonhosted.org/packages/66/3f/cd37f76c8ca277b02a84aa20d7bd60fbac85b4e2cbdae77cb759b22de58b/nh3-0.3.0-cp38-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:634e34e6162e0408e14fb61d5e69dbaea32f59e847cfcfa41b66100a6b796f62", size = 1000680, upload-time = "2025-07-17T14:43:28.452Z" }, + { url = "https://files.pythonhosted.org/packages/ee/db/7aa11b44bae4e7474feb1201d8dee04fabe5651c7cb51409ebda94a4ed67/nh3-0.3.0-cp38-abi3-musllinux_1_2_armv7l.whl", hash = "sha256:b0612ccf5de8a480cf08f047b08f9d3fecc12e63d2ee91769cb19d7290614c23", size = 1076613, upload-time = "2025-07-17T14:43:30.031Z" }, + { url = "https://files.pythonhosted.org/packages/97/03/03f79f7e5178eb1ad5083af84faff471e866801beb980cc72943a4397368/nh3-0.3.0-cp38-abi3-musllinux_1_2_i686.whl", hash = "sha256:c7a32a7f0d89f7d30cb8f4a84bdbd56d1eb88b78a2434534f62c71dac538c450", size = 1001418, upload-time = "2025-07-17T14:43:31.429Z" }, + { url = "https://files.pythonhosted.org/packages/ce/55/1974bcc16884a397ee699cebd3914e1f59be64ab305533347ca2d983756f/nh3-0.3.0-cp38-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:3f1b4f8a264a0c86ea01da0d0c390fe295ea0bcacc52c2103aca286f6884f518", size = 986499, upload-time = "2025-07-17T14:43:32.459Z" }, + { url = "https://files.pythonhosted.org/packages/c9/50/76936ec021fe1f3270c03278b8af5f2079038116b5d0bfe8538ffe699d69/nh3-0.3.0-cp38-abi3-win32.whl", hash = "sha256:6d68fa277b4a3cf04e5c4b84dd0c6149ff7d56c12b3e3fab304c525b850f613d", size = 599000, upload-time = "2025-07-17T14:43:33.852Z" }, + { url = "https://files.pythonhosted.org/packages/8c/ae/324b165d904dc1672eee5f5661c0a68d4bab5b59fbb07afb6d8d19a30b45/nh3-0.3.0-cp38-abi3-win_amd64.whl", hash = "sha256:bae63772408fd63ad836ec569a7c8f444dd32863d0c67f6e0b25ebbd606afa95", size = 604530, upload-time = "2025-07-17T14:43:34.95Z" }, + { url = "https://files.pythonhosted.org/packages/5b/76/3165e84e5266d146d967a6cc784ff2fbf6ddd00985a55ec006b72bc39d5d/nh3-0.3.0-cp38-abi3-win_arm64.whl", hash = "sha256:d97d3efd61404af7e5721a0e74d81cdbfc6e5f97e11e731bb6d090e30a7b62b2", size = 585971, upload-time = "2025-07-17T14:43:35.936Z" }, +] + +[[package]] +name = "nodeenv" +version = "1.9.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/43/16/fc88b08840de0e0a72a2f9d8c6bae36be573e475a6326ae854bcc549fc45/nodeenv-1.9.1.tar.gz", hash = "sha256:6ec12890a2dab7946721edbfbcd91f3319c6ccc9aec47be7c7e6b7011ee6645f", size = 47437, upload-time = "2024-06-04T18:44:11.171Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/d2/1d/1b658dbd2b9fa9c4c9f32accbfc0205d532c8c6194dc0f2a4c0428e7128a/nodeenv-1.9.1-py2.py3-none-any.whl", hash = "sha256:ba11c9782d29c27c70ffbdda2d7415098754709be8a7056d79a737cd901155c9", size = 22314, upload-time = "2024-06-04T18:44:08.352Z" }, +] + +[[package]] +name = "packaging" +version = "25.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/a1/d4/1fc4078c65507b51b96ca8f8c3ba19e6a61c8253c72794544580a7b6c24d/packaging-25.0.tar.gz", hash = "sha256:d443872c98d677bf60f6a1f2f8c1cb748e8fe762d2bf9d3148b5599295b0fc4f", size = 165727, upload-time = "2025-04-19T11:48:59.673Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/20/12/38679034af332785aac8774540895e234f4d07f7545804097de4b666afd8/packaging-25.0-py3-none-any.whl", hash = "sha256:29572ef2b1f17581046b3a2227d5c611fb25ec70ca1ba8554b24b0e69331a484", size = 66469, upload-time = "2025-04-19T11:48:57.875Z" }, +] + +[[package]] +name = "pathspec" +version = "0.12.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/ca/bc/f35b8446f4531a7cb215605d100cd88b7ac6f44ab3fc94870c120ab3adbf/pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712", size = 51043, upload-time = "2023-12-10T22:30:45Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/cc/20/ff623b09d963f88bfde16306a54e12ee5ea43e9b597108672ff3a408aad6/pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08", size = 31191, upload-time = "2023-12-10T22:30:43.14Z" }, +] + +[[package]] +name = "pexpect" +version = "4.9.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "ptyprocess" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/42/92/cc564bf6381ff43ce1f4d06852fc19a2f11d180f23dc32d9588bee2f149d/pexpect-4.9.0.tar.gz", hash = "sha256:ee7d41123f3c9911050ea2c2dac107568dc43b2d3b0c7557a33212c398ead30f", size = 166450, upload-time = "2023-11-25T09:07:26.339Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/9e/c3/059298687310d527a58bb01f3b1965787ee3b40dce76752eda8b44e9a2c5/pexpect-4.9.0-py2.py3-none-any.whl", hash = "sha256:7236d1e080e4936be2dc3e326cec0af72acf9212a7e1d060210e70a47e253523", size = 63772, upload-time = "2023-11-25T06:56:14.81Z" }, +] + +[[package]] +name = "platformdirs" +version = "4.3.8" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/fe/8b/3c73abc9c759ecd3f1f7ceff6685840859e8070c4d947c93fae71f6a0bf2/platformdirs-4.3.8.tar.gz", hash = "sha256:3d512d96e16bcb959a814c9f348431070822a6496326a4be0911c40b5a74c2bc", size = 21362, upload-time = "2025-05-07T22:47:42.121Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/fe/39/979e8e21520d4e47a0bbe349e2713c0aac6f3d853d0e5b34d76206c439aa/platformdirs-4.3.8-py3-none-any.whl", hash = "sha256:ff7059bb7eb1179e2685604f4aaf157cfd9535242bd23742eadc3c13542139b4", size = 18567, upload-time = "2025-05-07T22:47:40.376Z" }, +] + +[[package]] +name = "pluggy" +version = "1.6.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/f9/e2/3e91f31a7d2b083fe6ef3fa267035b518369d9511ffab804f839851d2779/pluggy-1.6.0.tar.gz", hash = "sha256:7dcc130b76258d33b90f61b658791dede3486c3e6bfb003ee5c9bfb396dd22f3", size = 69412, upload-time = "2025-05-15T12:30:07.975Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/54/20/4d324d65cc6d9205fabedc306948156824eb9f0ee1633355a8f7ec5c66bf/pluggy-1.6.0-py3-none-any.whl", hash = "sha256:e920276dd6813095e9377c0bc5566d94c932c33b27a3e3945d8389c374dd4746", size = 20538, upload-time = "2025-05-15T12:30:06.134Z" }, +] + +[[package]] +name = "pre-commit" +version = "4.3.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "cfgv" }, + { name = "identify" }, + { name = "nodeenv" }, + { name = "pyyaml" }, + { name = "virtualenv" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/ff/29/7cf5bbc236333876e4b41f56e06857a87937ce4bf91e117a6991a2dbb02a/pre_commit-4.3.0.tar.gz", hash = "sha256:499fe450cc9d42e9d58e606262795ecb64dd05438943c62b66f6a8673da30b16", size = 193792, upload-time = "2025-08-09T18:56:14.651Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/5b/a5/987a405322d78a73b66e39e4a90e4ef156fd7141bf71df987e50717c321b/pre_commit-4.3.0-py2.py3-none-any.whl", hash = "sha256:2b0747ad7e6e967169136edffee14c16e148a778a54e4f967921aa1ebf2308d8", size = 220965, upload-time = "2025-08-09T18:56:13.192Z" }, +] + +[[package]] +name = "prettytable" +version = "3.16.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "wcwidth" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/99/b1/85e18ac92afd08c533603e3393977b6bc1443043115a47bb094f3b98f94f/prettytable-3.16.0.tar.gz", hash = "sha256:3c64b31719d961bf69c9a7e03d0c1e477320906a98da63952bc6698d6164ff57", size = 66276, upload-time = "2025-03-24T19:39:04.008Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/02/c7/5613524e606ea1688b3bdbf48aa64bafb6d0a4ac3750274c43b6158a390f/prettytable-3.16.0-py3-none-any.whl", hash = "sha256:b5eccfabb82222f5aa46b798ff02a8452cf530a352c31bddfa29be41242863aa", size = 33863, upload-time = "2025-03-24T19:39:02.359Z" }, +] + +[[package]] +name = "ptyprocess" +version = "0.7.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/20/e5/16ff212c1e452235a90aeb09066144d0c5a6a8c0834397e03f5224495c4e/ptyprocess-0.7.0.tar.gz", hash = "sha256:5c5d0a3b48ceee0b48485e0c26037c0acd7d29765ca3fbb5cb3831d347423220", size = 70762, upload-time = "2020-12-28T15:15:30.155Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/22/a6/858897256d0deac81a172289110f31629fc4cee19b6f01283303e18c8db3/ptyprocess-0.7.0-py2.py3-none-any.whl", hash = "sha256:4b41f3967fce3af57cc7e94b888626c18bf37a083e3651ca8feeb66d492fef35", size = 13993, upload-time = "2020-12-28T15:15:28.35Z" }, +] + +[[package]] +name = "pycparser" +version = "2.22" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/1d/b2/31537cf4b1ca988837256c910a668b553fceb8f069bedc4b1c826024b52c/pycparser-2.22.tar.gz", hash = "sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6", size = 172736, upload-time = "2024-03-30T13:22:22.564Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/13/a3/a812df4e2dd5696d1f351d58b8fe16a405b234ad2886a0dab9183fb78109/pycparser-2.22-py3-none-any.whl", hash = "sha256:c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc", size = 117552, upload-time = "2024-03-30T13:22:20.476Z" }, +] + +[[package]] +name = "pygments" +version = "2.19.2" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/b0/77/a5b8c569bf593b0140bde72ea885a803b82086995367bf2037de0159d924/pygments-2.19.2.tar.gz", hash = "sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887", size = 4968631, upload-time = "2025-06-21T13:39:12.283Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/c7/21/705964c7812476f378728bdf590ca4b771ec72385c533964653c68e86bdc/pygments-2.19.2-py3-none-any.whl", hash = "sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b", size = 1225217, upload-time = "2025-06-21T13:39:07.939Z" }, +] + +[[package]] +name = "pytest" +version = "8.4.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "colorama", marker = "sys_platform == 'win32'" }, + { name = "exceptiongroup", marker = "python_full_version < '3.11'" }, + { name = "iniconfig" }, + { name = "packaging" }, + { name = "pluggy" }, + { name = "pygments" }, + { name = "tomli", marker = "python_full_version < '3.11'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/08/ba/45911d754e8eba3d5a841a5ce61a65a685ff1798421ac054f85aa8747dfb/pytest-8.4.1.tar.gz", hash = "sha256:7c67fd69174877359ed9371ec3af8a3d2b04741818c51e5e99cc1742251fa93c", size = 1517714, upload-time = "2025-06-18T05:48:06.109Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/29/16/c8a903f4c4dffe7a12843191437d7cd8e32751d5de349d45d3fe69544e87/pytest-8.4.1-py3-none-any.whl", hash = "sha256:539c70ba6fcead8e78eebbf1115e8b589e7565830d7d006a8723f19ac8a0afb7", size = 365474, upload-time = "2025-06-18T05:48:03.955Z" }, +] + +[[package]] +name = "pytest-asyncio" +version = "1.1.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "backports-asyncio-runner", marker = "python_full_version < '3.11'" }, + { name = "pytest" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/4e/51/f8794af39eeb870e87a8c8068642fc07bce0c854d6865d7dd0f2a9d338c2/pytest_asyncio-1.1.0.tar.gz", hash = "sha256:796aa822981e01b68c12e4827b8697108f7205020f24b5793b3c41555dab68ea", size = 46652, upload-time = "2025-07-16T04:29:26.393Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/c7/9d/bf86eddabf8c6c9cb1ea9a869d6873b46f105a5d292d3a6f7071f5b07935/pytest_asyncio-1.1.0-py3-none-any.whl", hash = "sha256:5fe2d69607b0bd75c656d1211f969cadba035030156745ee09e7d71740e58ecf", size = 15157, upload-time = "2025-07-16T04:29:24.929Z" }, +] + +[[package]] +name = "pytest-cov" +version = "6.2.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "coverage", extra = ["toml"] }, + { name = "pluggy" }, + { name = "pytest" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/18/99/668cade231f434aaa59bbfbf49469068d2ddd945000621d3d165d2e7dd7b/pytest_cov-6.2.1.tar.gz", hash = "sha256:25cc6cc0a5358204b8108ecedc51a9b57b34cc6b8c967cc2c01a4e00d8a67da2", size = 69432, upload-time = "2025-06-12T10:47:47.684Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/bc/16/4ea354101abb1287856baa4af2732be351c7bee728065aed451b678153fd/pytest_cov-6.2.1-py3-none-any.whl", hash = "sha256:f5bc4c23f42f1cdd23c70b1dab1bbaef4fc505ba950d53e0081d0730dd7e86d5", size = 24644, upload-time = "2025-06-12T10:47:45.932Z" }, +] + +[[package]] +name = "pytest-mock" +version = "3.14.1" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "pytest" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/71/28/67172c96ba684058a4d24ffe144d64783d2a270d0af0d9e792737bddc75c/pytest_mock-3.14.1.tar.gz", hash = "sha256:159e9edac4c451ce77a5cdb9fc5d1100708d2dd4ba3c3df572f14097351af80e", size = 33241, upload-time = "2025-05-26T13:58:45.167Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b2/05/77b60e520511c53d1c1ca75f1930c7dd8e971d0c4379b7f4b3f9644685ba/pytest_mock-3.14.1-py3-none-any.whl", hash = "sha256:178aefcd11307d874b4cd3100344e7e2d888d9791a6a1d9bfe90fbc1b74fd1d0", size = 9923, upload-time = "2025-05-26T13:58:43.487Z" }, +] + +[[package]] +name = "pytest-watch" +version = "4.2.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "colorama" }, + { name = "docopt" }, + { name = "pytest" }, + { name = "watchdog" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/36/47/ab65fc1d682befc318c439940f81a0de1026048479f732e84fe714cd69c0/pytest-watch-4.2.0.tar.gz", hash = "sha256:06136f03d5b361718b8d0d234042f7b2f203910d8568f63df2f866b547b3d4b9", size = 16340, upload-time = "2018-05-20T19:52:16.194Z" } + +[[package]] +name = "python-dotenv" +version = "1.1.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/f6/b0/4bc07ccd3572a2f9df7e6782f52b0c6c90dcbb803ac4a167702d7d0dfe1e/python_dotenv-1.1.1.tar.gz", hash = "sha256:a8a6399716257f45be6a007360200409fce5cda2661e3dec71d23dc15f6189ab", size = 41978, upload-time = "2025-06-24T04:21:07.341Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/5f/ed/539768cf28c661b5b068d66d96a2f155c4971a5d55684a514c1a0e0dec2f/python_dotenv-1.1.1-py3-none-any.whl", hash = "sha256:31f23644fe2602f88ff55e1f5c79ba497e01224ee7737937930c448e4d0e24dc", size = 20556, upload-time = "2025-06-24T04:21:06.073Z" }, +] + +[[package]] +name = "pywin32-ctypes" +version = "0.2.3" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/85/9f/01a1a99704853cb63f253eea009390c88e7131c67e66a0a02099a8c917cb/pywin32-ctypes-0.2.3.tar.gz", hash = "sha256:d162dc04946d704503b2edc4d55f3dba5c1d539ead017afa00142c38b9885755", size = 29471, upload-time = "2024-08-14T10:15:34.626Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/de/3d/8161f7711c017e01ac9f008dfddd9410dff3674334c233bde66e7ba65bbf/pywin32_ctypes-0.2.3-py3-none-any.whl", hash = "sha256:8a1513379d709975552d202d942d9837758905c8d01eb82b8bcc30918929e7b8", size = 30756, upload-time = "2024-08-14T10:15:33.187Z" }, +] + +[[package]] +name = "pyyaml" +version = "6.0.2" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/54/ed/79a089b6be93607fa5cdaedf301d7dfb23af5f25c398d5ead2525b063e17/pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e", size = 130631, upload-time = "2024-08-06T20:33:50.674Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/9b/95/a3fac87cb7158e231b5a6012e438c647e1a87f09f8e0d123acec8ab8bf71/PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086", size = 184199, upload-time = "2024-08-06T20:31:40.178Z" }, + { url = "https://files.pythonhosted.org/packages/c7/7a/68bd47624dab8fd4afbfd3c48e3b79efe09098ae941de5b58abcbadff5cb/PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf", size = 171758, upload-time = "2024-08-06T20:31:42.173Z" }, + { url = "https://files.pythonhosted.org/packages/49/ee/14c54df452143b9ee9f0f29074d7ca5516a36edb0b4cc40c3f280131656f/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237", size = 718463, upload-time = "2024-08-06T20:31:44.263Z" }, + { url = "https://files.pythonhosted.org/packages/4d/61/de363a97476e766574650d742205be468921a7b532aa2499fcd886b62530/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b", size = 719280, upload-time = "2024-08-06T20:31:50.199Z" }, + { url = "https://files.pythonhosted.org/packages/6b/4e/1523cb902fd98355e2e9ea5e5eb237cbc5f3ad5f3075fa65087aa0ecb669/PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed", size = 751239, upload-time = "2024-08-06T20:31:52.292Z" }, + { url = "https://files.pythonhosted.org/packages/b7/33/5504b3a9a4464893c32f118a9cc045190a91637b119a9c881da1cf6b7a72/PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180", size = 695802, upload-time = "2024-08-06T20:31:53.836Z" }, + { url = "https://files.pythonhosted.org/packages/5c/20/8347dcabd41ef3a3cdc4f7b7a2aff3d06598c8779faa189cdbf878b626a4/PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68", size = 720527, upload-time = "2024-08-06T20:31:55.565Z" }, + { url = "https://files.pythonhosted.org/packages/be/aa/5afe99233fb360d0ff37377145a949ae258aaab831bde4792b32650a4378/PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99", size = 144052, upload-time = "2024-08-06T20:31:56.914Z" }, + { url = "https://files.pythonhosted.org/packages/b5/84/0fa4b06f6d6c958d207620fc60005e241ecedceee58931bb20138e1e5776/PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e", size = 161774, upload-time = "2024-08-06T20:31:58.304Z" }, + { url = "https://files.pythonhosted.org/packages/f8/aa/7af4e81f7acba21a4c6be026da38fd2b872ca46226673c89a758ebdc4fd2/PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774", size = 184612, upload-time = "2024-08-06T20:32:03.408Z" }, + { url = "https://files.pythonhosted.org/packages/8b/62/b9faa998fd185f65c1371643678e4d58254add437edb764a08c5a98fb986/PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee", size = 172040, upload-time = "2024-08-06T20:32:04.926Z" }, + { url = "https://files.pythonhosted.org/packages/ad/0c/c804f5f922a9a6563bab712d8dcc70251e8af811fce4524d57c2c0fd49a4/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c", size = 736829, upload-time = "2024-08-06T20:32:06.459Z" }, + { url = "https://files.pythonhosted.org/packages/51/16/6af8d6a6b210c8e54f1406a6b9481febf9c64a3109c541567e35a49aa2e7/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317", size = 764167, upload-time = "2024-08-06T20:32:08.338Z" }, + { url = "https://files.pythonhosted.org/packages/75/e4/2c27590dfc9992f73aabbeb9241ae20220bd9452df27483b6e56d3975cc5/PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85", size = 762952, upload-time = "2024-08-06T20:32:14.124Z" }, + { url = "https://files.pythonhosted.org/packages/9b/97/ecc1abf4a823f5ac61941a9c00fe501b02ac3ab0e373c3857f7d4b83e2b6/PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4", size = 735301, upload-time = "2024-08-06T20:32:16.17Z" }, + { url = "https://files.pythonhosted.org/packages/45/73/0f49dacd6e82c9430e46f4a027baa4ca205e8b0a9dce1397f44edc23559d/PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e", size = 756638, upload-time = "2024-08-06T20:32:18.555Z" }, + { url = "https://files.pythonhosted.org/packages/22/5f/956f0f9fc65223a58fbc14459bf34b4cc48dec52e00535c79b8db361aabd/PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5", size = 143850, upload-time = "2024-08-06T20:32:19.889Z" }, + { url = "https://files.pythonhosted.org/packages/ed/23/8da0bbe2ab9dcdd11f4f4557ccaf95c10b9811b13ecced089d43ce59c3c8/PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44", size = 161980, upload-time = "2024-08-06T20:32:21.273Z" }, + { url = "https://files.pythonhosted.org/packages/86/0c/c581167fc46d6d6d7ddcfb8c843a4de25bdd27e4466938109ca68492292c/PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab", size = 183873, upload-time = "2024-08-06T20:32:25.131Z" }, + { url = "https://files.pythonhosted.org/packages/a8/0c/38374f5bb272c051e2a69281d71cba6fdb983413e6758b84482905e29a5d/PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725", size = 173302, upload-time = "2024-08-06T20:32:26.511Z" }, + { url = "https://files.pythonhosted.org/packages/c3/93/9916574aa8c00aa06bbac729972eb1071d002b8e158bd0e83a3b9a20a1f7/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5", size = 739154, upload-time = "2024-08-06T20:32:28.363Z" }, + { url = "https://files.pythonhosted.org/packages/95/0f/b8938f1cbd09739c6da569d172531567dbcc9789e0029aa070856f123984/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425", size = 766223, upload-time = "2024-08-06T20:32:30.058Z" }, + { url = "https://files.pythonhosted.org/packages/b9/2b/614b4752f2e127db5cc206abc23a8c19678e92b23c3db30fc86ab731d3bd/PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476", size = 767542, upload-time = "2024-08-06T20:32:31.881Z" }, + { url = "https://files.pythonhosted.org/packages/d4/00/dd137d5bcc7efea1836d6264f049359861cf548469d18da90cd8216cf05f/PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48", size = 731164, upload-time = "2024-08-06T20:32:37.083Z" }, + { url = "https://files.pythonhosted.org/packages/c9/1f/4f998c900485e5c0ef43838363ba4a9723ac0ad73a9dc42068b12aaba4e4/PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b", size = 756611, upload-time = "2024-08-06T20:32:38.898Z" }, + { url = "https://files.pythonhosted.org/packages/df/d1/f5a275fdb252768b7a11ec63585bc38d0e87c9e05668a139fea92b80634c/PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4", size = 140591, upload-time = "2024-08-06T20:32:40.241Z" }, + { url = "https://files.pythonhosted.org/packages/0c/e8/4f648c598b17c3d06e8753d7d13d57542b30d56e6c2dedf9c331ae56312e/PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8", size = 156338, upload-time = "2024-08-06T20:32:41.93Z" }, + { url = "https://files.pythonhosted.org/packages/ef/e3/3af305b830494fa85d95f6d95ef7fa73f2ee1cc8ef5b495c7c3269fb835f/PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba", size = 181309, upload-time = "2024-08-06T20:32:43.4Z" }, + { url = "https://files.pythonhosted.org/packages/45/9f/3b1c20a0b7a3200524eb0076cc027a970d320bd3a6592873c85c92a08731/PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1", size = 171679, upload-time = "2024-08-06T20:32:44.801Z" }, + { url = "https://files.pythonhosted.org/packages/7c/9a/337322f27005c33bcb656c655fa78325b730324c78620e8328ae28b64d0c/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133", size = 733428, upload-time = "2024-08-06T20:32:46.432Z" }, + { url = "https://files.pythonhosted.org/packages/a3/69/864fbe19e6c18ea3cc196cbe5d392175b4cf3d5d0ac1403ec3f2d237ebb5/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484", size = 763361, upload-time = "2024-08-06T20:32:51.188Z" }, + { url = "https://files.pythonhosted.org/packages/04/24/b7721e4845c2f162d26f50521b825fb061bc0a5afcf9a386840f23ea19fa/PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5", size = 759523, upload-time = "2024-08-06T20:32:53.019Z" }, + { url = "https://files.pythonhosted.org/packages/2b/b2/e3234f59ba06559c6ff63c4e10baea10e5e7df868092bf9ab40e5b9c56b6/PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc", size = 726660, upload-time = "2024-08-06T20:32:54.708Z" }, + { url = "https://files.pythonhosted.org/packages/fe/0f/25911a9f080464c59fab9027482f822b86bf0608957a5fcc6eaac85aa515/PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652", size = 751597, upload-time = "2024-08-06T20:32:56.985Z" }, + { url = "https://files.pythonhosted.org/packages/14/0d/e2c3b43bbce3cf6bd97c840b46088a3031085179e596d4929729d8d68270/PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183", size = 140527, upload-time = "2024-08-06T20:33:03.001Z" }, + { url = "https://files.pythonhosted.org/packages/fa/de/02b54f42487e3d3c6efb3f89428677074ca7bf43aae402517bc7cca949f3/PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563", size = 156446, upload-time = "2024-08-06T20:33:04.33Z" }, +] + +[[package]] +name = "readme-renderer" +version = "44.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "docutils" }, + { name = "nh3" }, + { name = "pygments" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/5a/a9/104ec9234c8448c4379768221ea6df01260cd6c2ce13182d4eac531c8342/readme_renderer-44.0.tar.gz", hash = "sha256:8712034eabbfa6805cacf1402b4eeb2a73028f72d1166d6f5cb7f9c047c5d1e1", size = 32056, upload-time = "2024-07-08T15:00:57.805Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/e1/67/921ec3024056483db83953ae8e48079ad62b92db7880013ca77632921dd0/readme_renderer-44.0-py3-none-any.whl", hash = "sha256:2fbca89b81a08526aadf1357a8c2ae889ec05fb03f5da67f9769c9a592166151", size = 13310, upload-time = "2024-07-08T15:00:56.577Z" }, +] + +[[package]] +name = "requests" +version = "2.32.5" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "certifi" }, + { name = "charset-normalizer" }, + { name = "idna" }, + { name = "urllib3" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/c9/74/b3ff8e6c8446842c3f5c837e9c3dfcfe2018ea6ecef224c710c85ef728f4/requests-2.32.5.tar.gz", hash = "sha256:dbba0bac56e100853db0ea71b82b4dfd5fe2bf6d3754a8893c3af500cec7d7cf", size = 134517, upload-time = "2025-08-18T20:46:02.573Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/1e/db/4254e3eabe8020b458f1a747140d32277ec7a271daf1d235b70dc0b4e6e3/requests-2.32.5-py3-none-any.whl", hash = "sha256:2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6", size = 64738, upload-time = "2025-08-18T20:46:00.542Z" }, +] + +[[package]] +name = "requests-toolbelt" +version = "1.0.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "requests" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/f3/61/d7545dafb7ac2230c70d38d31cbfe4cc64f7144dc41f6e4e4b78ecd9f5bb/requests-toolbelt-1.0.0.tar.gz", hash = "sha256:7681a0a3d047012b5bdc0ee37d7f8f07ebe76ab08caeccfc3921ce23c88d5bc6", size = 206888, upload-time = "2023-05-01T04:11:33.229Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/3f/51/d4db610ef29373b879047326cbf6fa98b6c1969d6f6dc423279de2b1be2c/requests_toolbelt-1.0.0-py2.py3-none-any.whl", hash = "sha256:cccfdd665f0a24fcf4726e690f65639d272bb0637b9b92dfd91a5568ccf6bd06", size = 54481, upload-time = "2023-05-01T04:11:28.427Z" }, +] + +[[package]] +name = "rfc3986" +version = "2.0.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/85/40/1520d68bfa07ab5a6f065a186815fb6610c86fe957bc065754e47f7b0840/rfc3986-2.0.0.tar.gz", hash = "sha256:97aacf9dbd4bfd829baad6e6309fa6573aaf1be3f6fa735c8ab05e46cecb261c", size = 49026, upload-time = "2022-01-10T00:52:30.832Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/ff/9a/9afaade874b2fa6c752c36f1548f718b5b83af81ed9b76628329dab81c1b/rfc3986-2.0.0-py2.py3-none-any.whl", hash = "sha256:50b1502b60e289cb37883f3dfd34532b8873c7de9f49bb546641ce9cbd256ebd", size = 31326, upload-time = "2022-01-10T00:52:29.594Z" }, +] + +[[package]] +name = "rich" +version = "14.1.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "markdown-it-py" }, + { name = "pygments" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/fe/75/af448d8e52bf1d8fa6a9d089ca6c07ff4453d86c65c145d0a300bb073b9b/rich-14.1.0.tar.gz", hash = "sha256:e497a48b844b0320d45007cdebfeaeed8db2a4f4bcf49f15e455cfc4af11eaa8", size = 224441, upload-time = "2025-07-25T07:32:58.125Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/e3/30/3c4d035596d3cf444529e0b2953ad0466f6049528a879d27534700580395/rich-14.1.0-py3-none-any.whl", hash = "sha256:536f5f1785986d6dbdea3c75205c473f970777b4a0d6c6dd1b696aa05a3fa04f", size = 243368, upload-time = "2025-07-25T07:32:56.73Z" }, +] + +[[package]] +name = "ruff" +version = "0.12.10" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/3b/eb/8c073deb376e46ae767f4961390d17545e8535921d2f65101720ed8bd434/ruff-0.12.10.tar.gz", hash = "sha256:189ab65149d11ea69a2d775343adf5f49bb2426fc4780f65ee33b423ad2e47f9", size = 5310076, upload-time = "2025-08-21T18:23:22.595Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/24/e7/560d049d15585d6c201f9eeacd2fd130def3741323e5ccf123786e0e3c95/ruff-0.12.10-py3-none-linux_armv6l.whl", hash = "sha256:8b593cb0fb55cc8692dac7b06deb29afda78c721c7ccfed22db941201b7b8f7b", size = 11935161, upload-time = "2025-08-21T18:22:26.965Z" }, + { url = "https://files.pythonhosted.org/packages/d1/b0/ad2464922a1113c365d12b8f80ed70fcfb39764288ac77c995156080488d/ruff-0.12.10-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:ebb7333a45d56efc7c110a46a69a1b32365d5c5161e7244aaf3aa20ce62399c1", size = 12660884, upload-time = "2025-08-21T18:22:30.925Z" }, + { url = "https://files.pythonhosted.org/packages/d7/f1/97f509b4108d7bae16c48389f54f005b62ce86712120fd8b2d8e88a7cb49/ruff-0.12.10-py3-none-macosx_11_0_arm64.whl", hash = "sha256:d59e58586829f8e4a9920788f6efba97a13d1fa320b047814e8afede381c6839", size = 11872754, upload-time = "2025-08-21T18:22:34.035Z" }, + { url = "https://files.pythonhosted.org/packages/12/ad/44f606d243f744a75adc432275217296095101f83f966842063d78eee2d3/ruff-0.12.10-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:822d9677b560f1fdeab69b89d1f444bf5459da4aa04e06e766cf0121771ab844", size = 12092276, upload-time = "2025-08-21T18:22:36.764Z" }, + { url = "https://files.pythonhosted.org/packages/06/1f/ed6c265e199568010197909b25c896d66e4ef2c5e1c3808caf461f6f3579/ruff-0.12.10-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:37b4a64f4062a50c75019c61c7017ff598cb444984b638511f48539d3a1c98db", size = 11734700, upload-time = "2025-08-21T18:22:39.822Z" }, + { url = "https://files.pythonhosted.org/packages/63/c5/b21cde720f54a1d1db71538c0bc9b73dee4b563a7dd7d2e404914904d7f5/ruff-0.12.10-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2c6f4064c69d2542029b2a61d39920c85240c39837599d7f2e32e80d36401d6e", size = 13468783, upload-time = "2025-08-21T18:22:42.559Z" }, + { url = "https://files.pythonhosted.org/packages/02/9e/39369e6ac7f2a1848f22fb0b00b690492f20811a1ac5c1fd1d2798329263/ruff-0.12.10-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:059e863ea3a9ade41407ad71c1de2badfbe01539117f38f763ba42a1206f7559", size = 14436642, upload-time = "2025-08-21T18:22:45.612Z" }, + { url = "https://files.pythonhosted.org/packages/e3/03/5da8cad4b0d5242a936eb203b58318016db44f5c5d351b07e3f5e211bb89/ruff-0.12.10-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1bef6161e297c68908b7218fa6e0e93e99a286e5ed9653d4be71e687dff101cf", size = 13859107, upload-time = "2025-08-21T18:22:48.886Z" }, + { url = "https://files.pythonhosted.org/packages/19/19/dd7273b69bf7f93a070c9cec9494a94048325ad18fdcf50114f07e6bf417/ruff-0.12.10-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4f1345fbf8fb0531cd722285b5f15af49b2932742fc96b633e883da8d841896b", size = 12886521, upload-time = "2025-08-21T18:22:51.567Z" }, + { url = "https://files.pythonhosted.org/packages/c0/1d/b4207ec35e7babaee62c462769e77457e26eb853fbdc877af29417033333/ruff-0.12.10-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1f68433c4fbc63efbfa3ba5db31727db229fa4e61000f452c540474b03de52a9", size = 13097528, upload-time = "2025-08-21T18:22:54.609Z" }, + { url = "https://files.pythonhosted.org/packages/ff/00/58f7b873b21114456e880b75176af3490d7a2836033779ca42f50de3b47a/ruff-0.12.10-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:141ce3d88803c625257b8a6debf4a0473eb6eed9643a6189b68838b43e78165a", size = 13080443, upload-time = "2025-08-21T18:22:57.413Z" }, + { url = "https://files.pythonhosted.org/packages/12/8c/9e6660007fb10189ccb78a02b41691288038e51e4788bf49b0a60f740604/ruff-0.12.10-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:f3fc21178cd44c98142ae7590f42ddcb587b8e09a3b849cbc84edb62ee95de60", size = 11896759, upload-time = "2025-08-21T18:23:00.473Z" }, + { url = "https://files.pythonhosted.org/packages/67/4c/6d092bb99ea9ea6ebda817a0e7ad886f42a58b4501a7e27cd97371d0ba54/ruff-0.12.10-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:7d1a4e0bdfafcd2e3e235ecf50bf0176f74dd37902f241588ae1f6c827a36c56", size = 11701463, upload-time = "2025-08-21T18:23:03.211Z" }, + { url = "https://files.pythonhosted.org/packages/59/80/d982c55e91df981f3ab62559371380616c57ffd0172d96850280c2b04fa8/ruff-0.12.10-py3-none-musllinux_1_2_i686.whl", hash = "sha256:e67d96827854f50b9e3e8327b031647e7bcc090dbe7bb11101a81a3a2cbf1cc9", size = 12691603, upload-time = "2025-08-21T18:23:06.935Z" }, + { url = "https://files.pythonhosted.org/packages/ad/37/63a9c788bbe0b0850611669ec6b8589838faf2f4f959647f2d3e320383ae/ruff-0.12.10-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:ae479e1a18b439c59138f066ae79cc0f3ee250712a873d00dbafadaad9481e5b", size = 13164356, upload-time = "2025-08-21T18:23:10.225Z" }, + { url = "https://files.pythonhosted.org/packages/47/d4/1aaa7fb201a74181989970ebccd12f88c0fc074777027e2a21de5a90657e/ruff-0.12.10-py3-none-win32.whl", hash = "sha256:9de785e95dc2f09846c5e6e1d3a3d32ecd0b283a979898ad427a9be7be22b266", size = 11896089, upload-time = "2025-08-21T18:23:14.232Z" }, + { url = "https://files.pythonhosted.org/packages/ad/14/2ad38fd4037daab9e023456a4a40ed0154e9971f8d6aed41bdea390aabd9/ruff-0.12.10-py3-none-win_amd64.whl", hash = "sha256:7837eca8787f076f67aba2ca559cefd9c5cbc3a9852fd66186f4201b87c1563e", size = 13004616, upload-time = "2025-08-21T18:23:17.422Z" }, + { url = "https://files.pythonhosted.org/packages/24/3c/21cf283d67af33a8e6ed242396863af195a8a6134ec581524fd22b9811b6/ruff-0.12.10-py3-none-win_arm64.whl", hash = "sha256:cc138cc06ed9d4bfa9d667a65af7172b47840e1a98b02ce7011c391e54635ffc", size = 12074225, upload-time = "2025-08-21T18:23:20.137Z" }, +] + +[[package]] +name = "secretstorage" +version = "3.3.3" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "cryptography" }, + { name = "jeepney" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/53/a4/f48c9d79cb507ed1373477dbceaba7401fd8a23af63b837fa61f1dcd3691/SecretStorage-3.3.3.tar.gz", hash = "sha256:2403533ef369eca6d2ba81718576c5e0f564d5cca1b58f73a8b23e7d4eeebd77", size = 19739, upload-time = "2022-08-13T16:22:46.976Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/54/24/b4293291fa1dd830f353d2cb163295742fa87f179fcc8a20a306a81978b7/SecretStorage-3.3.3-py3-none-any.whl", hash = "sha256:f356e6628222568e3af06f2eba8df495efa13b3b63081dafd4f7d9a7b7bc9f99", size = 15221, upload-time = "2022-08-13T16:22:44.457Z" }, +] + +[[package]] +name = "shellingham" +version = "1.5.4" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/58/15/8b3609fd3830ef7b27b655beb4b4e9c62313a4e8da8c676e142cc210d58e/shellingham-1.5.4.tar.gz", hash = "sha256:8dbca0739d487e5bd35ab3ca4b36e11c4078f3a234bfce294b0a0291363404de", size = 10310, upload-time = "2023-10-24T04:13:40.426Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/e0/f9/0595336914c5619e5f28a1fb793285925a8cd4b432c9da0a987836c7f822/shellingham-1.5.4-py2.py3-none-any.whl", hash = "sha256:7ecfff8f2fd72616f7481040475a65b2bf8af90a56c89140852d1120324e8686", size = 9755, upload-time = "2023-10-24T04:13:38.866Z" }, +] + +[[package]] +name = "smmap" +version = "5.0.2" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/44/cd/a040c4b3119bbe532e5b0732286f805445375489fceaec1f48306068ee3b/smmap-5.0.2.tar.gz", hash = "sha256:26ea65a03958fa0c8a1c7e8c7a58fdc77221b8910f6be2131affade476898ad5", size = 22329, upload-time = "2025-01-02T07:14:40.909Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/04/be/d09147ad1ec7934636ad912901c5fd7667e1c858e19d355237db0d0cd5e4/smmap-5.0.2-py3-none-any.whl", hash = "sha256:b30115f0def7d7531d22a0fb6502488d879e75b260a9db4d0819cfb25403af5e", size = 24303, upload-time = "2025-01-02T07:14:38.724Z" }, +] + +[[package]] +name = "sniffio" +version = "1.3.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/a2/87/a6771e1546d97e7e041b6ae58d80074f81b7d5121207425c964ddf5cfdbd/sniffio-1.3.1.tar.gz", hash = "sha256:f4324edc670a0f49750a81b895f35c3adb843cca46f0530f79fc1babb23789dc", size = 20372, upload-time = "2024-02-25T23:20:04.057Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/e9/44/75a9c9421471a6c4805dbf2356f7c181a29c1879239abab1ea2cc8f38b40/sniffio-1.3.1-py3-none-any.whl", hash = "sha256:2f6da418d1f1e0fddd844478f41680e794e6051915791a034ff65e5f100525a2", size = 10235, upload-time = "2024-02-25T23:20:01.196Z" }, +] + +[[package]] +name = "socketdev" +version = "3.0.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "requests" }, + { name = "typing-extensions" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/b6/4f/07cb8e4e827931527a3c04e3520dabed8f20ece5a5fb91e5a012e6bb2446/socketdev-3.0.0.tar.gz", hash = "sha256:27c22d3a016e06b916f373f78edd34dc6d7612da0ae845e8e383d58d7425e5bb", size = 101362, upload-time = "2025-08-23T22:59:02.855Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/58/c4/ed98ab0022f19c8e7ded5a2eaea0f0cabf829c6e7001bb7cf8ae112e964f/socketdev-3.0.0-py3-none-any.whl", hash = "sha256:f142f3b0d22a32479cf73bd35f9a0bdcd4896e494c60fdeb2999c0daa9682611", size = 48942, upload-time = "2025-08-23T22:59:01.134Z" }, +] + +[[package]] +name = "socketsecurity" +version = "2.2.3" +source = { editable = "." } +dependencies = [ + { name = "gitpython" }, + { name = "mdutils" }, + { name = "packaging" }, + { name = "prettytable" }, + { name = "python-dotenv" }, + { name = "requests" }, + { name = "socketdev" }, +] + +[package.optional-dependencies] +dev = [ + { name = "hatch" }, + { name = "pre-commit" }, + { name = "ruff" }, + { name = "twine" }, + { name = "uv" }, +] +test = [ + { name = "pytest" }, + { name = "pytest-asyncio" }, + { name = "pytest-cov" }, + { name = "pytest-mock" }, + { name = "pytest-watch" }, +] + +[package.metadata] +requires-dist = [ + { name = "gitpython" }, + { name = "hatch", marker = "extra == 'dev'" }, + { name = "mdutils" }, + { name = "packaging" }, + { name = "pre-commit", marker = "extra == 'dev'" }, + { name = "prettytable" }, + { name = "pytest", marker = "extra == 'test'", specifier = ">=7.4.0" }, + { name = "pytest-asyncio", marker = "extra == 'test'", specifier = ">=0.23.0" }, + { name = "pytest-cov", marker = "extra == 'test'", specifier = ">=4.1.0" }, + { name = "pytest-mock", marker = "extra == 'test'", specifier = ">=3.12.0" }, + { name = "pytest-watch", marker = "extra == 'test'", specifier = ">=4.2.0" }, + { name = "python-dotenv" }, + { name = "requests" }, + { name = "ruff", marker = "extra == 'dev'", specifier = ">=0.3.0" }, + { name = "socketdev", specifier = ">=3.0.0,<4.0.0" }, + { name = "twine", marker = "extra == 'dev'" }, + { name = "uv", marker = "extra == 'dev'", specifier = ">=0.1.0" }, +] +provides-extras = ["test", "dev"] + +[[package]] +name = "tomli" +version = "2.2.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/18/87/302344fed471e44a87289cf4967697d07e532f2421fdaf868a303cbae4ff/tomli-2.2.1.tar.gz", hash = "sha256:cd45e1dc79c835ce60f7404ec8119f2eb06d38b1deba146f07ced3bbc44505ff", size = 17175, upload-time = "2024-11-27T22:38:36.873Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/43/ca/75707e6efa2b37c77dadb324ae7d9571cb424e61ea73fad7c56c2d14527f/tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249", size = 131077, upload-time = "2024-11-27T22:37:54.956Z" }, + { url = "https://files.pythonhosted.org/packages/c7/16/51ae563a8615d472fdbffc43a3f3d46588c264ac4f024f63f01283becfbb/tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6", size = 123429, upload-time = "2024-11-27T22:37:56.698Z" }, + { url = "https://files.pythonhosted.org/packages/f1/dd/4f6cd1e7b160041db83c694abc78e100473c15d54620083dbd5aae7b990e/tomli-2.2.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ece47d672db52ac607a3d9599a9d48dcb2f2f735c6c2d1f34130085bb12b112a", size = 226067, upload-time = "2024-11-27T22:37:57.63Z" }, + { url = "https://files.pythonhosted.org/packages/a9/6b/c54ede5dc70d648cc6361eaf429304b02f2871a345bbdd51e993d6cdf550/tomli-2.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6972ca9c9cc9f0acaa56a8ca1ff51e7af152a9f87fb64623e31d5c83700080ee", size = 236030, upload-time = "2024-11-27T22:37:59.344Z" }, + { url = "https://files.pythonhosted.org/packages/1f/47/999514fa49cfaf7a92c805a86c3c43f4215621855d151b61c602abb38091/tomli-2.2.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c954d2250168d28797dd4e3ac5cf812a406cd5a92674ee4c8f123c889786aa8e", size = 240898, upload-time = "2024-11-27T22:38:00.429Z" }, + { url = "https://files.pythonhosted.org/packages/73/41/0a01279a7ae09ee1573b423318e7934674ce06eb33f50936655071d81a24/tomli-2.2.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:8dd28b3e155b80f4d54beb40a441d366adcfe740969820caf156c019fb5c7ec4", size = 229894, upload-time = "2024-11-27T22:38:02.094Z" }, + { url = "https://files.pythonhosted.org/packages/55/18/5d8bc5b0a0362311ce4d18830a5d28943667599a60d20118074ea1b01bb7/tomli-2.2.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:e59e304978767a54663af13c07b3d1af22ddee3bb2fb0618ca1593e4f593a106", size = 245319, upload-time = "2024-11-27T22:38:03.206Z" }, + { url = "https://files.pythonhosted.org/packages/92/a3/7ade0576d17f3cdf5ff44d61390d4b3febb8a9fc2b480c75c47ea048c646/tomli-2.2.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:33580bccab0338d00994d7f16f4c4ec25b776af3ffaac1ed74e0b3fc95e885a8", size = 238273, upload-time = "2024-11-27T22:38:04.217Z" }, + { url = "https://files.pythonhosted.org/packages/72/6f/fa64ef058ac1446a1e51110c375339b3ec6be245af9d14c87c4a6412dd32/tomli-2.2.1-cp311-cp311-win32.whl", hash = "sha256:465af0e0875402f1d226519c9904f37254b3045fc5084697cefb9bdde1ff99ff", size = 98310, upload-time = "2024-11-27T22:38:05.908Z" }, + { url = "https://files.pythonhosted.org/packages/6a/1c/4a2dcde4a51b81be3530565e92eda625d94dafb46dbeb15069df4caffc34/tomli-2.2.1-cp311-cp311-win_amd64.whl", hash = "sha256:2d0f2fdd22b02c6d81637a3c95f8cd77f995846af7414c5c4b8d0545afa1bc4b", size = 108309, upload-time = "2024-11-27T22:38:06.812Z" }, + { url = "https://files.pythonhosted.org/packages/52/e1/f8af4c2fcde17500422858155aeb0d7e93477a0d59a98e56cbfe75070fd0/tomli-2.2.1-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:4a8f6e44de52d5e6c657c9fe83b562f5f4256d8ebbfe4ff922c495620a7f6cea", size = 132762, upload-time = "2024-11-27T22:38:07.731Z" }, + { url = "https://files.pythonhosted.org/packages/03/b8/152c68bb84fc00396b83e7bbddd5ec0bd3dd409db4195e2a9b3e398ad2e3/tomli-2.2.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8d57ca8095a641b8237d5b079147646153d22552f1c637fd3ba7f4b0b29167a8", size = 123453, upload-time = "2024-11-27T22:38:09.384Z" }, + { url = "https://files.pythonhosted.org/packages/c8/d6/fc9267af9166f79ac528ff7e8c55c8181ded34eb4b0e93daa767b8841573/tomli-2.2.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4e340144ad7ae1533cb897d406382b4b6fede8890a03738ff1683af800d54192", size = 233486, upload-time = "2024-11-27T22:38:10.329Z" }, + { url = "https://files.pythonhosted.org/packages/5c/51/51c3f2884d7bab89af25f678447ea7d297b53b5a3b5730a7cb2ef6069f07/tomli-2.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db2b95f9de79181805df90bedc5a5ab4c165e6ec3fe99f970d0e302f384ad222", size = 242349, upload-time = "2024-11-27T22:38:11.443Z" }, + { url = "https://files.pythonhosted.org/packages/ab/df/bfa89627d13a5cc22402e441e8a931ef2108403db390ff3345c05253935e/tomli-2.2.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:40741994320b232529c802f8bc86da4e1aa9f413db394617b9a256ae0f9a7f77", size = 252159, upload-time = "2024-11-27T22:38:13.099Z" }, + { url = "https://files.pythonhosted.org/packages/9e/6e/fa2b916dced65763a5168c6ccb91066f7639bdc88b48adda990db10c8c0b/tomli-2.2.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:400e720fe168c0f8521520190686ef8ef033fb19fc493da09779e592861b78c6", size = 237243, upload-time = "2024-11-27T22:38:14.766Z" }, + { url = "https://files.pythonhosted.org/packages/b4/04/885d3b1f650e1153cbb93a6a9782c58a972b94ea4483ae4ac5cedd5e4a09/tomli-2.2.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:02abe224de6ae62c19f090f68da4e27b10af2b93213d36cf44e6e1c5abd19fdd", size = 259645, upload-time = "2024-11-27T22:38:15.843Z" }, + { url = "https://files.pythonhosted.org/packages/9c/de/6b432d66e986e501586da298e28ebeefd3edc2c780f3ad73d22566034239/tomli-2.2.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:b82ebccc8c8a36f2094e969560a1b836758481f3dc360ce9a3277c65f374285e", size = 244584, upload-time = "2024-11-27T22:38:17.645Z" }, + { url = "https://files.pythonhosted.org/packages/1c/9a/47c0449b98e6e7d1be6cbac02f93dd79003234ddc4aaab6ba07a9a7482e2/tomli-2.2.1-cp312-cp312-win32.whl", hash = "sha256:889f80ef92701b9dbb224e49ec87c645ce5df3fa2cc548664eb8a25e03127a98", size = 98875, upload-time = "2024-11-27T22:38:19.159Z" }, + { url = "https://files.pythonhosted.org/packages/ef/60/9b9638f081c6f1261e2688bd487625cd1e660d0a85bd469e91d8db969734/tomli-2.2.1-cp312-cp312-win_amd64.whl", hash = "sha256:7fc04e92e1d624a4a63c76474610238576942d6b8950a2d7f908a340494e67e4", size = 109418, upload-time = "2024-11-27T22:38:20.064Z" }, + { url = "https://files.pythonhosted.org/packages/04/90/2ee5f2e0362cb8a0b6499dc44f4d7d48f8fff06d28ba46e6f1eaa61a1388/tomli-2.2.1-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:f4039b9cbc3048b2416cc57ab3bda989a6fcf9b36cf8937f01a6e731b64f80d7", size = 132708, upload-time = "2024-11-27T22:38:21.659Z" }, + { url = "https://files.pythonhosted.org/packages/c0/ec/46b4108816de6b385141f082ba99e315501ccd0a2ea23db4a100dd3990ea/tomli-2.2.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:286f0ca2ffeeb5b9bd4fcc8d6c330534323ec51b2f52da063b11c502da16f30c", size = 123582, upload-time = "2024-11-27T22:38:22.693Z" }, + { url = "https://files.pythonhosted.org/packages/a0/bd/b470466d0137b37b68d24556c38a0cc819e8febe392d5b199dcd7f578365/tomli-2.2.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a92ef1a44547e894e2a17d24e7557a5e85a9e1d0048b0b5e7541f76c5032cb13", size = 232543, upload-time = "2024-11-27T22:38:24.367Z" }, + { url = "https://files.pythonhosted.org/packages/d9/e5/82e80ff3b751373f7cead2815bcbe2d51c895b3c990686741a8e56ec42ab/tomli-2.2.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9316dc65bed1684c9a98ee68759ceaed29d229e985297003e494aa825ebb0281", size = 241691, upload-time = "2024-11-27T22:38:26.081Z" }, + { url = "https://files.pythonhosted.org/packages/05/7e/2a110bc2713557d6a1bfb06af23dd01e7dde52b6ee7dadc589868f9abfac/tomli-2.2.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e85e99945e688e32d5a35c1ff38ed0b3f41f43fad8df0bdf79f72b2ba7bc5272", size = 251170, upload-time = "2024-11-27T22:38:27.921Z" }, + { url = "https://files.pythonhosted.org/packages/64/7b/22d713946efe00e0adbcdfd6d1aa119ae03fd0b60ebed51ebb3fa9f5a2e5/tomli-2.2.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:ac065718db92ca818f8d6141b5f66369833d4a80a9d74435a268c52bdfa73140", size = 236530, upload-time = "2024-11-27T22:38:29.591Z" }, + { url = "https://files.pythonhosted.org/packages/38/31/3a76f67da4b0cf37b742ca76beaf819dca0ebef26d78fc794a576e08accf/tomli-2.2.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:d920f33822747519673ee656a4b6ac33e382eca9d331c87770faa3eef562aeb2", size = 258666, upload-time = "2024-11-27T22:38:30.639Z" }, + { url = "https://files.pythonhosted.org/packages/07/10/5af1293da642aded87e8a988753945d0cf7e00a9452d3911dd3bb354c9e2/tomli-2.2.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:a198f10c4d1b1375d7687bc25294306e551bf1abfa4eace6650070a5c1ae2744", size = 243954, upload-time = "2024-11-27T22:38:31.702Z" }, + { url = "https://files.pythonhosted.org/packages/5b/b9/1ed31d167be802da0fc95020d04cd27b7d7065cc6fbefdd2f9186f60d7bd/tomli-2.2.1-cp313-cp313-win32.whl", hash = "sha256:d3f5614314d758649ab2ab3a62d4f2004c825922f9e370b29416484086b264ec", size = 98724, upload-time = "2024-11-27T22:38:32.837Z" }, + { url = "https://files.pythonhosted.org/packages/c7/32/b0963458706accd9afcfeb867c0f9175a741bf7b19cd424230714d722198/tomli-2.2.1-cp313-cp313-win_amd64.whl", hash = "sha256:a38aa0308e754b0e3c67e344754dff64999ff9b513e691d0e786265c93583c69", size = 109383, upload-time = "2024-11-27T22:38:34.455Z" }, + { url = "https://files.pythonhosted.org/packages/6e/c2/61d3e0f47e2b74ef40a68b9e6ad5984f6241a942f7cd3bbfbdbd03861ea9/tomli-2.2.1-py3-none-any.whl", hash = "sha256:cb55c73c5f4408779d0cf3eef9f762b9c9f147a77de7b258bef0a5628adc85cc", size = 14257, upload-time = "2024-11-27T22:38:35.385Z" }, +] + +[[package]] +name = "tomli-w" +version = "1.2.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/19/75/241269d1da26b624c0d5e110e8149093c759b7a286138f4efd61a60e75fe/tomli_w-1.2.0.tar.gz", hash = "sha256:2dd14fac5a47c27be9cd4c976af5a12d87fb1f0b4512f81d69cce3b35ae25021", size = 7184, upload-time = "2025-01-15T12:07:24.262Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/c7/18/c86eb8e0202e32dd3df50d43d7ff9854f8e0603945ff398974c1d91ac1ef/tomli_w-1.2.0-py3-none-any.whl", hash = "sha256:188306098d013b691fcadc011abd66727d3c414c571bb01b1a174ba8c983cf90", size = 6675, upload-time = "2025-01-15T12:07:22.074Z" }, +] + +[[package]] +name = "tomlkit" +version = "0.13.3" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/cc/18/0bbf3884e9eaa38819ebe46a7bd25dcd56b67434402b66a58c4b8e552575/tomlkit-0.13.3.tar.gz", hash = "sha256:430cf247ee57df2b94ee3fbe588e71d362a941ebb545dec29b53961d61add2a1", size = 185207, upload-time = "2025-06-05T07:13:44.947Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/bd/75/8539d011f6be8e29f339c42e633aae3cb73bffa95dd0f9adec09b9c58e85/tomlkit-0.13.3-py3-none-any.whl", hash = "sha256:c89c649d79ee40629a9fda55f8ace8c6a1b42deb912b2a8fd8d942ddadb606b0", size = 38901, upload-time = "2025-06-05T07:13:43.546Z" }, +] + +[[package]] +name = "trove-classifiers" +version = "2025.8.6.13" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/c3/21/707af14daa638b0df15b5d5700349e0abdd3e5140069f9ab6e0ccb922806/trove_classifiers-2025.8.6.13.tar.gz", hash = "sha256:5a0abad839d2ed810f213ab133d555d267124ddea29f1d8a50d6eca12a50ae6e", size = 16932, upload-time = "2025-08-06T13:26:26.479Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/d5/44/323a87d78f04d5329092aada803af3612dd004a64b69ba8b13046601a8c9/trove_classifiers-2025.8.6.13-py3-none-any.whl", hash = "sha256:c4e7fc83012770d80b3ae95816111c32b085716374dccee0d3fbf5c235495f9f", size = 14121, upload-time = "2025-08-06T13:26:25.063Z" }, +] + +[[package]] +name = "twine" +version = "6.1.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "id" }, + { name = "keyring", marker = "platform_machine != 'ppc64le' and platform_machine != 's390x'" }, + { name = "packaging" }, + { name = "readme-renderer" }, + { name = "requests" }, + { name = "requests-toolbelt" }, + { name = "rfc3986" }, + { name = "rich" }, + { name = "urllib3" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/c8/a2/6df94fc5c8e2170d21d7134a565c3a8fb84f9797c1dd65a5976aaf714418/twine-6.1.0.tar.gz", hash = "sha256:be324f6272eff91d07ee93f251edf232fc647935dd585ac003539b42404a8dbd", size = 168404, upload-time = "2025-01-21T18:45:26.758Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/7c/b6/74e927715a285743351233f33ea3c684528a0d374d2e43ff9ce9585b73fe/twine-6.1.0-py3-none-any.whl", hash = "sha256:a47f973caf122930bf0fbbf17f80b83bc1602c9ce393c7845f289a3001dc5384", size = 40791, upload-time = "2025-01-21T18:45:24.584Z" }, +] + +[[package]] +name = "typing-extensions" +version = "4.14.1" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/98/5a/da40306b885cc8c09109dc2e1abd358d5684b1425678151cdaed4731c822/typing_extensions-4.14.1.tar.gz", hash = "sha256:38b39f4aeeab64884ce9f74c94263ef78f3c22467c8724005483154c26648d36", size = 107673, upload-time = "2025-07-04T13:28:34.16Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/b5/00/d631e67a838026495268c2f6884f3711a15a9a2a96cd244fdaea53b823fb/typing_extensions-4.14.1-py3-none-any.whl", hash = "sha256:d1e1e3b58374dc93031d6eda2420a48ea44a36c2b4766a4fdeb3710755731d76", size = 43906, upload-time = "2025-07-04T13:28:32.743Z" }, +] + +[[package]] +name = "urllib3" +version = "2.5.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/15/22/9ee70a2574a4f4599c47dd506532914ce044817c7752a79b6a51286319bc/urllib3-2.5.0.tar.gz", hash = "sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760", size = 393185, upload-time = "2025-06-18T14:07:41.644Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/a7/c2/fe1e52489ae3122415c51f387e221dd0773709bad6c6cdaa599e8a2c5185/urllib3-2.5.0-py3-none-any.whl", hash = "sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc", size = 129795, upload-time = "2025-06-18T14:07:40.39Z" }, +] + +[[package]] +name = "userpath" +version = "1.9.2" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "click" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/d5/b7/30753098208505d7ff9be5b3a32112fb8a4cb3ddfccbbb7ba9973f2e29ff/userpath-1.9.2.tar.gz", hash = "sha256:6c52288dab069257cc831846d15d48133522455d4677ee69a9781f11dbefd815", size = 11140, upload-time = "2024-02-29T21:39:08.742Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/43/99/3ec6335ded5b88c2f7ed25c56ffd952546f7ed007ffb1e1539dc3b57015a/userpath-1.9.2-py3-none-any.whl", hash = "sha256:2cbf01a23d655a1ff8fc166dfb78da1b641d1ceabf0fe5f970767d380b14e89d", size = 9065, upload-time = "2024-02-29T21:39:07.551Z" }, +] + +[[package]] +name = "uv" +version = "0.8.13" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/ca/f3/4f947303fb68daa553fc44ea5f2bcdfb1d11c4390ab52b6e3829f72b6b69/uv-0.8.13.tar.gz", hash = "sha256:a4438eca3d301183c52994a6d2baff70fd1840421a83446f3cabb1d0d0b50aff", size = 3529020, upload-time = "2025-08-21T19:20:17.329Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/4a/1d/98c7985f05c1dfa4a1d9bfebfdc75fd5c86633acb3bd9a65a5233a267d0e/uv-0.8.13-py3-none-linux_armv6l.whl", hash = "sha256:3b5c6e44238007ec1d25212cafe1b37a8506d425d1dd74a267cb9072a61930f9", size = 18712142, upload-time = "2025-08-21T19:19:30.882Z" }, + { url = "https://files.pythonhosted.org/packages/32/a2/2fc23b2fb14316fafafcd918dd4bf3456aecfeae95d71deaf9d7d59e9720/uv-0.8.13-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:2945c32b8fcf23807ef1f74c390795e2b00371c53b94c015cc6e7b0cfbab9d94", size = 18752276, upload-time = "2025-08-21T19:19:34.658Z" }, + { url = "https://files.pythonhosted.org/packages/95/e4/c8d4963271e3a9ea0886be1082c96b16881d58d6d260957e76bd41f4c991/uv-0.8.13-py3-none-macosx_11_0_arm64.whl", hash = "sha256:73459fe1403b1089853071db6770450dc03e4058848f7146d88cff5f1c352743", size = 17403078, upload-time = "2025-08-21T19:19:36.882Z" }, + { url = "https://files.pythonhosted.org/packages/9b/25/3985330034df1f99b63b947f5de37059859aede74883fc14e4500a983daf/uv-0.8.13-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.musllinux_1_1_aarch64.whl", hash = "sha256:854c4e75024a4894477bf61684b2872b83c77ca87d1bad62692bcc31200619c3", size = 18075030, upload-time = "2025-08-21T19:19:41.992Z" }, + { url = "https://files.pythonhosted.org/packages/68/f2/5956b44e8b77e777b1c15c011e43a7bb29c4346908f569c474db67baab02/uv-0.8.13-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:28c8d4560c673ff5c798f2f4422281840728f46ebf1946345b65d065f8344c03", size = 18334387, upload-time = "2025-08-21T19:19:44.543Z" }, + { url = "https://files.pythonhosted.org/packages/18/96/5feda4185ea21e7dc79f73ba1f9ebbd2ac5da22ed5c40d7c6f6a310d4738/uv-0.8.13-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f6c508aa9c5210577008e1919b532e38356fe68712179399f00462b3e78fd845", size = 19097001, upload-time = "2025-08-21T19:19:47.363Z" }, + { url = "https://files.pythonhosted.org/packages/02/f8/1b6e258907afdb008855418f7a0aa41568f8b7389994f62b7992352a5146/uv-0.8.13-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:3bac51ea503d97f371222f23e845fc4ab95465ac3e958c7589d6743c75445b71", size = 20501591, upload-time = "2025-08-21T19:19:49.976Z" }, + { url = "https://files.pythonhosted.org/packages/39/17/8a9f979bb6329b74320514797bfaf0a2865e25c2edf7506fde5080ad071c/uv-0.8.13-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:4a6d37547947fcae57244b4d1f3b62fba55f4a85d3e45e7284a93b6cd5bedca4", size = 20156528, upload-time = "2025-08-21T19:19:52.096Z" }, + { url = "https://files.pythonhosted.org/packages/5f/ca/bc42b2ae9dd0eae8b5bba34020bc3893cf7370c4125164075643a1da86c8/uv-0.8.13-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3735a452cdc3168932d128891d7e8866b4a2d052283c6da5ccfe0b038d1cf8bd", size = 19491271, upload-time = "2025-08-21T19:19:54.302Z" }, + { url = "https://files.pythonhosted.org/packages/82/6b/81387a715dd045f7edea452fb76a5896dcfc11b8ecf0db5106f4b0f633ec/uv-0.8.13-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2113cd877974b68ea2af64a2f2cc23708ba97066046e78efb72ba94e5fef617a", size = 19452076, upload-time = "2025-08-21T19:19:56.608Z" }, + { url = "https://files.pythonhosted.org/packages/59/2e/eae2eff5876576b6e1d43010924446da22f4fe33140124a4f2ae936c457d/uv-0.8.13-py3-none-manylinux_2_28_aarch64.whl", hash = "sha256:4c2c5e5962239ecaff6444d5bc22422a9bd2da25a80adc6ab14cb42e4461b1cf", size = 18329700, upload-time = "2025-08-21T19:19:58.784Z" }, + { url = "https://files.pythonhosted.org/packages/5e/6e/9a88c83a1d8845c04b911433bbe61989b9d40b4feb7a51ab1ca595107bf5/uv-0.8.13-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:eb90089624d92d57b8582f708973db8988e09dba6bae83991dba20731d82eb6a", size = 19218874, upload-time = "2025-08-21T19:20:01.054Z" }, + { url = "https://files.pythonhosted.org/packages/df/f5/8f818016a1704a185dd0087cacbe0797b0ca2ef859922814e26322427756/uv-0.8.13-py3-none-musllinux_1_1_armv7l.whl", hash = "sha256:cf3ce98404ddc1e11cd2c2604668f8f81219cf00bb1227b792fdf5dbb4faf31a", size = 18310085, upload-time = "2025-08-21T19:20:03.219Z" }, + { url = "https://files.pythonhosted.org/packages/64/d2/b0d16ec65efb8b5877256e14da808a0db20c4bf3e9960d807e4c0db5f71c/uv-0.8.13-py3-none-musllinux_1_1_i686.whl", hash = "sha256:8a3739540f8b0b5258869b1671185d55daacfa4609eaffd235573ac938ec01a6", size = 18604881, upload-time = "2025-08-21T19:20:05.413Z" }, + { url = "https://files.pythonhosted.org/packages/3f/ba/f96a34b2aec7c38d0512b10fea182eaf0d416e2825cf4ac00fde1e375019/uv-0.8.13-py3-none-musllinux_1_1_x86_64.whl", hash = "sha256:18a502328545af511039c7b7c602a0aa89eeff23b1221a1f56d99b3a3fecfddd", size = 19569585, upload-time = "2025-08-21T19:20:08.008Z" }, + { url = "https://files.pythonhosted.org/packages/6d/7d/a57198784a1dca07668007837cfd00346cde2da079697f67daaedbfb1376/uv-0.8.13-py3-none-win32.whl", hash = "sha256:d22fa55580b224779279b98e0b23cbc45e51837e1fac616d7c5d03aff668a998", size = 18661160, upload-time = "2025-08-21T19:20:10.393Z" }, + { url = "https://files.pythonhosted.org/packages/3f/14/65ba1f45c27ff975497f2db965cd2b989fdda031afa76b978ddc72a66032/uv-0.8.13-py3-none-win_amd64.whl", hash = "sha256:20862f612de38f6dea55d40467a29f3cb621b256a4b5891ae55debbbdf1db2b4", size = 20556536, upload-time = "2025-08-21T19:20:12.745Z" }, + { url = "https://files.pythonhosted.org/packages/c9/47/16a2eb25166861af1a139e506e5595cb92c7f7e5aae6e71feec135093394/uv-0.8.13-py3-none-win_arm64.whl", hash = "sha256:404ca19b2d860ab661e1d78633f594e994f8422af8772ad237d763fe353da2ab", size = 19028395, upload-time = "2025-08-21T19:20:15.035Z" }, +] + +[[package]] +name = "virtualenv" +version = "20.34.0" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "distlib" }, + { name = "filelock" }, + { name = "platformdirs" }, + { name = "typing-extensions", marker = "python_full_version < '3.11'" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/1c/14/37fcdba2808a6c615681cd216fecae00413c9dab44fb2e57805ecf3eaee3/virtualenv-20.34.0.tar.gz", hash = "sha256:44815b2c9dee7ed86e387b842a84f20b93f7f417f95886ca1996a72a4138eb1a", size = 6003808, upload-time = "2025-08-13T14:24:07.464Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/76/06/04c8e804f813cf972e3262f3f8584c232de64f0cde9f703b46cf53a45090/virtualenv-20.34.0-py3-none-any.whl", hash = "sha256:341f5afa7eee943e4984a9207c025feedd768baff6753cd660c857ceb3e36026", size = 5983279, upload-time = "2025-08-13T14:24:05.111Z" }, +] + +[[package]] +name = "watchdog" +version = "6.0.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/db/7d/7f3d619e951c88ed75c6037b246ddcf2d322812ee8ea189be89511721d54/watchdog-6.0.0.tar.gz", hash = "sha256:9ddf7c82fda3ae8e24decda1338ede66e1c99883db93711d8fb941eaa2d8c282", size = 131220, upload-time = "2024-11-01T14:07:13.037Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/0c/56/90994d789c61df619bfc5ce2ecdabd5eeff564e1eb47512bd01b5e019569/watchdog-6.0.0-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:d1cdb490583ebd691c012b3d6dae011000fe42edb7a82ece80965b42abd61f26", size = 96390, upload-time = "2024-11-01T14:06:24.793Z" }, + { url = "https://files.pythonhosted.org/packages/55/46/9a67ee697342ddf3c6daa97e3a587a56d6c4052f881ed926a849fcf7371c/watchdog-6.0.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:bc64ab3bdb6a04d69d4023b29422170b74681784ffb9463ed4870cf2f3e66112", size = 88389, upload-time = "2024-11-01T14:06:27.112Z" }, + { url = "https://files.pythonhosted.org/packages/44/65/91b0985747c52064d8701e1075eb96f8c40a79df889e59a399453adfb882/watchdog-6.0.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c897ac1b55c5a1461e16dae288d22bb2e412ba9807df8397a635d88f671d36c3", size = 89020, upload-time = "2024-11-01T14:06:29.876Z" }, + { url = "https://files.pythonhosted.org/packages/e0/24/d9be5cd6642a6aa68352ded4b4b10fb0d7889cb7f45814fb92cecd35f101/watchdog-6.0.0-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:6eb11feb5a0d452ee41f824e271ca311a09e250441c262ca2fd7ebcf2461a06c", size = 96393, upload-time = "2024-11-01T14:06:31.756Z" }, + { url = "https://files.pythonhosted.org/packages/63/7a/6013b0d8dbc56adca7fdd4f0beed381c59f6752341b12fa0886fa7afc78b/watchdog-6.0.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:ef810fbf7b781a5a593894e4f439773830bdecb885e6880d957d5b9382a960d2", size = 88392, upload-time = "2024-11-01T14:06:32.99Z" }, + { url = "https://files.pythonhosted.org/packages/d1/40/b75381494851556de56281e053700e46bff5b37bf4c7267e858640af5a7f/watchdog-6.0.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:afd0fe1b2270917c5e23c2a65ce50c2a4abb63daafb0d419fde368e272a76b7c", size = 89019, upload-time = "2024-11-01T14:06:34.963Z" }, + { url = "https://files.pythonhosted.org/packages/39/ea/3930d07dafc9e286ed356a679aa02d777c06e9bfd1164fa7c19c288a5483/watchdog-6.0.0-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:bdd4e6f14b8b18c334febb9c4425a878a2ac20efd1e0b231978e7b150f92a948", size = 96471, upload-time = "2024-11-01T14:06:37.745Z" }, + { url = "https://files.pythonhosted.org/packages/12/87/48361531f70b1f87928b045df868a9fd4e253d9ae087fa4cf3f7113be363/watchdog-6.0.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:c7c15dda13c4eb00d6fb6fc508b3c0ed88b9d5d374056b239c4ad1611125c860", size = 88449, upload-time = "2024-11-01T14:06:39.748Z" }, + { url = "https://files.pythonhosted.org/packages/5b/7e/8f322f5e600812e6f9a31b75d242631068ca8f4ef0582dd3ae6e72daecc8/watchdog-6.0.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:6f10cb2d5902447c7d0da897e2c6768bca89174d0c6e1e30abec5421af97a5b0", size = 89054, upload-time = "2024-11-01T14:06:41.009Z" }, + { url = "https://files.pythonhosted.org/packages/68/98/b0345cabdce2041a01293ba483333582891a3bd5769b08eceb0d406056ef/watchdog-6.0.0-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:490ab2ef84f11129844c23fb14ecf30ef3d8a6abafd3754a6f75ca1e6654136c", size = 96480, upload-time = "2024-11-01T14:06:42.952Z" }, + { url = "https://files.pythonhosted.org/packages/85/83/cdf13902c626b28eedef7ec4f10745c52aad8a8fe7eb04ed7b1f111ca20e/watchdog-6.0.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:76aae96b00ae814b181bb25b1b98076d5fc84e8a53cd8885a318b42b6d3a5134", size = 88451, upload-time = "2024-11-01T14:06:45.084Z" }, + { url = "https://files.pythonhosted.org/packages/fe/c4/225c87bae08c8b9ec99030cd48ae9c4eca050a59bf5c2255853e18c87b50/watchdog-6.0.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:a175f755fc2279e0b7312c0035d52e27211a5bc39719dd529625b1930917345b", size = 89057, upload-time = "2024-11-01T14:06:47.324Z" }, + { url = "https://files.pythonhosted.org/packages/30/ad/d17b5d42e28a8b91f8ed01cb949da092827afb9995d4559fd448d0472763/watchdog-6.0.0-pp310-pypy310_pp73-macosx_10_15_x86_64.whl", hash = "sha256:c7ac31a19f4545dd92fc25d200694098f42c9a8e391bc00bdd362c5736dbf881", size = 87902, upload-time = "2024-11-01T14:06:53.119Z" }, + { url = "https://files.pythonhosted.org/packages/5c/ca/c3649991d140ff6ab67bfc85ab42b165ead119c9e12211e08089d763ece5/watchdog-6.0.0-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:9513f27a1a582d9808cf21a07dae516f0fab1cf2d7683a742c498b93eedabb11", size = 88380, upload-time = "2024-11-01T14:06:55.19Z" }, + { url = "https://files.pythonhosted.org/packages/a9/c7/ca4bf3e518cb57a686b2feb4f55a1892fd9a3dd13f470fca14e00f80ea36/watchdog-6.0.0-py3-none-manylinux2014_aarch64.whl", hash = "sha256:7607498efa04a3542ae3e05e64da8202e58159aa1fa4acddf7678d34a35d4f13", size = 79079, upload-time = "2024-11-01T14:06:59.472Z" }, + { url = "https://files.pythonhosted.org/packages/5c/51/d46dc9332f9a647593c947b4b88e2381c8dfc0942d15b8edc0310fa4abb1/watchdog-6.0.0-py3-none-manylinux2014_armv7l.whl", hash = "sha256:9041567ee8953024c83343288ccc458fd0a2d811d6a0fd68c4c22609e3490379", size = 79078, upload-time = "2024-11-01T14:07:01.431Z" }, + { url = "https://files.pythonhosted.org/packages/d4/57/04edbf5e169cd318d5f07b4766fee38e825d64b6913ca157ca32d1a42267/watchdog-6.0.0-py3-none-manylinux2014_i686.whl", hash = "sha256:82dc3e3143c7e38ec49d61af98d6558288c415eac98486a5c581726e0737c00e", size = 79076, upload-time = "2024-11-01T14:07:02.568Z" }, + { url = "https://files.pythonhosted.org/packages/ab/cc/da8422b300e13cb187d2203f20b9253e91058aaf7db65b74142013478e66/watchdog-6.0.0-py3-none-manylinux2014_ppc64.whl", hash = "sha256:212ac9b8bf1161dc91bd09c048048a95ca3a4c4f5e5d4a7d1b1a7d5752a7f96f", size = 79077, upload-time = "2024-11-01T14:07:03.893Z" }, + { url = "https://files.pythonhosted.org/packages/2c/3b/b8964e04ae1a025c44ba8e4291f86e97fac443bca31de8bd98d3263d2fcf/watchdog-6.0.0-py3-none-manylinux2014_ppc64le.whl", hash = "sha256:e3df4cbb9a450c6d49318f6d14f4bbc80d763fa587ba46ec86f99f9e6876bb26", size = 79078, upload-time = "2024-11-01T14:07:05.189Z" }, + { url = "https://files.pythonhosted.org/packages/62/ae/a696eb424bedff7407801c257d4b1afda455fe40821a2be430e173660e81/watchdog-6.0.0-py3-none-manylinux2014_s390x.whl", hash = "sha256:2cce7cfc2008eb51feb6aab51251fd79b85d9894e98ba847408f662b3395ca3c", size = 79077, upload-time = "2024-11-01T14:07:06.376Z" }, + { url = "https://files.pythonhosted.org/packages/b5/e8/dbf020b4d98251a9860752a094d09a65e1b436ad181faf929983f697048f/watchdog-6.0.0-py3-none-manylinux2014_x86_64.whl", hash = "sha256:20ffe5b202af80ab4266dcd3e91aae72bf2da48c0d33bdb15c66658e685e94e2", size = 79078, upload-time = "2024-11-01T14:07:07.547Z" }, + { url = "https://files.pythonhosted.org/packages/07/f6/d0e5b343768e8bcb4cda79f0f2f55051bf26177ecd5651f84c07567461cf/watchdog-6.0.0-py3-none-win32.whl", hash = "sha256:07df1fdd701c5d4c8e55ef6cf55b8f0120fe1aef7ef39a1c6fc6bc2e606d517a", size = 79065, upload-time = "2024-11-01T14:07:09.525Z" }, + { url = "https://files.pythonhosted.org/packages/db/d9/c495884c6e548fce18a8f40568ff120bc3a4b7b99813081c8ac0c936fa64/watchdog-6.0.0-py3-none-win_amd64.whl", hash = "sha256:cbafb470cf848d93b5d013e2ecb245d4aa1c8fd0504e863ccefa32445359d680", size = 79070, upload-time = "2024-11-01T14:07:10.686Z" }, + { url = "https://files.pythonhosted.org/packages/33/e8/e40370e6d74ddba47f002a32919d91310d6074130fe4e17dabcafc15cbf1/watchdog-6.0.0-py3-none-win_ia64.whl", hash = "sha256:a1914259fa9e1454315171103c6a30961236f508b9b623eae470268bbcc6a22f", size = 79067, upload-time = "2024-11-01T14:07:11.845Z" }, +] + +[[package]] +name = "wcwidth" +version = "0.2.13" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/6c/63/53559446a878410fc5a5974feb13d31d78d752eb18aeba59c7fef1af7598/wcwidth-0.2.13.tar.gz", hash = "sha256:72ea0c06399eb286d978fdedb6923a9eb47e1c486ce63e9b4e64fc18303972b5", size = 101301, upload-time = "2024-01-06T02:10:57.829Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/fd/84/fd2ba7aafacbad3c4201d395674fc6348826569da3c0937e75505ead3528/wcwidth-0.2.13-py2.py3-none-any.whl", hash = "sha256:3da69048e4540d84af32131829ff948f1e022c1c6bdb8d6102117aac784f6859", size = 34166, upload-time = "2024-01-06T02:10:55.763Z" }, +] + +[[package]] +name = "zipp" +version = "3.23.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/e3/02/0f2892c661036d50ede074e376733dca2ae7c6eb617489437771209d4180/zipp-3.23.0.tar.gz", hash = "sha256:a07157588a12518c9d4034df3fbbee09c814741a33ff63c05fa29d26a2404166", size = 25547, upload-time = "2025-06-08T17:06:39.4Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/2e/54/647ade08bf0db230bfea292f893923872fd20be6ac6f53b2b936ba839d75/zipp-3.23.0-py3-none-any.whl", hash = "sha256:071652d6115ed432f5ce1d34c336c0adfd6a884660d1e9712a256d3d3bd4b14e", size = 10276, upload-time = "2025-06-08T17:06:38.034Z" }, +] + +[[package]] +name = "zstandard" +version = "0.24.0" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/09/1b/c20b2ef1d987627765dcd5bf1dadb8ef6564f00a87972635099bb76b7a05/zstandard-0.24.0.tar.gz", hash = "sha256:fe3198b81c00032326342d973e526803f183f97aa9e9a98e3f897ebafe21178f", size = 905681, upload-time = "2025-08-17T18:36:36.352Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/63/9d/d1ca1e7bff6a7938e81180322c053c080ae9e31b0e3b393434deae7a1ae5/zstandard-0.24.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:af1394c2c5febc44e0bbf0fc6428263fa928b50d1b1982ce1d870dc793a8e5f4", size = 795228, upload-time = "2025-08-17T18:21:12.444Z" }, + { url = "https://files.pythonhosted.org/packages/d3/ba/a40ddfbbb9f0773127701a802338f215211b018f9222b9fab1e2d498f9cd/zstandard-0.24.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:5e941654cef13a1d53634ec30933722eda11f44f99e1d0bc62bbce3387580d50", size = 640522, upload-time = "2025-08-17T18:21:14.133Z" }, + { url = "https://files.pythonhosted.org/packages/3e/7c/edeee3ef8d469a1345edd86f8d123a3825d60df033bcbbd16df417bdb9e7/zstandard-0.24.0-cp310-cp310-manylinux2010_i686.manylinux2014_i686.manylinux_2_12_i686.manylinux_2_17_i686.whl", hash = "sha256:561123d05681197c0e24eb8ab3cfdaf299e2b59c293d19dad96e1610ccd8fbc6", size = 5344625, upload-time = "2025-08-17T18:21:16.067Z" }, + { url = "https://files.pythonhosted.org/packages/bf/2c/2f76e5058435d96ab0187303d4e9663372893cdcc95d64fdb60824951162/zstandard-0.24.0-cp310-cp310-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:0f6d9a146e07458cb41423ca2d783aefe3a3a97fe72838973c13b8f1ecc7343a", size = 5055074, upload-time = "2025-08-17T18:21:18.483Z" }, + { url = "https://files.pythonhosted.org/packages/e4/87/3962530a568d38e64f287e11b9a38936d873617120589611c49c29af94a8/zstandard-0.24.0-cp310-cp310-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:bf02f915fa7934ea5dfc8d96757729c99a8868b7c340b97704795d6413cf5fe6", size = 5401308, upload-time = "2025-08-17T18:21:20.859Z" }, + { url = "https://files.pythonhosted.org/packages/f1/69/85e65f0fb05b4475130888cf7934ff30ac14b5979527e8f1ccb6f56e21ec/zstandard-0.24.0-cp310-cp310-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:35f13501a8accf834457d8e40e744568287a215818778bc4d79337af2f3f0d97", size = 5448948, upload-time = "2025-08-17T18:21:23.015Z" }, + { url = "https://files.pythonhosted.org/packages/2b/2f/1b607274bf20ea8bcd13bea3edc0a48f984c438c09d0a050b9667dadcaed/zstandard-0.24.0-cp310-cp310-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:92be52ca4e6e604f03d5daa079caec9e04ab4cbf6972b995aaebb877d3d24e13", size = 5555870, upload-time = "2025-08-17T18:21:24.985Z" }, + { url = "https://files.pythonhosted.org/packages/a0/9a/fadd5ffded6ab113b26704658a40444865b914de072fb460b6b51aa5fa2f/zstandard-0.24.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:0c9c3cba57f5792532a3df3f895980d47d78eda94b0e5b800651b53e96e0b604", size = 5044917, upload-time = "2025-08-17T18:21:27.082Z" }, + { url = "https://files.pythonhosted.org/packages/2a/0d/c5edc3b00e070d0b4156993bd7bef9cba58c5f2571bd0003054cbe90005c/zstandard-0.24.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:dd91b0134a32dfcd8be504e8e46de44ad0045a569efc25101f2a12ccd41b5759", size = 5571834, upload-time = "2025-08-17T18:21:29.239Z" }, + { url = "https://files.pythonhosted.org/packages/1f/7e/9e353ed08c3d7a93050bbadbebe2f5f783b13393e0e8e08e970ef3396390/zstandard-0.24.0-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:d6975f2d903bc354916a17b91a7aaac7299603f9ecdb788145060dde6e573a16", size = 4959108, upload-time = "2025-08-17T18:21:31.228Z" }, + { url = "https://files.pythonhosted.org/packages/af/28/135dffba375ab1f4d2c569de804647eba8bd682f36d3c01b5a012c560ff2/zstandard-0.24.0-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:7ac6e4d727521d86d20ec291a3f4e64a478e8a73eaee80af8f38ec403e77a409", size = 5265997, upload-time = "2025-08-17T18:21:33.369Z" }, + { url = "https://files.pythonhosted.org/packages/cc/7a/702e7cbc51c39ce104c198ea6d069fb6a918eb24c5709ac79fe9371f7a55/zstandard-0.24.0-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:87ae1684bc3c02d5c35884b3726525eda85307073dbefe68c3c779e104a59036", size = 5440015, upload-time = "2025-08-17T18:21:35.023Z" }, + { url = "https://files.pythonhosted.org/packages/77/40/4a2d0faa2ae6f4c847c7f77ec626abed80873035891c4a4349b735a36fb4/zstandard-0.24.0-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:7de5869e616d426b56809be7dc6dba4d37b95b90411ccd3de47f421a42d4d42c", size = 5819056, upload-time = "2025-08-17T18:21:39.661Z" }, + { url = "https://files.pythonhosted.org/packages/3e/fc/580504a2d7c71411a8e403b83f2388ee083819a68e0e740bf974e78839f8/zstandard-0.24.0-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:388aad2d693707f4a0f6cc687eb457b33303d6b57ecf212c8ff4468c34426892", size = 5362621, upload-time = "2025-08-17T18:21:42.605Z" }, + { url = "https://files.pythonhosted.org/packages/70/66/97f6b38eeda955eaa6b5e7cfc0528039bfcb9eb8338016aacf6d83d8a75e/zstandard-0.24.0-cp310-cp310-win32.whl", hash = "sha256:962ea3aecedcc944f8034812e23d7200d52c6e32765b8da396eeb8b8ffca71ce", size = 435575, upload-time = "2025-08-17T18:21:45.477Z" }, + { url = "https://files.pythonhosted.org/packages/68/a2/5814bdd22d879b10fcc5dc37366e39603767063f06ae970f2a657f76ddac/zstandard-0.24.0-cp310-cp310-win_amd64.whl", hash = "sha256:869bf13f66b124b13be37dd6e08e4b728948ff9735308694e0b0479119e08ea7", size = 505115, upload-time = "2025-08-17T18:21:44.011Z" }, + { url = "https://files.pythonhosted.org/packages/01/1f/5c72806f76043c0ef9191a2b65281dacdf3b65b0828eb13bb2c987c4fb90/zstandard-0.24.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:addfc23e3bd5f4b6787b9ca95b2d09a1a67ad5a3c318daaa783ff90b2d3a366e", size = 795228, upload-time = "2025-08-17T18:21:46.978Z" }, + { url = "https://files.pythonhosted.org/packages/0b/ba/3059bd5cd834666a789251d14417621b5c61233bd46e7d9023ea8bc1043a/zstandard-0.24.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:6b005bcee4be9c3984b355336283afe77b2defa76ed6b89332eced7b6fa68b68", size = 640520, upload-time = "2025-08-17T18:21:48.162Z" }, + { url = "https://files.pythonhosted.org/packages/57/07/f0e632bf783f915c1fdd0bf68614c4764cae9dd46ba32cbae4dd659592c3/zstandard-0.24.0-cp311-cp311-manylinux2010_i686.manylinux2014_i686.manylinux_2_12_i686.manylinux_2_17_i686.whl", hash = "sha256:3f96a9130171e01dbb6c3d4d9925d604e2131a97f540e223b88ba45daf56d6fb", size = 5347682, upload-time = "2025-08-17T18:21:50.266Z" }, + { url = "https://files.pythonhosted.org/packages/a6/4c/63523169fe84773a7462cd090b0989cb7c7a7f2a8b0a5fbf00009ba7d74d/zstandard-0.24.0-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:cd0d3d16e63873253bad22b413ec679cf6586e51b5772eb10733899832efec42", size = 5057650, upload-time = "2025-08-17T18:21:52.634Z" }, + { url = "https://files.pythonhosted.org/packages/c6/16/49013f7ef80293f5cebf4c4229535a9f4c9416bbfd238560edc579815dbe/zstandard-0.24.0-cp311-cp311-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:b7a8c30d9bf4bd5e4dcfe26900bef0fcd9749acde45cdf0b3c89e2052fda9a13", size = 5404893, upload-time = "2025-08-17T18:21:54.54Z" }, + { url = "https://files.pythonhosted.org/packages/4d/38/78e8bcb5fc32a63b055f2b99e0be49b506f2351d0180173674f516cf8a7a/zstandard-0.24.0-cp311-cp311-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:52cd7d9fa0a115c9446abb79b06a47171b7d916c35c10e0c3aa6f01d57561382", size = 5452389, upload-time = "2025-08-17T18:21:56.822Z" }, + { url = "https://files.pythonhosted.org/packages/55/8a/81671f05619edbacd49bd84ce6899a09fc8299be20c09ae92f6618ccb92d/zstandard-0.24.0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:a0f6fc2ea6e07e20df48752e7700e02e1892c61f9a6bfbacaf2c5b24d5ad504b", size = 5558888, upload-time = "2025-08-17T18:21:58.68Z" }, + { url = "https://files.pythonhosted.org/packages/49/cc/e83feb2d7d22d1f88434defbaeb6e5e91f42a4f607b5d4d2d58912b69d67/zstandard-0.24.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:e46eb6702691b24ddb3e31e88b4a499e31506991db3d3724a85bd1c5fc3cfe4e", size = 5048038, upload-time = "2025-08-17T18:22:00.642Z" }, + { url = "https://files.pythonhosted.org/packages/08/c3/7a5c57ff49ef8943877f85c23368c104c2aea510abb339a2dc31ad0a27c3/zstandard-0.24.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:d5e3b9310fd7f0d12edc75532cd9a56da6293840c84da90070d692e0bb15f186", size = 5573833, upload-time = "2025-08-17T18:22:02.402Z" }, + { url = "https://files.pythonhosted.org/packages/f9/00/64519983cd92535ba4bdd4ac26ac52db00040a52d6c4efb8d1764abcc343/zstandard-0.24.0-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:76cdfe7f920738ea871f035568f82bad3328cbc8d98f1f6988264096b5264efd", size = 4961072, upload-time = "2025-08-17T18:22:04.384Z" }, + { url = "https://files.pythonhosted.org/packages/72/ab/3a08a43067387d22994fc87c3113636aa34ccd2914a4d2d188ce365c5d85/zstandard-0.24.0-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:3f2fe35ec84908dddf0fbf66b35d7c2878dbe349552dd52e005c755d3493d61c", size = 5268462, upload-time = "2025-08-17T18:22:06.095Z" }, + { url = "https://files.pythonhosted.org/packages/49/cf/2abb3a1ad85aebe18c53e7eca73223f1546ddfa3bf4d2fb83fc5a064c5ca/zstandard-0.24.0-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:aa705beb74ab116563f4ce784fa94771f230c05d09ab5de9c397793e725bb1db", size = 5443319, upload-time = "2025-08-17T18:22:08.572Z" }, + { url = "https://files.pythonhosted.org/packages/40/42/0dd59fc2f68f1664cda11c3b26abdf987f4e57cb6b6b0f329520cd074552/zstandard-0.24.0-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:aadf32c389bb7f02b8ec5c243c38302b92c006da565e120dfcb7bf0378f4f848", size = 5822355, upload-time = "2025-08-17T18:22:10.537Z" }, + { url = "https://files.pythonhosted.org/packages/99/c0/ea4e640fd4f7d58d6f87a1e7aca11fb886ac24db277fbbb879336c912f63/zstandard-0.24.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:e40cd0fc734aa1d4bd0e7ad102fd2a1aefa50ce9ef570005ffc2273c5442ddc3", size = 5365257, upload-time = "2025-08-17T18:22:13.159Z" }, + { url = "https://files.pythonhosted.org/packages/27/a9/92da42a5c4e7e4003271f2e1f0efd1f37cfd565d763ad3604e9597980a1c/zstandard-0.24.0-cp311-cp311-win32.whl", hash = "sha256:cda61c46343809ecda43dc620d1333dd7433a25d0a252f2dcc7667f6331c7b61", size = 435559, upload-time = "2025-08-17T18:22:17.29Z" }, + { url = "https://files.pythonhosted.org/packages/e2/8e/2c8e5c681ae4937c007938f954a060fa7c74f36273b289cabdb5ef0e9a7e/zstandard-0.24.0-cp311-cp311-win_amd64.whl", hash = "sha256:3b95fc06489aa9388400d1aab01a83652bc040c9c087bd732eb214909d7fb0dd", size = 505070, upload-time = "2025-08-17T18:22:14.808Z" }, + { url = "https://files.pythonhosted.org/packages/52/10/a2f27a66bec75e236b575c9f7b0d7d37004a03aa2dcde8e2decbe9ed7b4d/zstandard-0.24.0-cp311-cp311-win_arm64.whl", hash = "sha256:ad9fd176ff6800a0cf52bcf59c71e5de4fa25bf3ba62b58800e0f84885344d34", size = 461507, upload-time = "2025-08-17T18:22:15.964Z" }, + { url = "https://files.pythonhosted.org/packages/26/e9/0bd281d9154bba7fc421a291e263911e1d69d6951aa80955b992a48289f6/zstandard-0.24.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:a2bda8f2790add22773ee7a4e43c90ea05598bffc94c21c40ae0a9000b0133c3", size = 795710, upload-time = "2025-08-17T18:22:19.189Z" }, + { url = "https://files.pythonhosted.org/packages/36/26/b250a2eef515caf492e2d86732e75240cdac9d92b04383722b9753590c36/zstandard-0.24.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:cc76de75300f65b8eb574d855c12518dc25a075dadb41dd18f6322bda3fe15d5", size = 640336, upload-time = "2025-08-17T18:22:20.466Z" }, + { url = "https://files.pythonhosted.org/packages/79/bf/3ba6b522306d9bf097aac8547556b98a4f753dc807a170becaf30dcd6f01/zstandard-0.24.0-cp312-cp312-manylinux2010_i686.manylinux2014_i686.manylinux_2_12_i686.manylinux_2_17_i686.whl", hash = "sha256:d2b3b4bda1a025b10fe0269369475f420177f2cb06e0f9d32c95b4873c9f80b8", size = 5342533, upload-time = "2025-08-17T18:22:22.326Z" }, + { url = "https://files.pythonhosted.org/packages/ea/ec/22bc75bf054e25accdf8e928bc68ab36b4466809729c554ff3a1c1c8bce6/zstandard-0.24.0-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:9b84c6c210684286e504022d11ec294d2b7922d66c823e87575d8b23eba7c81f", size = 5062837, upload-time = "2025-08-17T18:22:24.416Z" }, + { url = "https://files.pythonhosted.org/packages/48/cc/33edfc9d286e517fb5b51d9c3210e5bcfce578d02a675f994308ca587ae1/zstandard-0.24.0-cp312-cp312-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:c59740682a686bf835a1a4d8d0ed1eefe31ac07f1c5a7ed5f2e72cf577692b00", size = 5393855, upload-time = "2025-08-17T18:22:26.786Z" }, + { url = "https://files.pythonhosted.org/packages/73/36/59254e9b29da6215fb3a717812bf87192d89f190f23817d88cb8868c47ac/zstandard-0.24.0-cp312-cp312-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:6324fde5cf5120fbf6541d5ff3c86011ec056e8d0f915d8e7822926a5377193a", size = 5451058, upload-time = "2025-08-17T18:22:28.885Z" }, + { url = "https://files.pythonhosted.org/packages/9a/c7/31674cb2168b741bbbe71ce37dd397c9c671e73349d88ad3bca9e9fae25b/zstandard-0.24.0-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:51a86bd963de3f36688553926a84e550d45d7f9745bd1947d79472eca27fcc75", size = 5546619, upload-time = "2025-08-17T18:22:31.115Z" }, + { url = "https://files.pythonhosted.org/packages/e6/01/1a9f22239f08c00c156f2266db857545ece66a6fc0303d45c298564bc20b/zstandard-0.24.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:d82ac87017b734f2fb70ff93818c66f0ad2c3810f61040f077ed38d924e19980", size = 5046676, upload-time = "2025-08-17T18:22:33.077Z" }, + { url = "https://files.pythonhosted.org/packages/a7/91/6c0cf8fa143a4988a0361380ac2ef0d7cb98a374704b389fbc38b5891712/zstandard-0.24.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:92ea7855d5bcfb386c34557516c73753435fb2d4a014e2c9343b5f5ba148b5d8", size = 5576381, upload-time = "2025-08-17T18:22:35.391Z" }, + { url = "https://files.pythonhosted.org/packages/e2/77/1526080e22e78871e786ccf3c84bf5cec9ed25110a9585507d3c551da3d6/zstandard-0.24.0-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:3adb4b5414febf074800d264ddf69ecade8c658837a83a19e8ab820e924c9933", size = 4953403, upload-time = "2025-08-17T18:22:37.266Z" }, + { url = "https://files.pythonhosted.org/packages/6e/d0/a3a833930bff01eab697eb8abeafb0ab068438771fa066558d96d7dafbf9/zstandard-0.24.0-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:6374feaf347e6b83ec13cc5dcfa70076f06d8f7ecd46cc71d58fac798ff08b76", size = 5267396, upload-time = "2025-08-17T18:22:39.757Z" }, + { url = "https://files.pythonhosted.org/packages/f3/5e/90a0db9a61cd4769c06374297ecfcbbf66654f74cec89392519deba64d76/zstandard-0.24.0-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:13fc548e214df08d896ee5f29e1f91ee35db14f733fef8eabea8dca6e451d1e2", size = 5433269, upload-time = "2025-08-17T18:22:42.131Z" }, + { url = "https://files.pythonhosted.org/packages/ce/58/fc6a71060dd67c26a9c5566e0d7c99248cbe5abfda6b3b65b8f1a28d59f7/zstandard-0.24.0-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:0a416814608610abf5488889c74e43ffa0343ca6cf43957c6b6ec526212422da", size = 5814203, upload-time = "2025-08-17T18:22:44.017Z" }, + { url = "https://files.pythonhosted.org/packages/5c/6a/89573d4393e3ecbfa425d9a4e391027f58d7810dec5cdb13a26e4cdeef5c/zstandard-0.24.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:0d66da2649bb0af4471699aeb7a83d6f59ae30236fb9f6b5d20fb618ef6c6777", size = 5359622, upload-time = "2025-08-17T18:22:45.802Z" }, + { url = "https://files.pythonhosted.org/packages/60/ff/2cbab815d6f02a53a9d8d8703bc727d8408a2e508143ca9af6c3cca2054b/zstandard-0.24.0-cp312-cp312-win32.whl", hash = "sha256:ff19efaa33e7f136fe95f9bbcc90ab7fb60648453b03f95d1de3ab6997de0f32", size = 435968, upload-time = "2025-08-17T18:22:49.493Z" }, + { url = "https://files.pythonhosted.org/packages/ce/a3/8f96b8ddb7ad12344218fbd0fd2805702dafd126ae9f8a1fb91eef7b33da/zstandard-0.24.0-cp312-cp312-win_amd64.whl", hash = "sha256:bc05f8a875eb651d1cc62e12a4a0e6afa5cd0cc231381adb830d2e9c196ea895", size = 505195, upload-time = "2025-08-17T18:22:47.193Z" }, + { url = "https://files.pythonhosted.org/packages/a3/4a/bfca20679da63bfc236634ef2e4b1b4254203098b0170e3511fee781351f/zstandard-0.24.0-cp312-cp312-win_arm64.whl", hash = "sha256:b04c94718f7a8ed7cdd01b162b6caa1954b3c9d486f00ecbbd300f149d2b2606", size = 461605, upload-time = "2025-08-17T18:22:48.317Z" }, + { url = "https://files.pythonhosted.org/packages/ec/ef/db949de3bf81ed122b8ee4db6a8d147a136fe070e1015f5a60d8a3966748/zstandard-0.24.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:e4ebb000c0fe24a6d0f3534b6256844d9dbf042fdf003efe5cf40690cf4e0f3e", size = 795700, upload-time = "2025-08-17T18:22:50.851Z" }, + { url = "https://files.pythonhosted.org/packages/99/56/fc04395d6f5eabd2fe6d86c0800d198969f3038385cb918bfbe94f2b0c62/zstandard-0.24.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:498f88f5109666c19531f0243a90d2fdd2252839cd6c8cc6e9213a3446670fa8", size = 640343, upload-time = "2025-08-17T18:22:51.999Z" }, + { url = "https://files.pythonhosted.org/packages/9b/0f/0b0e0d55f2f051d5117a0d62f4f9a8741b3647440c0ee1806b7bd47ed5ae/zstandard-0.24.0-cp313-cp313-manylinux2010_i686.manylinux2014_i686.manylinux_2_12_i686.manylinux_2_17_i686.whl", hash = "sha256:0a9e95ceb180ccd12a8b3437bac7e8a8a089c9094e39522900a8917745542184", size = 5342571, upload-time = "2025-08-17T18:22:53.734Z" }, + { url = "https://files.pythonhosted.org/packages/5d/43/d74e49f04fbd62d4b5d89aeb7a29d693fc637c60238f820cd5afe6ca8180/zstandard-0.24.0-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:bcf69e0bcddbf2adcfafc1a7e864edcc204dd8171756d3a8f3340f6f6cc87b7b", size = 5062723, upload-time = "2025-08-17T18:22:55.624Z" }, + { url = "https://files.pythonhosted.org/packages/8e/97/df14384d4d6a004388e6ed07ded02933b5c7e0833a9150c57d0abc9545b7/zstandard-0.24.0-cp313-cp313-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:10e284748a7e7fbe2815ca62a9d6e84497d34cfdd0143fa9e8e208efa808d7c4", size = 5393282, upload-time = "2025-08-17T18:22:57.655Z" }, + { url = "https://files.pythonhosted.org/packages/7e/09/8f5c520e59a4d41591b30b7568595eda6fd71c08701bb316d15b7ed0613a/zstandard-0.24.0-cp313-cp313-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:1bda8a85e5b9d5e73af2e61b23609a8cc1598c1b3b2473969912979205a1ff25", size = 5450895, upload-time = "2025-08-17T18:22:59.749Z" }, + { url = "https://files.pythonhosted.org/packages/d9/3d/02aba892327a67ead8cba160ee835cfa1fc292a9dcb763639e30c07da58b/zstandard-0.24.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:1b14bc92af065d0534856bf1b30fc48753163ea673da98857ea4932be62079b1", size = 5546353, upload-time = "2025-08-17T18:23:01.457Z" }, + { url = "https://files.pythonhosted.org/packages/6a/6e/96c52afcde44da6a5313a1f6c356349792079808f12d8b69a7d1d98ef353/zstandard-0.24.0-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:b4f20417a4f511c656762b001ec827500cbee54d1810253c6ca2df2c0a307a5f", size = 5046404, upload-time = "2025-08-17T18:23:03.418Z" }, + { url = "https://files.pythonhosted.org/packages/da/b6/eefee6b92d341a7db7cd1b3885d42d30476a093720fb5c181e35b236d695/zstandard-0.24.0-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:337572a7340e1d92fd7fb5248c8300d0e91071002d92e0b8cabe8d9ae7b58159", size = 5576095, upload-time = "2025-08-17T18:23:05.331Z" }, + { url = "https://files.pythonhosted.org/packages/a3/29/743de3131f6239ba6611e17199581e6b5e0f03f268924d42468e29468ca0/zstandard-0.24.0-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:df4be1cf6e8f0f2bbe2a3eabfff163ef592c84a40e1a20a8d7db7f27cfe08fc2", size = 4953448, upload-time = "2025-08-17T18:23:07.225Z" }, + { url = "https://files.pythonhosted.org/packages/c9/11/bd36ef49fba82e307d69d93b5abbdcdc47d6a0bcbc7ffbbfe0ef74c2fec5/zstandard-0.24.0-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:6885ae4b33aee8835dbdb4249d3dfec09af55e705d74d9b660bfb9da51baaa8b", size = 5267388, upload-time = "2025-08-17T18:23:09.127Z" }, + { url = "https://files.pythonhosted.org/packages/c0/23/a4cfe1b871d3f1ce1f88f5c68d7e922e94be0043f3ae5ed58c11578d1e21/zstandard-0.24.0-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:663848a8bac4fdbba27feea2926049fdf7b55ec545d5b9aea096ef21e7f0b079", size = 5433383, upload-time = "2025-08-17T18:23:11.343Z" }, + { url = "https://files.pythonhosted.org/packages/77/26/f3fb85f00e732cca617d4b9cd1ffa6484f613ea07fad872a8bdc3a0ce753/zstandard-0.24.0-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:05d27c953f2e0a3ecc8edbe91d6827736acc4c04d0479672e0400ccdb23d818c", size = 5813988, upload-time = "2025-08-17T18:23:13.194Z" }, + { url = "https://files.pythonhosted.org/packages/3d/8c/d7e3b424b73f3ce66e754595cbcb6d94ff49790c9ac37d50e40e8145cd44/zstandard-0.24.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:77b8b7b98893eaf47da03d262816f01f251c2aa059c063ed8a45c50eada123a5", size = 5359756, upload-time = "2025-08-17T18:23:15.021Z" }, + { url = "https://files.pythonhosted.org/packages/90/6c/f1f0e11f1b295138f9da7e7ae22dcd9a1bb96a9544fa3b31507e431288f5/zstandard-0.24.0-cp313-cp313-win32.whl", hash = "sha256:cf7fbb4e54136e9a03c7ed7691843c4df6d2ecc854a2541f840665f4f2bb2edd", size = 435957, upload-time = "2025-08-17T18:23:18.835Z" }, + { url = "https://files.pythonhosted.org/packages/9f/03/ab8b82ae5eb49eca4d3662705399c44442666cc1ce45f44f2d263bb1ae31/zstandard-0.24.0-cp313-cp313-win_amd64.whl", hash = "sha256:d64899cc0f33a8f446f1e60bffc21fa88b99f0e8208750d9144ea717610a80ce", size = 505171, upload-time = "2025-08-17T18:23:16.44Z" }, + { url = "https://files.pythonhosted.org/packages/db/12/89a2ecdea4bc73a934a30b66a7cfac5af352beac94d46cf289e103b65c34/zstandard-0.24.0-cp313-cp313-win_arm64.whl", hash = "sha256:57be3abb4313e0dd625596376bbb607f40059d801d51c1a1da94d7477e63b255", size = 461596, upload-time = "2025-08-17T18:23:17.603Z" }, + { url = "https://files.pythonhosted.org/packages/c9/56/f3d2c4d64aacee4aab89e788783636884786b6f8334c819f09bff1aa207b/zstandard-0.24.0-cp314-cp314-macosx_10_13_x86_64.whl", hash = "sha256:b7fa260dd2731afd0dfa47881c30239f422d00faee4b8b341d3e597cface1483", size = 795747, upload-time = "2025-08-17T18:23:19.968Z" }, + { url = "https://files.pythonhosted.org/packages/32/2d/9d3e5f6627e4cb5e511803788be1feee2f0c3b94594591e92b81db324253/zstandard-0.24.0-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:e05d66239d14a04b4717998b736a25494372b1b2409339b04bf42aa4663bf251", size = 640475, upload-time = "2025-08-17T18:23:21.5Z" }, + { url = "https://files.pythonhosted.org/packages/be/5d/48e66abf8c146d95330e5385633a8cfdd556fa8bd14856fe721590cbab2b/zstandard-0.24.0-cp314-cp314-manylinux2010_i686.manylinux2014_i686.manylinux_2_12_i686.manylinux_2_17_i686.whl", hash = "sha256:622e1e04bd8a085994e02313ba06fbcf4f9ed9a488c6a77a8dbc0692abab6a38", size = 5343866, upload-time = "2025-08-17T18:23:23.351Z" }, + { url = "https://files.pythonhosted.org/packages/95/6c/65fe7ba71220a551e082e4a52790487f1d6bb8dfc2156883e088f975ad6d/zstandard-0.24.0-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:55872e818598319f065e8192ebefecd6ac05f62a43f055ed71884b0a26218f41", size = 5062719, upload-time = "2025-08-17T18:23:25.192Z" }, + { url = "https://files.pythonhosted.org/packages/cb/68/15ed0a813ff91be80cc2a610ac42e0fc8d29daa737de247bbf4bab9429a1/zstandard-0.24.0-cp314-cp314-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:bb2446a55b3a0fd8aa02aa7194bd64740015464a2daaf160d2025204e1d7c282", size = 5393090, upload-time = "2025-08-17T18:23:27.145Z" }, + { url = "https://files.pythonhosted.org/packages/d4/89/e560427b74fa2da6a12b8f3af8ee29104fe2bb069a25e7d314c35eec7732/zstandard-0.24.0-cp314-cp314-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:2825a3951f945fb2613ded0f517d402b1e5a68e87e0ee65f5bd224a8333a9a46", size = 5450383, upload-time = "2025-08-17T18:23:29.044Z" }, + { url = "https://files.pythonhosted.org/packages/a3/95/0498328cbb1693885509f2fc145402b108b750a87a3af65b7250b10bd896/zstandard-0.24.0-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:09887301001e7a81a3618156bc1759e48588de24bddfdd5b7a4364da9a8fbc20", size = 5546142, upload-time = "2025-08-17T18:23:31.281Z" }, + { url = "https://files.pythonhosted.org/packages/8a/8a/64aa15a726594df3bf5d8decfec14fe20cd788c60890f44fcfc74d98c2cc/zstandard-0.24.0-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:98ca91dc9602cf351497d5600aa66e6d011a38c085a8237b370433fcb53e3409", size = 4953456, upload-time = "2025-08-17T18:23:33.234Z" }, + { url = "https://files.pythonhosted.org/packages/b0/b6/e94879c5cd6017af57bcba08519ed1228b1ebb15681efd949f4a00199449/zstandard-0.24.0-cp314-cp314-musllinux_1_2_i686.whl", hash = "sha256:e69f8e534b4e254f523e2f9d4732cf9c169c327ca1ce0922682aac9a5ee01155", size = 5268287, upload-time = "2025-08-17T18:23:35.145Z" }, + { url = "https://files.pythonhosted.org/packages/fd/e5/1a3b3a93f953dbe9e77e2a19be146e9cd2af31b67b1419d6cc8e8898d409/zstandard-0.24.0-cp314-cp314-musllinux_1_2_ppc64le.whl", hash = "sha256:444633b487a711e34f4bccc46a0c5dfbe1aee82c1a511e58cdc16f6bd66f187c", size = 5433197, upload-time = "2025-08-17T18:23:36.969Z" }, + { url = "https://files.pythonhosted.org/packages/39/83/b6eb1e1181de994b29804e1e0d2dc677bece4177f588c71653093cb4f6d5/zstandard-0.24.0-cp314-cp314-musllinux_1_2_s390x.whl", hash = "sha256:f7d3fe9e1483171e9183ffdb1fab07c5fef80a9c3840374a38ec2ab869ebae20", size = 5813161, upload-time = "2025-08-17T18:23:38.812Z" }, + { url = "https://files.pythonhosted.org/packages/f6/d3/2fb4166561591e9d75e8e35c79182aa9456644e2f4536f29e51216d1c513/zstandard-0.24.0-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:27b6fa72b57824a3f7901fc9cc4ce1c1c834b28f3a43d1d4254c64c8f11149d4", size = 5359831, upload-time = "2025-08-17T18:23:41.162Z" }, + { url = "https://files.pythonhosted.org/packages/11/94/6a9227315b774f64a67445f62152c69b4e5e49a52a3c7c4dad8520a55e20/zstandard-0.24.0-cp314-cp314-win32.whl", hash = "sha256:fdc7a52a4cdaf7293e10813fd6a3abc0c7753660db12a3b864ab1fb5a0c60c16", size = 444448, upload-time = "2025-08-17T18:23:45.151Z" }, + { url = "https://files.pythonhosted.org/packages/fc/de/67acaba311013e0798cb96d1a2685cb6edcdfc1cae378b297ea7b02c319f/zstandard-0.24.0-cp314-cp314-win_amd64.whl", hash = "sha256:656ed895b28c7e42dd5b40dfcea3217cfc166b6b7eef88c3da2f5fc62484035b", size = 516075, upload-time = "2025-08-17T18:23:42.8Z" }, + { url = "https://files.pythonhosted.org/packages/10/ae/45fd8921263cea0228b20aa31bce47cc66016b2aba1afae1c6adcc3dbb1f/zstandard-0.24.0-cp314-cp314-win_arm64.whl", hash = "sha256:0101f835da7de08375f380192ff75135527e46e3f79bef224e3c49cb640fef6a", size = 476847, upload-time = "2025-08-17T18:23:43.892Z" }, +] From 7af45bc95b5c4fb9d17580ab90f6cfd8382d9dd6 Mon Sep 17 00:00:00 2001 From: Douglas Date: Sun, 24 Aug 2025 17:02:03 -0700 Subject: [PATCH 098/149] Fixed an issue where when there were new alerts the CLI wasn't correctly failing (#114) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/messages.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 1783718..7598d6f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.4" +version = "2.2.5" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c70ff49..7c2fa0f 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.4' +__version__ = '2.2.5' diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index 42a4fd1..f062114 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -283,7 +283,7 @@ def create_security_comment_sarif(diff) -> dict: @staticmethod def create_security_comment_json(diff: Diff) -> dict: scan_failed = False - if len(diff.new_alerts) == 0: + if len(diff.new_alerts) > 0: for alert in diff.new_alerts: alert: Issue if alert.error: From 461f495b09e08db25d0317b02607d0be28ec4802 Mon Sep 17 00:00:00 2001 From: Tommy Ho Date: Wed, 3 Sep 2025 21:20:47 -0500 Subject: [PATCH 099/149] feat: add merge commit detection support (#116) --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/git_interface.py | 80 +++++++++++++++++++++++++++- 3 files changed, 80 insertions(+), 4 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 7598d6f..37ad7cb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.5" +version = "2.2.6" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 7c2fa0f..3a4e477 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.5' +__version__ = '2.2.6' diff --git a/socketsecurity/core/git_interface.py b/socketsecurity/core/git_interface.py index ed1fc0e..84eec25 100644 --- a/socketsecurity/core/git_interface.py +++ b/socketsecurity/core/git_interface.py @@ -218,8 +218,21 @@ def __init__(self, path: str): log.debug(f"Failed to get changed files via git diff (Bitbucket): {error}") # Fallback to git show for single commit if not detected: - self.show_files = self.repo.git.show(self.commit, name_only=True, format="%n").splitlines() - log.debug(f"Changed files detected via git show: {self.show_files}") + # Check if this is a merge commit first + if self._is_merge_commit(): + # For merge commits, use git diff with parent + if self._detect_merge_commit_changes(): + detected = True + else: + # Fallback to git show if merge detection fails + self.show_files = self.repo.git.show(self.commit, name_only=True, format="%n").splitlines() + log.debug(f"Changed files detected via git show (merge commit fallback): {self.show_files}") + detected = True + else: + # Regular single commit + self.show_files = self.repo.git.show(self.commit, name_only=True, format="%n").splitlines() + log.debug(f"Changed files detected via git show: {self.show_files}") + detected = True self.changed_files = [] for item in self.show_files: if item != "": @@ -380,6 +393,69 @@ def get_formatted_committer(self) -> str: log.debug("Using fallback committer: unknown") return "unknown" + def _is_merge_commit(self) -> bool: + """ + Check if the current commit is a merge commit. + + Returns: + True if this is a merge commit (has multiple parents), False otherwise + """ + try: + # A merge commit has multiple parents + is_merge = len(self.commit.parents) > 1 + log.debug(f"Commit {self.commit.hexsha[:8]} has {len(self.commit.parents)} parents, is_merge: {is_merge}") + return is_merge + except Exception as error: + log.debug(f"Error checking if commit is merge commit: {error}") + return False + + def _detect_merge_commit_changes(self) -> bool: + """ + Detect changed files in a merge commit using git diff with parent. + + This method handles the case where git show --name-only doesn't work + for merge commits (expected Git behavior). + + Returns: + True if detection was successful, False otherwise + """ + try: + if not self._is_merge_commit(): + log.debug("Not a merge commit, skipping merge commit detection") + return False + + # For merge commits, we need to diff against a parent + # We'll use the first parent (typically the target branch) + if not self.commit.parents: + log.debug("Merge commit has no parents - cannot perform merge-aware diff") + return False + + parent_commit = self.commit.parents[0] + + # Verify parent commit is accessible + try: + parent_sha = parent_commit.hexsha + # Quick validation that parent exists + self.repo.commit(parent_sha) + except Exception as parent_error: + log.error(f"Cannot resolve parent commit {parent_sha}: {parent_error}") + return False + + # Use git diff to show changes from parent to merge commit + diff_range = f'{parent_sha}..{self.commit.hexsha}' + log.debug(f"Attempting merge commit diff: git diff --name-only {diff_range}") + + diff_files = self.repo.git.diff('--name-only', diff_range) + self.show_files = diff_files.splitlines() + + log.debug(f"Changed files detected via git diff (merge commit): {self.show_files}") + log.info(f"Changed file detection: method=merge-diff, source=merge-commit-fallback, files={len(self.show_files)}") + return True + + except Exception as error: + log.debug(f"Failed to detect merge commit changes: {error}") + return False + def get_default_branch_name(self) -> str: """ Get the default branch name from the remote origin. From 8bd8b837afab0f1c37cf013647a077178ee593f2 Mon Sep 17 00:00:00 2001 From: Tommy Ho Date: Wed, 3 Sep 2025 21:33:00 -0500 Subject: [PATCH 100/149] chore: add slack debugging (#117) * chore: add slack webhook debugging * Version bump --------- Co-authored-by: Douglas Co-authored-by: Douglas Coburn --- pyproject.toml | 3 ++- socketsecurity/__init__.py | 2 +- socketsecurity/output.py | 16 ++++++++++++++++ socketsecurity/plugins/slack.py | 12 ++++++++++++ 4 files changed, 31 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 37ad7cb..1311b95 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.6" +version = "2.2.7" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -52,6 +52,7 @@ dev = [ [project.scripts] socketcli = "socketsecurity.socketcli:cli" +socketclidev = "socketsecurity.socketcli:cli" [project.urls] Homepage = "https://socket.dev" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 3a4e477..8210ef3 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.6' +__version__ = '2.2.7' diff --git a/socketsecurity/output.py b/socketsecurity/output.py index eca30a2..2948bb2 100644 --- a/socketsecurity/output.py +++ b/socketsecurity/output.py @@ -34,6 +34,22 @@ def handle_output(self, diff_report: Diff) -> None: plugin_mgr = PluginManager({"jira": jira_config}) plugin_mgr.send(diff_report, config=self.config) + # Debug Slack webhook configuration when debug is enabled (always show when debug is on) + if self.config.enable_debug: + import os + slack_enabled_env = os.getenv("SOCKET_SLACK_ENABLED", "Not set") + slack_config_env = os.getenv("SOCKET_SLACK_CONFIG_JSON", "Not set") + slack_url = "Not configured" + if self.config.slack_plugin.config and self.config.slack_plugin.config.get("url"): + slack_url = self.config.slack_plugin.config.get("url") + self.logger.debug("=== Slack Webhook Debug Information ===") + self.logger.debug(f"Slack Plugin Enabled: {self.config.slack_plugin.enabled}") + self.logger.debug(f"SOCKET_SLACK_ENABLED environment variable: {slack_enabled_env}") + self.logger.debug(f"SOCKET_SLACK_CONFIG_JSON environment variable: {slack_config_env}") + self.logger.debug(f"Slack Webhook URL: {slack_url}") + self.logger.debug(f"Slack Alert Levels: {self.config.slack_plugin.levels}") + self.logger.debug("=====================================") + if self.config.slack_plugin.enabled: slack_config = { "enabled": self.config.slack_plugin.enabled, diff --git a/socketsecurity/plugins/slack.py b/socketsecurity/plugins/slack.py index 0c592dc..a1d1c43 100644 --- a/socketsecurity/plugins/slack.py +++ b/socketsecurity/plugins/slack.py @@ -15,9 +15,13 @@ def get_name(): def send(self, diff, config: CliConfig): if not self.config.get("enabled", False): + if config.enable_debug: + logger.debug("Slack plugin is disabled - skipping webhook notification") return if not self.config.get("url"): logger.warning("Slack webhook URL not configured.") + if config.enable_debug: + logger.debug("Slack webhook URL is missing from configuration") return else: url = self.config.get("url") @@ -31,6 +35,12 @@ def send(self, diff, config: CliConfig): message = self.create_slack_blocks_from_diff(diff, config) logger.debug(f"Sending message to {url}") + + if config.enable_debug: + logger.debug(f"Slack webhook URL: {url}") + logger.debug(f"Number of alerts to send: {len(diff.new_alerts)}") + logger.debug(f"Message blocks count: {len(message)}") + response = requests.post( url, json={"blocks": message} @@ -38,6 +48,8 @@ def send(self, diff, config: CliConfig): if response.status_code >= 400: logger.error("Slack error %s: %s", response.status_code, response.text) + elif config.enable_debug: + logger.debug(f"Slack webhook response: {response.status_code}") @staticmethod def create_slack_blocks_from_diff(diff: Diff, config: CliConfig): From 656a458793f13f81a8f37b143172175d69c74039 Mon Sep 17 00:00:00 2001 From: Douglas Date: Tue, 9 Sep 2025 11:55:34 -0700 Subject: [PATCH 101/149] feat: Add SCM-aware manifest file URL generation and fix report links (#119) - Add get_manifest_file_url() method with GitHub/GitLab/Bitbucket support - Support environment variables for custom SCM servers (GitHub Enterprise, self-hosted GitLab, Bitbucket Server) - Fix manifest file links in security comments to use proper SCM URLs instead of Socket dashboard URLs - Fix 'View full report' links to use diff_url for PRs and report_url for non-PR scans - Add base_path parameter to create_full_scan() for improved path handling - Update socketdev dependency to >=3.0.5 for latest features - Add os module import for environment variable access - Update type hints for better code clarity --- pyproject.toml | 4 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/__init__.py | 11 +-- socketsecurity/core/messages.py | 115 ++++++++++++++++++++++++++++++-- socketsecurity/socketcli.py | 2 +- uv.lock | 10 +-- 6 files changed, 123 insertions(+), 21 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 1311b95..ff7c2cb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.7" +version = "2.2.8" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socketdev>=3.0.0,<4.0.0' + 'socketdev>=3.0.5,<4.0.0' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 8210ef3..8625d2e 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.7' +__version__ = '2.2.8' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 3edd097..30275b9 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -451,13 +451,14 @@ def empty_head_scan_file() -> List[str]: log.debug(f"Created temporary empty file for baseline scan: {temp_path}") return [temp_path] - def create_full_scan(self, files: List[str], params: FullScanParams) -> FullScan: + def create_full_scan(self, files: List[str], params: FullScanParams, base_path: str = None) -> FullScan: """ Creates a new full scan via the Socket API. Args: files: List of file paths to scan params: Parameters for the full scan + base_path: Base path for the scan (optional) Returns: FullScan object with scan results @@ -465,7 +466,7 @@ def create_full_scan(self, files: List[str], params: FullScanParams) -> FullScan log.info("Creating new full scan") create_full_start = time.time() - res = self.sdk.fullscans.post(files, params, use_types=True, use_lazy_loading=True, max_open_files=50) + res = self.sdk.fullscans.post(files, params, use_types=True, use_lazy_loading=True, max_open_files=50, base_path=base_path) if not res.success: log.error(f"Error creating full scan: {res.message}, status: {res.status}") raise Exception(f"Error creating full scan: {res.message}, status: {res.status}") @@ -523,7 +524,7 @@ def create_full_scan_with_report_url( try: # Create new scan new_scan_start = time.time() - new_full_scan = self.create_full_scan(files, params) + new_full_scan = self.create_full_scan(files, params, base_path=path) new_scan_end = time.time() log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") except APIFailure as e: @@ -899,7 +900,7 @@ def create_new_diff( # Create baseline scan with empty file empty_files = Core.empty_head_scan_file() try: - head_full_scan = self.create_full_scan(empty_files, tmp_params) + head_full_scan = self.create_full_scan(empty_files, tmp_params, base_path=path) head_full_scan_id = head_full_scan.id log.debug(f"Created empty baseline scan: {head_full_scan_id}") @@ -922,7 +923,7 @@ def create_new_diff( # Create new scan try: new_scan_start = time.time() - new_full_scan = self.create_full_scan(files, params) + new_full_scan = self.create_full_scan(files, params, base_path=path) new_scan_end = time.time() log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") except APIFailure as e: diff --git a/socketsecurity/core/messages.py b/socketsecurity/core/messages.py index f062114..6412b4d 100644 --- a/socketsecurity/core/messages.py +++ b/socketsecurity/core/messages.py @@ -1,5 +1,6 @@ import json import logging +import os import re from pathlib import Path from mdutils import MdUtils @@ -29,6 +30,92 @@ def map_severity_to_sarif(severity: str) -> str: } return severity_mapping.get(severity.lower(), "note") + @staticmethod + def get_manifest_file_url(diff: Diff, manifest_path: str, config=None) -> str: + """ + Generate proper URL for manifest file based on the repository type and diff URL. + + :param diff: Diff object containing diff_url and report_url + :param manifest_path: Path to the manifest file (can contain multiple files separated by ';') + :param config: Configuration object to determine SCM type + :return: Properly formatted URL for the manifest file + """ + if not manifest_path: + return "" + + # Handle multiple manifest files separated by ';' - use the first one + first_manifest = manifest_path.split(';')[0] if ';' in manifest_path else manifest_path + + # Clean up the manifest path - remove build agent paths and normalize + clean_path = first_manifest + + # Remove common build agent path prefixes + prefixes_to_remove = [ + 'opt/buildagent/work/', + '/opt/buildagent/work/', + 'home/runner/work/', + '/home/runner/work/', + ] + + for prefix in prefixes_to_remove: + if clean_path.startswith(prefix): + # Find the part after the build ID (usually a hash) + parts = clean_path[len(prefix):].split('/', 2) + if len(parts) >= 3: + clean_path = parts[2] # Take everything after build ID and repo name + break + + # Remove leading slashes + clean_path = clean_path.lstrip('/') + + # Determine SCM type from config or diff_url + scm_type = "api" # Default to API + if config and hasattr(config, 'scm'): + scm_type = config.scm.lower() + elif hasattr(diff, 'diff_url') and diff.diff_url: + diff_url = diff.diff_url.lower() + if 'github.com' in diff_url or 'github' in diff_url: + scm_type = "github" + elif 'gitlab' in diff_url: + scm_type = "gitlab" + elif 'bitbucket' in diff_url: + scm_type = "bitbucket" + + # Generate URL based on SCM type using config information + # NEVER use diff.diff_url for SCM URLs - those are Socket URLs for "View report" links + if scm_type == "github": + if config and hasattr(config, 'repo') and config.repo: + # Get branch from config, default to main + branch = getattr(config, 'branch', 'main') if hasattr(config, 'branch') and config.branch else 'main' + # Construct GitHub URL from repo info (could be github.com or GitHub Enterprise) + github_server = os.getenv('GITHUB_SERVER_URL', 'https://github.com') + return f"{github_server}/{config.repo}/blob/{branch}/{clean_path}" + + elif scm_type == "gitlab": + if config and hasattr(config, 'repo') and config.repo: + # Get branch from config, default to main + branch = getattr(config, 'branch', 'main') if hasattr(config, 'branch') and config.branch else 'main' + # Construct GitLab URL from repo info (could be gitlab.com or self-hosted GitLab) + gitlab_server = os.getenv('CI_SERVER_URL', 'https://gitlab.com') + return f"{gitlab_server}/{config.repo}/-/blob/{branch}/{clean_path}" + + elif scm_type == "bitbucket": + if config and hasattr(config, 'repo') and config.repo: + # Get branch from config, default to main + branch = getattr(config, 'branch', 'main') if hasattr(config, 'branch') and config.branch else 'main' + # Construct Bitbucket URL from repo info (could be bitbucket.org or Bitbucket Server) + bitbucket_server = os.getenv('BITBUCKET_SERVER_URL', 'https://bitbucket.org') + return f"{bitbucket_server}/{config.repo}/src/{branch}/{clean_path}" + + # Fallback to Socket file view for API or unknown repository types + if hasattr(diff, 'report_url') and diff.report_url: + # Strip leading slash and URL encode for Socket dashboard + socket_path = clean_path.lstrip('/') + encoded_path = socket_path.replace('/', '%2F') + return f"{diff.report_url}?tab=files&file={encoded_path}" + + return "" + @staticmethod def find_line_in_file(packagename: str, packageversion: str, manifest_file: str) -> tuple: """ @@ -301,12 +388,13 @@ def create_security_comment_json(diff: Diff) -> dict: return output @staticmethod - def security_comment_template(diff: Diff) -> str: + def security_comment_template(diff: Diff, config=None) -> str: """ Generates the security comment template in the new required format. Dynamically determines placement of the alerts table if markers like `` are used. :param diff: Diff - Contains the detected vulnerabilities and warnings. + :param config: Optional configuration object to determine SCM type. :return: str - The formatted Markdown/HTML string. """ # Group license policy violations by PURL (ecosystem/package@version) @@ -348,6 +436,8 @@ def security_comment_template(diff: Diff) -> str: severity_icon = Messages.get_severity_icon(alert.severity) action = "Block" if alert.error else "Warn" details_open = "" + # Generate proper manifest URL + manifest_url = Messages.get_manifest_file_url(diff, alert.manifests, config) # Generate a table row for each alert comment += f""" @@ -360,7 +450,7 @@ def security_comment_template(diff: Diff) -> str:
    {alert.pkg_name}@{alert.pkg_version} - {alert.title}

    Note: {alert.description}

    -

    Source: Manifest File

    +

    Source: Manifest File

    ℹ️ Read more on: This package | This alert | @@ -405,8 +495,12 @@ def security_comment_template(diff: Diff) -> str: for finding in license_findings: comment += f"

  • {finding}
    • \n" + + # Generate proper manifest URL for license violations + license_manifest_url = Messages.get_manifest_file_url(diff, first_alert.manifests, config) + comment += f""" -

    From: {first_alert.manifests}

    +

    From: Manifest File

    ℹ️ Read more on: This package | What is a license policy violation?

    Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

    @@ -420,12 +514,19 @@ def security_comment_template(diff: Diff) -> str: """ # Close table - comment += """ + # Use diff_url for PRs, report_url for non-PR scans + view_report_url = "" + if hasattr(diff, 'diff_url') and diff.diff_url: + view_report_url = diff.diff_url + elif hasattr(diff, 'report_url') and diff.report_url: + view_report_url = diff.report_url + + comment += f""" -[View full report](https://socket.dev/...&action=error%2Cwarn) +[View full report]({view_report_url}?action=error%2Cwarn) """ return comment @@ -519,7 +620,7 @@ def create_acceptable_risk(md: MdUtils, ignore_commands: list) -> MdUtils: return md @staticmethod - def create_security_alert_table(diff: Diff, md: MdUtils) -> (MdUtils, list, dict): + def create_security_alert_table(diff: Diff, md: MdUtils) -> tuple[MdUtils, list, dict]: """ Creates the detected issues table based on the Security Policy :param diff: Diff - Diff report with the detected issues @@ -730,7 +831,7 @@ def create_console_security_alert_table(diff: Diff) -> PrettyTable: return alert_table @staticmethod - def create_sources(alert: Issue, style="md") -> [str, str]: + def create_sources(alert: Issue, style="md") -> tuple[str, str]: sources = [] manifests = [] diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 7731a5d..a0d071e 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -275,7 +275,7 @@ def main_code(): overview_comment = Messages.dependency_overview_template(diff) log.debug("Creating Security Issues Comment") - security_comment = Messages.security_comment_template(diff) + security_comment = Messages.security_comment_template(diff, config) new_security_comment = True new_overview_comment = True diff --git a/uv.lock b/uv.lock index 80b661a..3375542 100644 --- a/uv.lock +++ b/uv.lock @@ -1027,20 +1027,20 @@ wheels = [ [[package]] name = "socketdev" -version = "3.0.0" +version = "3.0.5" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "requests" }, { name = "typing-extensions" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/b6/4f/07cb8e4e827931527a3c04e3520dabed8f20ece5a5fb91e5a012e6bb2446/socketdev-3.0.0.tar.gz", hash = "sha256:27c22d3a016e06b916f373f78edd34dc6d7612da0ae845e8e383d58d7425e5bb", size = 101362, upload-time = "2025-08-23T22:59:02.855Z" } +sdist = { url = "https://files.pythonhosted.org/packages/19/b7/fe90d55105df76e9ff3af025f64b2d2b515c30ac0866a9973a093f25c5ed/socketdev-3.0.5.tar.gz", hash = "sha256:58cbe8613c3c892cdbae4941cb53f065051f8e991500d9d61618b214acf4ffc2", size = 129576, upload-time = "2025-09-09T07:15:48.232Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/58/c4/ed98ab0022f19c8e7ded5a2eaea0f0cabf829c6e7001bb7cf8ae112e964f/socketdev-3.0.0-py3-none-any.whl", hash = "sha256:f142f3b0d22a32479cf73bd35f9a0bdcd4896e494c60fdeb2999c0daa9682611", size = 48942, upload-time = "2025-08-23T22:59:01.134Z" }, + { url = "https://files.pythonhosted.org/packages/de/05/c3fc7d0418c2598302ad4b0baf111fa492b31a8fa14acfa394af6f55b373/socketdev-3.0.5-py3-none-any.whl", hash = "sha256:e050f50d2c6b4447107edd3368b56b053e1df62056d424cc1616e898303638ef", size = 55083, upload-time = "2025-09-09T07:15:46.52Z" }, ] [[package]] name = "socketsecurity" -version = "2.2.3" +version = "2.2.7" source = { editable = "." } dependencies = [ { name = "gitpython" }, @@ -1084,7 +1084,7 @@ requires-dist = [ { name = "python-dotenv" }, { name = "requests" }, { name = "ruff", marker = "extra == 'dev'", specifier = ">=0.3.0" }, - { name = "socketdev", specifier = ">=3.0.0,<4.0.0" }, + { name = "socketdev", specifier = ">=3.0.5,<4.0.0" }, { name = "twine", marker = "extra == 'dev'" }, { name = "uv", marker = "extra == 'dev'", specifier = ">=0.1.0" }, ] From 40fc69e6c699e0f23e05ef59e44cc6248c195051 Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 11 Sep 2025 21:28:50 -0700 Subject: [PATCH 102/149] feat: add monorepo workspace support with --sub-path and --workspace-name (#120) - Add --sub-path option to scan manifest files in a subdirectory while preserving git context from target-path - Add --workspace-name option to append suffix to repository name (repo-name-workspace_name) - Require both options to be used together with validation - Update scanning logic to use combined target_path + sub_path for manifest file detection - Modify repository naming to include workspace suffix when provided - Preserve git repository context (commits, branches, etc.) from main target-path - Enable Socket CLI to work with monorepo structures where manifests are in subdirectories This allows users to scan specific workspaces within a monorepo while maintaining proper git context and --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 24 +++++++++++++++++ socketsecurity/socketcli.py | 51 ++++++++++++++++++++++++++++++++----- 4 files changed, 70 insertions(+), 9 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index ff7c2cb..d8747c3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.8" +version = "2.2.9" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 8625d2e..2ba817a 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.8' +__version__ = '2.2.9' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index a6b5b2d..72a2327 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -60,6 +60,8 @@ class CliConfig: license_file_name: str = "license_output.json" save_submitted_files_list: Optional[str] = None save_manifest_tar: Optional[str] = None + sub_path: Optional[str] = None + workspace_name: Optional[str] = None @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': @@ -106,6 +108,8 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'license_file_name': args.license_file_name, 'save_submitted_files_list': args.save_submitted_files_list, 'save_manifest_tar': args.save_manifest_tar, + 'sub_path': args.sub_path, + 'workspace_name': args.workspace_name, 'version': __version__ } try: @@ -129,6 +133,14 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': if args.owner: config_args['integration_org_slug'] = args.owner + # Validate that sub_path and workspace_name are used together + if args.sub_path and not args.workspace_name: + logging.error("--sub-path requires --workspace-name to be specified") + exit(1) + if args.workspace_name and not args.sub_path: + logging.error("--workspace-name requires --sub-path to be specified") + exit(1) + return cls(**config_args) def to_dict(self) -> dict: @@ -285,6 +297,18 @@ def create_argument_parser() -> argparse.ArgumentParser: default="[]", help="Files to analyze (JSON array string)" ) + path_group.add_argument( + "--sub-path", + dest="sub_path", + metavar="", + help="Sub-path within target-path for manifest file scanning (while preserving git context from target-path)" + ) + path_group.add_argument( + "--workspace-name", + dest="workspace_name", + metavar="", + help="Workspace name suffix to append to repository name (repo-name-workspace_name)" + ) path_group.add_argument( "--excluded-ecosystems", diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index a0d071e..15ae755 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -136,13 +136,35 @@ def main_code(): raise Exception(f"Unable to find path {config.target_path}") if not config.repo: - config.repo = "socket-default-repo" + base_repo_name = "socket-default-repo" + if config.workspace_name: + config.repo = f"{base_repo_name}-{config.workspace_name}" + else: + config.repo = base_repo_name log.debug(f"Using default repository name: {config.repo}") if not config.branch: config.branch = "socket-default-branch" log.debug(f"Using default branch name: {config.branch}") + # Calculate the scan path - combine target_path with sub_path if provided + scan_path = config.target_path + if config.sub_path: + import os + scan_path = os.path.join(config.target_path, config.sub_path) + log.debug(f"Using sub-path for scanning: {scan_path}") + # Verify the scan path exists + if not os.path.exists(scan_path): + raise Exception(f"Sub-path does not exist: {scan_path}") + + # Modify repository name if workspace_name is provided + if config.workspace_name and config.repo: + config.repo = f"{config.repo}-{config.workspace_name}" + log.debug(f"Modified repository name with workspace suffix: {config.repo}") + elif config.workspace_name and not config.repo: + # If no repo name was set but workspace_name is provided, we'll use it later + log.debug(f"Workspace name provided: {config.workspace_name}") + scm = None if config.scm == "github": from socketsecurity.core.scm.github import Github, GithubConfig @@ -179,6 +201,21 @@ def main_code(): # Check if we have supported manifest files has_supported_files = files_to_check and core.has_manifest_files(files_to_check) + # If using sub_path, we need to check if manifest files exist in the scan path + if config.sub_path and not files_explicitly_specified: + # Override file checking to look in the scan path instead + import os + from pathlib import Path + + # Get manifest files from the scan path + try: + scan_files = core.find_files(scan_path) + has_supported_files = len(scan_files) > 0 + log.debug(f"Found {len(scan_files)} manifest files in scan path: {scan_path}") + except Exception as e: + log.debug(f"Error finding files in scan path {scan_path}: {e}") + has_supported_files = False + # Case 3: If no supported files or files are empty, force API mode (no PR comments) if not has_supported_files: force_api_mode = True @@ -264,7 +301,7 @@ def main_code(): log.info("Push initiated flow") if scm.check_event_type() == "diff": log.info("Starting comment logic for PR/MR event") - diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + diff = core.create_new_diff(scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) comments = scm.get_comments_for_pr() log.debug("Removing comment alerts") @@ -317,14 +354,14 @@ def main_code(): ) else: log.info("Starting non-PR/MR flow") - diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + diff = core.create_new_diff(scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) output_handler.handle_output(diff) elif config.enable_diff and not force_api_mode: # New logic: --enable-diff forces diff mode even with --integration api (no SCM) log.info("Diff mode enabled without SCM integration") - diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + diff = core.create_new_diff(scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) output_handler.handle_output(diff) elif config.enable_diff and force_api_mode: @@ -337,7 +374,7 @@ def main_code(): } log.debug(f"params={serializable_params}") diff = core.create_full_scan_with_report_url( - config.target_path, + scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, @@ -356,7 +393,7 @@ def main_code(): } log.debug(f"params={serializable_params}") diff = core.create_full_scan_with_report_url( - config.target_path, + scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, @@ -367,7 +404,7 @@ def main_code(): else: log.info("API Mode") diff = core.create_new_diff( - config.target_path, params, + scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar From 4672706514e8a3def2eb0fc127f21ecb120259c2 Mon Sep 17 00:00:00 2001 From: Douglas Date: Fri, 12 Sep 2025 12:29:37 -0700 Subject: [PATCH 103/149] Updated readme and updated sdk requirements (#121) * Updated readme and updated sdk requirements * feat: enhance monorepo support with multiple --sub-path options - Add support for multiple --sub-path arguments to scan different directories within a single workspace - Require --workspace-name when using --sub-path for proper workspace identification - Optimize base_paths parameter to pass target_path for simplified SDK integration - Update argument validation to enforce sub_paths and workspace_name pairing - Add comprehensive README documentation with monorepo examples and usage patterns - Include GitHub Actions workflow examples for monorepo CI/CD scenarios - Extend parameter table with detailed descriptions of new CLI options This enhancement enables scanning multiple directories (e.g., frontend, backend, services/api) as a single workspace while preserving git context from the repository root, making it ideal for organizations with monorepo structures. --- README.md | 78 ++++++++++++++++++++++++++------- pyproject.toml | 4 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 15 ++++--- socketsecurity/core/__init__.py | 66 ++++++++++++++++------------ socketsecurity/socketcli.py | 63 +++++++++++++++----------- 6 files changed, 150 insertions(+), 78 deletions(-) diff --git a/README.md b/README.md index 5295e95..89ff153 100644 --- a/README.md +++ b/README.md @@ -41,15 +41,60 @@ Pre-configured workflow examples are available in the [`workflows/`](workflows/) These examples are production-ready and include best practices for each platform. +## Monorepo Workspace Support + +The Socket CLI supports scanning specific workspaces within monorepo structures while preserving git context from the repository root. This is useful for organizations that maintain multiple applications or services in a single repository. + +### Key Features + +- **Multiple Sub-paths**: Specify multiple `--sub-path` options to scan different directories within your monorepo +- **Combined Workspace**: All sub-paths are scanned together as a single workspace in Socket +- **Git Context Preserved**: Repository metadata (commits, branches, etc.) comes from the main target-path +- **Workspace Naming**: Use `--workspace-name` to differentiate scans from different parts of your monorepo + +### Usage Examples + +**Scan multiple frontend and backend workspaces:** +```bash +socketcli --target-path /path/to/monorepo \ + --sub-path frontend \ + --sub-path backend \ + --sub-path services/api \ + --workspace-name main-app +``` + +**GitHub Actions for monorepo workspace:** +```bash +socketcli --target-path $GITHUB_WORKSPACE \ + --sub-path packages/web \ + --sub-path packages/mobile \ + --workspace-name mobile-web \ + --scm github \ + --pr-number $PR_NUMBER +``` + +This will: +- Scan manifest files in `./packages/web/` and `./packages/mobile/` +- Combine them into a single workspace scan +- Create a repository in Socket named like `my-repo-mobile-web` +- Preserve git context (commits, branch info) from the repository root + +### Requirements + +- Both `--sub-path` and `--workspace-name` must be specified together +- `--sub-path` can be used multiple times to include multiple directories +- All specified sub-paths must exist within the target-path + ## Usage ```` shell -socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH] - [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA] - [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--save-submitted-files-list SAVE_SUBMITTED_FILES_LIST] - [--default-branch] [--pending-head] [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] - [--disable-overview] [--disable-security-issue] [--allow-unverified] [--ignore-commit-files] [--disable-blocking] - [--scm SCM] [--timeout TIMEOUT] [--exclude-license-details] +socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--repo-is-public] [--branch BRANCH] [--integration {api,github,gitlab,azure,bitbucket}] + [--owner OWNER] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA] [--committers [COMMITTERS ...]] + [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--license-file-name LICENSE_FILE_NAME] [--save-submitted-files-list SAVE_SUBMITTED_FILES_LIST] + [--save-manifest-tar SAVE_MANIFEST_TAR] [--files FILES] [--sub-path SUB_PATH] [--workspace-name WORKSPACE_NAME] + [--excluded-ecosystems EXCLUDED_ECOSYSTEMS] [--default-branch] [--pending-head] [--generate-license] [--enable-debug] + [--enable-json] [--enable-sarif] [--disable-overview] [--exclude-license-details] [--allow-unverified] [--disable-security-issue] + [--ignore-commit-files] [--disable-blocking] [--enable-diff] [--scm SCM] [--timeout TIMEOUT] [--include-module-folders] [--version] ```` If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` @@ -65,11 +110,11 @@ If you don't want to provide the Socket API Token every time then you can use th | Parameter | Required | Default | Description | |:-----------------|:---------|:--------|:------------------------------------------------------------------------| | --repo | False | *auto* | Repository name in owner/repo format (auto-detected from git remote) | -| --integration | False | api | Integration type (api, github, gitlab) | +| --repo-is-public | False | False | If set, flags a new repository creation as public. Defaults to false. | +| --integration | False | api | Integration type (api, github, gitlab, azure, bitbucket) | | --owner | False | | Name of the integration owner, defaults to the socket organization slug | | --branch | False | *auto* | Branch name (auto-detected from git) | | --committers | False | *auto* | Committer(s) to filter by (auto-detected from git commit) | -| --repo-is-public | False | False | If set, flags a new repository creation as public. Defaults to false. | #### Pull Request and Commit | Parameter | Required | Default | Description | @@ -83,17 +128,20 @@ If you don't want to provide the Socket API Token every time then you can use th |:----------------------------|:---------|:----------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | --target-path | False | ./ | Target path for analysis | | --sbom-file | False | | SBOM file path | -| --files | False | *auto* | Files to analyze (JSON array string). Auto-detected from git commit changes when not specified | -| --excluded-ecosystems | False | [] | List of ecosystems to exclude from analysis (JSON array string). You can get supported files from the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) | | --license-file-name | False | `license_output.json` | Name of the file to save the license details to if enabled | | --save-submitted-files-list | False | | Save list of submitted file names to JSON file for debugging purposes | | --save-manifest-tar | False | | Save all manifest files to a compressed tar.gz archive with original directory structure | +| --files | False | *auto* | Files to analyze (JSON array string). Auto-detected from git commit changes when not specified | +| --sub-path | False | | Sub-path within target-path for manifest file scanning (can be specified multiple times). All sub-paths are combined into a single workspace scan while preserving git context from target-path. Must be used with --workspace-name | +| --workspace-name | False | | Workspace name suffix to append to repository name (repo-name-workspace_name). Must be used with --sub-path | +| --excluded-ecosystems | False | [] | List of ecosystems to exclude from analysis (JSON array string). You can get supported files from the [Supported Files API](https://docs.socket.dev/reference/getsupportedfiles) | #### Branch and Scan Configuration -| Parameter | Required | Default | Description | -|:-----------------|:---------|:--------|:------------------------------------------------------------------------------------------------------| -| --default-branch | False | *auto* | Make this branch the default branch (auto-detected from git and CI environment when not specified) | -| --pending-head | False | *auto* | If true, the new scan will be set as the branch's head scan (automatically synced with default-branch) | +| Parameter | Required | Default | Description | +|:-------------------------|:---------|:--------|:------------------------------------------------------------------------------------------------------| +| --default-branch | False | *auto* | Make this branch the default branch (auto-detected from git and CI environment when not specified) | +| --pending-head | False | *auto* | If true, the new scan will be set as the branch's head scan (automatically synced with default-branch) | +| --include-module-folders | False | False | If enabled will include manifest files from folders like node_modules | #### Output Configuration | Parameter | Required | Default | Description | @@ -104,6 +152,7 @@ If you don't want to provide the Socket API Token every time then you can use th | --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format | | --disable-overview | False | False | Disable overview output | | --exclude-license-details | False | False | Exclude license details from the diff report (boosts performance for large repos) | +| --version | False | False | Show program's version number and exit | #### Security Configuration | Parameter | Required | Default | Description | @@ -119,7 +168,6 @@ If you don't want to provide the Socket API Token every time then you can use th | --enable-diff | False | False | Enable diff mode even when using --integration api (forces diff mode without SCM integration) | | --scm | False | api | Source control management type | | --timeout | False | | Timeout in seconds for API requests | -| --include-module-folders | False | False | If enabled will include manifest files from folders like node_modules | #### Plugins diff --git a/pyproject.toml b/pyproject.toml index d8747c3..22811e7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.9" +version = "2.2.11" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socketdev>=3.0.5,<4.0.0' + 'socketdev>=3.0.6,<4.0.0' ] readme = "README.md" description = "Socket Security CLI for CI/CD" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 2ba817a..9ea1adb 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.9' +__version__ = '2.2.11' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index 72a2327..bbfb4bc 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -60,7 +60,7 @@ class CliConfig: license_file_name: str = "license_output.json" save_submitted_files_list: Optional[str] = None save_manifest_tar: Optional[str] = None - sub_path: Optional[str] = None + sub_paths: List[str] = field(default_factory=list) workspace_name: Optional[str] = None @classmethod @@ -108,7 +108,7 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'license_file_name': args.license_file_name, 'save_submitted_files_list': args.save_submitted_files_list, 'save_manifest_tar': args.save_manifest_tar, - 'sub_path': args.sub_path, + 'sub_paths': args.sub_paths or [], 'workspace_name': args.workspace_name, 'version': __version__ } @@ -133,11 +133,11 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': if args.owner: config_args['integration_org_slug'] = args.owner - # Validate that sub_path and workspace_name are used together - if args.sub_path and not args.workspace_name: + # Validate that sub_paths and workspace_name are used together + if args.sub_paths and not args.workspace_name: logging.error("--sub-path requires --workspace-name to be specified") exit(1) - if args.workspace_name and not args.sub_path: + if args.workspace_name and not args.sub_paths: logging.error("--workspace-name requires --sub-path to be specified") exit(1) @@ -299,9 +299,10 @@ def create_argument_parser() -> argparse.ArgumentParser: ) path_group.add_argument( "--sub-path", - dest="sub_path", + dest="sub_paths", metavar="", - help="Sub-path within target-path for manifest file scanning (while preserving git context from target-path)" + action="append", + help="Sub-path within target-path for manifest file scanning (can be specified multiple times). All sub-paths will be combined into a single workspace scan while preserving git context from target-path" ) path_group.add_argument( "--workspace-name", diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 30275b9..6dd6ecb 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -451,14 +451,14 @@ def empty_head_scan_file() -> List[str]: log.debug(f"Created temporary empty file for baseline scan: {temp_path}") return [temp_path] - def create_full_scan(self, files: List[str], params: FullScanParams, base_path: str = None) -> FullScan: + def create_full_scan(self, files: List[str], params: FullScanParams, base_paths: List[str] = None) -> FullScan: """ Creates a new full scan via the Socket API. Args: files: List of file paths to scan params: Parameters for the full scan - base_path: Base path for the scan (optional) + base_paths: List of base paths for the scan (optional) Returns: FullScan object with scan results @@ -466,7 +466,7 @@ def create_full_scan(self, files: List[str], params: FullScanParams, base_path: log.info("Creating new full scan") create_full_start = time.time() - res = self.sdk.fullscans.post(files, params, use_types=True, use_lazy_loading=True, max_open_files=50, base_path=base_path) + res = self.sdk.fullscans.post(files, params, use_types=True, use_lazy_loading=True, max_open_files=50, base_paths=base_paths) if not res.success: log.error(f"Error creating full scan: {res.message}, status: {res.status}") raise Exception(f"Error creating full scan: {res.message}, status: {res.status}") @@ -480,20 +480,22 @@ def create_full_scan(self, files: List[str], params: FullScanParams, base_path: def create_full_scan_with_report_url( self, - path: str, + paths: List[str], params: FullScanParams, no_change: bool = False, save_files_list_path: str = None, - save_manifest_tar_path: str = None + save_manifest_tar_path: str = None, + base_paths: List[str] = None ) -> Diff: """Create a new full scan and return with html_report_url. Args: - path: Path to look for manifest files + paths: List of paths to look for manifest files params: Query params for the Full Scan endpoint no_change: If True, return empty result save_files_list_path: Optional path to save submitted files list for debugging save_manifest_tar_path: Optional path to save manifest files tar.gz archive + base_paths: List of base paths for the scan (optional) Returns: Dict with full scan data including html_report_url @@ -507,24 +509,27 @@ def create_full_scan_with_report_url( if no_change: return diff - # Find manifest files - files = self.find_files(path) + # Find manifest files from all paths + all_files = [] + for path in paths: + files = self.find_files(path) + all_files.extend(files) # Save submitted files list if requested - if save_files_list_path and files: - self.save_submitted_files_list(files, save_files_list_path) + if save_files_list_path and all_files: + self.save_submitted_files_list(all_files, save_files_list_path) - # Save manifest tar.gz if requested - if save_manifest_tar_path and files: - self.save_manifest_tar(files, save_manifest_tar_path, path) + # Save manifest tar.gz if requested (use first path as base) + if save_manifest_tar_path and all_files and paths: + self.save_manifest_tar(all_files, save_manifest_tar_path, paths[0]) - if not files: + if not all_files: return diff try: # Create new scan new_scan_start = time.time() - new_full_scan = self.create_full_scan(files, params, base_path=path) + new_full_scan = self.create_full_scan(all_files, params, base_paths=base_paths) new_scan_end = time.time() log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") except APIFailure as e: @@ -847,37 +852,42 @@ def get_added_and_removed_packages( def create_new_diff( self, - path: str, + paths: List[str], params: FullScanParams, no_change: bool = False, save_files_list_path: str = None, - save_manifest_tar_path: str = None + save_manifest_tar_path: str = None, + base_paths: List[str] = None ) -> Diff: """Create a new diff using the Socket SDK. Args: - path: Path to look for manifest files + paths: List of paths to look for manifest files params: Query params for the Full Scan endpoint no_change: If True, return empty diff save_files_list_path: Optional path to save submitted files list for debugging save_manifest_tar_path: Optional path to save manifest files tar.gz archive + base_paths: List of base paths for the scan (optional) """ log.debug(f"starting create_new_diff with no_change: {no_change}") if no_change: return Diff(id="NO_DIFF_RAN", diff_url="", report_url="") - # Find manifest files - files = self.find_files(path) + # Find manifest files from all paths + all_files = [] + for path in paths: + files = self.find_files(path) + all_files.extend(files) # Save submitted files list if requested - if save_files_list_path and files: - self.save_submitted_files_list(files, save_files_list_path) + if save_files_list_path and all_files: + self.save_submitted_files_list(all_files, save_files_list_path) - # Save manifest tar.gz if requested - if save_manifest_tar_path and files: - self.save_manifest_tar(files, save_manifest_tar_path, path) + # Save manifest tar.gz if requested (use first path as base) + if save_manifest_tar_path and all_files and paths: + self.save_manifest_tar(all_files, save_manifest_tar_path, paths[0]) - if not files: + if not all_files: return Diff(id="NO_DIFF_RAN", diff_url="", report_url="") try: @@ -900,7 +910,7 @@ def create_new_diff( # Create baseline scan with empty file empty_files = Core.empty_head_scan_file() try: - head_full_scan = self.create_full_scan(empty_files, tmp_params, base_path=path) + head_full_scan = self.create_full_scan(empty_files, tmp_params, base_paths=base_paths) head_full_scan_id = head_full_scan.id log.debug(f"Created empty baseline scan: {head_full_scan_id}") @@ -923,7 +933,7 @@ def create_new_diff( # Create new scan try: new_scan_start = time.time() - new_full_scan = self.create_full_scan(files, params, base_path=path) + new_full_scan = self.create_full_scan(all_files, params, base_paths=base_paths) new_scan_end = time.time() log.info(f"Total time to create new full scan: {new_scan_end - new_scan_start:.2f}") except APIFailure as e: diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 15ae755..2813790 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -147,15 +147,22 @@ def main_code(): config.branch = "socket-default-branch" log.debug(f"Using default branch name: {config.branch}") - # Calculate the scan path - combine target_path with sub_path if provided - scan_path = config.target_path - if config.sub_path: + # Calculate the scan paths - combine target_path with sub_paths if provided + scan_paths = [] + base_paths = [config.target_path] # Always use target_path as the single base path + + if config.sub_paths: import os - scan_path = os.path.join(config.target_path, config.sub_path) - log.debug(f"Using sub-path for scanning: {scan_path}") - # Verify the scan path exists - if not os.path.exists(scan_path): - raise Exception(f"Sub-path does not exist: {scan_path}") + for sub_path in config.sub_paths: + full_scan_path = os.path.join(config.target_path, sub_path) + log.debug(f"Using sub-path for scanning: {full_scan_path}") + # Verify the scan path exists + if not os.path.exists(full_scan_path): + raise Exception(f"Sub-path does not exist: {full_scan_path}") + scan_paths.append(full_scan_path) + else: + # Use the target path as the single scan path + scan_paths = [config.target_path] # Modify repository name if workspace_name is provided if config.workspace_name and config.repo: @@ -201,19 +208,22 @@ def main_code(): # Check if we have supported manifest files has_supported_files = files_to_check and core.has_manifest_files(files_to_check) - # If using sub_path, we need to check if manifest files exist in the scan path - if config.sub_path and not files_explicitly_specified: - # Override file checking to look in the scan path instead + # If using sub_paths, we need to check if manifest files exist in the scan paths + if config.sub_paths and not files_explicitly_specified: + # Override file checking to look in the scan paths instead import os from pathlib import Path - # Get manifest files from the scan path + # Get manifest files from all scan paths try: - scan_files = core.find_files(scan_path) - has_supported_files = len(scan_files) > 0 - log.debug(f"Found {len(scan_files)} manifest files in scan path: {scan_path}") + all_scan_files = [] + for scan_path in scan_paths: + scan_files = core.find_files(scan_path) + all_scan_files.extend(scan_files) + has_supported_files = len(all_scan_files) > 0 + log.debug(f"Found {len(all_scan_files)} manifest files across {len(scan_paths)} scan paths") except Exception as e: - log.debug(f"Error finding files in scan path {scan_path}: {e}") + log.debug(f"Error finding files in scan paths: {e}") has_supported_files = False # Case 3: If no supported files or files are empty, force API mode (no PR comments) @@ -301,7 +311,7 @@ def main_code(): log.info("Push initiated flow") if scm.check_event_type() == "diff": log.info("Starting comment logic for PR/MR event") - diff = core.create_new_diff(scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths) comments = scm.get_comments_for_pr() log.debug("Removing comment alerts") @@ -354,14 +364,14 @@ def main_code(): ) else: log.info("Starting non-PR/MR flow") - diff = core.create_new_diff(scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths) output_handler.handle_output(diff) elif config.enable_diff and not force_api_mode: # New logic: --enable-diff forces diff mode even with --integration api (no SCM) log.info("Diff mode enabled without SCM integration") - diff = core.create_new_diff(scan_path, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar) + diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths) output_handler.handle_output(diff) elif config.enable_diff and force_api_mode: @@ -374,11 +384,12 @@ def main_code(): } log.debug(f"params={serializable_params}") diff = core.create_full_scan_with_report_url( - scan_path, + scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, - save_manifest_tar_path=config.save_manifest_tar + save_manifest_tar_path=config.save_manifest_tar, + base_paths=base_paths ) log.info(f"Full scan created with ID: {diff.id}") log.info(f"Full scan report URL: {diff.report_url}") @@ -393,21 +404,23 @@ def main_code(): } log.debug(f"params={serializable_params}") diff = core.create_full_scan_with_report_url( - scan_path, + scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, - save_manifest_tar_path=config.save_manifest_tar + save_manifest_tar_path=config.save_manifest_tar, + base_paths=base_paths ) log.info(f"Full scan created with ID: {diff.id}") log.info(f"Full scan report URL: {diff.report_url}") else: log.info("API Mode") diff = core.create_new_diff( - scan_path, params, + scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, - save_manifest_tar_path=config.save_manifest_tar + save_manifest_tar_path=config.save_manifest_tar, + base_paths=base_paths ) output_handler.handle_output(diff) From ee8b836b9e74c1780ecbb1af4b321e2dd55048e6 Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 23 Oct 2025 18:32:47 -0700 Subject: [PATCH 104/149] ci: pin GitHub Actions to commit SHAs for security (#124) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Pin all GitHub Actions references to specific commit SHAs instead of version tags to improve security and reproducibility: - actions/checkout@v4 → eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 - actions/setup-python@v5 → f677139bbe7f9c59b41e40162b753c062f5d49a3 - pypa/gh-action-pypi-publish@v1.12.4 → ab69e431e9c9f48a3310be0a56527c679f56e04d - actions/github-script@v7 → 60a0d83039c74a4aee543508d2ffcb1c3799cdea - docker/setup-qemu-action@v3 → 49b3bc8e6bdd4a60e6116a5414239cba5943d3cf - docker/setup-buildx-action@v3 → c47758b77c9736f4b2ef4073d4d51994fabfe349 - docker/login-action@v3 → 9780b0c442fbb1117ed29e0efdff1e18412f7567 - docker/build-push-action@v5 → 4f58ea79222b3b9dc2c8bbdd6debcef730109a75 This follows GitHub security best practices by ensuring exact versions are used and preventing potential supply chain attacks from compromised tags. --- .github/workflows/pr-preview.yml | 16 ++++++++-------- .github/workflows/release.yml | 14 +++++++------- .github/workflows/version-check.yml | 4 ++-- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- 5 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/pr-preview.yml b/.github/workflows/pr-preview.yml index f3b142a..9386346 100644 --- a/.github/workflows/pr-preview.yml +++ b/.github/workflows/pr-preview.yml @@ -11,10 +11,10 @@ jobs: contents: read pull-requests: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 with: fetch-depth: 0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: python-version: '3.x' @@ -43,14 +43,14 @@ jobs: - name: Publish to Test PyPI if: steps.version_check.outputs.exists != 'true' - uses: pypa/gh-action-pypi-publish@v1.12.4 + uses: pypa/gh-action-pypi-publish@ab69e431e9c9f48a3310be0a56527c679f56e04d with: repository-url: https://test.pypi.org/legacy/ verbose: true - name: Comment on PR if: steps.version_check.outputs.exists != 'true' - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea env: VERSION: ${{ env.VERSION }} with: @@ -120,21 +120,21 @@ jobs: exit 1 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 - name: Login to Docker Hub with Organization Token if: steps.verify_package.outputs.success == 'true' - uses: docker/login-action@v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build & Push Docker Preview if: steps.verify_package.outputs.success == 'true' - uses: docker/build-push-action@v5 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 env: VERSION: ${{ env.VERSION }} with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b70d26e..20b4bd1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,10 +10,10 @@ jobs: id-token: write contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 with: fetch-depth: 0 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: python-version: '3.x' @@ -66,16 +66,16 @@ jobs: - name: Publish to PyPI if: steps.version_check.outputs.pypi_exists != 'true' - uses: pypa/gh-action-pypi-publish@v1.12.4 + uses: pypa/gh-action-pypi-publish@ab69e431e9c9f48a3310be0a56527c679f56e04d - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 - name: Login to Docker Hub with Organization Token - uses: docker/login-action@v3 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -102,7 +102,7 @@ jobs: if: | steps.verify_package.outputs.success == 'true' && steps.docker_check.outputs.docker_exists != 'true' - uses: docker/build-push-action@v5 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 env: VERSION: ${{ env.VERSION }} with: diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml index fa20938..5e4335c 100644 --- a/.github/workflows/version-check.yml +++ b/.github/workflows/version-check.yml @@ -11,7 +11,7 @@ jobs: check_version: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 with: fetch-depth: 0 # Fetch all history for all branches @@ -39,7 +39,7 @@ jobs: " - name: Manage PR Comment - uses: actions/github-script@v7 + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea if: always() env: MAIN_VERSION: ${{ env.MAIN_VERSION }} diff --git a/pyproject.toml b/pyproject.toml index 22811e7..9ec3c0f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.11" +version = "2.2.12" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index 9ea1adb..aecfb7d 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,2 @@ __author__ = 'socket.dev' -__version__ = '2.2.11' +__version__ = '2.2.12' From cc45ff459ae9253f730c32cfeccaedc8bbe14b38 Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 23 Oct 2025 18:50:15 -0700 Subject: [PATCH 105/149] Doug/fix windows support (#123) * Added gates so that resources module doesn't break windows * feat: centralize User-Agent string across all API clients - Add USER_AGENT constant to socketsecurity/__init__.py - Replace hardcoded 'SocketPythonScript/0.0.1' and 'SocketPythonCLI/0.0.1' with centralized USER_AGENT - Update all SCM clients (GitHub, GitLab) and CLI client to use USER_AGENT - Update unit tests to reference centralized constant - Pin GitHub Actions to commit SHAs for improved security and reproducibility - Fix minor GitLab client bugs (return type, pipeline source support) * Updated version-check.yml to used commit hashes * Minor type fixes --- Pipfile.lock | 20 ------------------ pyproject.toml | 2 +- socketsecurity/__init__.py | 3 ++- socketsecurity/core/__init__.py | 3 ++- socketsecurity/core/cli_client.py | 3 ++- socketsecurity/core/resource_utils.py | 29 +++++++++++++++++++-------- socketsecurity/core/scm/client.py | 5 +++-- socketsecurity/core/scm/github.py | 3 ++- socketsecurity/core/scm/gitlab.py | 15 +++++++------- socketsecurity/socketcli.py | 2 +- tests/unit/test_gitlab_auth.py | 3 ++- 11 files changed, 44 insertions(+), 44 deletions(-) delete mode 100644 Pipfile.lock diff --git a/Pipfile.lock b/Pipfile.lock deleted file mode 100644 index 77f078c..0000000 --- a/Pipfile.lock +++ /dev/null @@ -1,20 +0,0 @@ -{ - "_meta": { - "hash": { - "sha256": "7e8ad3d0508bf0c279a648ee7a1873fc16334cf0b711f30b2dc54a1da68fef6c" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "3.12" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/socketsecurity", - "verify_ssl": true - } - ] - }, - "default": {}, - "develop": {} -} diff --git a/pyproject.toml b/pyproject.toml index 9ec3c0f..6b2ea18 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.12" +version = "2.2.15" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index aecfb7d..c4b1ae5 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,2 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.2.12' +__version__ = '2.2.15' +USER_AGENT = f'SocketPythonCLI/{__version__}' diff --git a/socketsecurity/core/__init__.py b/socketsecurity/core/__init__.py index 6dd6ecb..1261c43 100644 --- a/socketsecurity/core/__init__.py +++ b/socketsecurity/core/__init__.py @@ -18,7 +18,7 @@ from socketdev.repos import RepositoryInfo from socketdev.settings import SecurityPolicyRule import copy -from socketsecurity import __version__ +from socketsecurity import __version__, USER_AGENT from socketsecurity.core.classes import ( Alert, Diff, @@ -39,6 +39,7 @@ "Core", "log", "__version__", + "USER_AGENT", ] version = __version__ diff --git a/socketsecurity/core/cli_client.py b/socketsecurity/core/cli_client.py index bf8db38..8bb2ed6 100644 --- a/socketsecurity/core/cli_client.py +++ b/socketsecurity/core/cli_client.py @@ -4,6 +4,7 @@ import requests +from socketsecurity import USER_AGENT from .exceptions import APIFailure from .socket_config import SocketConfig @@ -31,7 +32,7 @@ def request( default_headers = { 'Authorization': f"Basic {self._encoded_key}", - 'User-Agent': 'SocketPythonCLI/0.0.1', + 'User-Agent': USER_AGENT, "accept": "application/json" } diff --git a/socketsecurity/core/resource_utils.py b/socketsecurity/core/resource_utils.py index 2652bbf..b49cc2e 100644 --- a/socketsecurity/core/resource_utils.py +++ b/socketsecurity/core/resource_utils.py @@ -1,8 +1,17 @@ """ System resource utilities for the Socket Security CLI. """ -import resource import logging +import sys + +# The resource module is only available on Unix-like systems +resource_available = False +try: + import resource + resource_available = True +except ImportError: + # On Windows, the resource module is not available + pass log = logging.getLogger("socketdev") @@ -10,10 +19,14 @@ def get_file_descriptor_limit(): """ Get the current file descriptor limit (equivalent to ulimit -n) - + Returns: - tuple: (soft_limit, hard_limit) or (None, None) if error + tuple: (soft_limit, hard_limit) or (None, None) if error or on Windows """ + if not resource_available: + # On Windows, resource module is not available + return None, None + try: soft_limit, hard_limit = resource.getrlimit(resource.RLIMIT_NOFILE) return soft_limit, hard_limit @@ -25,26 +38,26 @@ def get_file_descriptor_limit(): def check_file_count_against_ulimit(file_count, buffer_size=100): """ Check if the number of files would exceed the file descriptor limit - + Args: file_count (int): Number of files to check buffer_size (int): Safety buffer to leave for other file operations - + Returns: dict: Information about the check """ soft_limit, hard_limit = get_file_descriptor_limit() - + if soft_limit is None: return { "can_check": False, "error": "Could not determine file descriptor limit", "safe_to_process": True # Assume safe if we can't check } - + available_fds = soft_limit - buffer_size would_exceed = file_count > available_fds - + return { "can_check": True, "file_count": file_count, diff --git a/socketsecurity/core/scm/client.py b/socketsecurity/core/scm/client.py index 1033613..0575711 100644 --- a/socketsecurity/core/scm/client.py +++ b/socketsecurity/core/scm/client.py @@ -1,6 +1,7 @@ from abc import abstractmethod from typing import Dict +from socketsecurity import USER_AGENT from ..cli_client import CliClient @@ -28,7 +29,7 @@ class GithubClient(ScmClient): def get_headers(self) -> Dict: return { 'Authorization': f"Bearer {self.token}", - 'User-Agent': 'SocketPythonScript/0.0.1', + 'User-Agent': USER_AGENT, "accept": "application/json" } @@ -52,7 +53,7 @@ def _get_gitlab_auth_headers(token: str) -> dict: import os base_headers = { - 'User-Agent': 'SocketPythonScript/0.0.1', + 'User-Agent': USER_AGENT, "accept": "application/json" } diff --git a/socketsecurity/core/scm/github.py b/socketsecurity/core/scm/github.py index 1b4fa0e..0870f5c 100644 --- a/socketsecurity/core/scm/github.py +++ b/socketsecurity/core/scm/github.py @@ -5,6 +5,7 @@ from git import Optional +from socketsecurity import USER_AGENT from socketsecurity.core import log from socketsecurity.core.classes import Comment from socketsecurity.core.scm_comments import Comments @@ -83,7 +84,7 @@ def from_env(cls, pr_number: Optional[str] = None) -> 'GithubConfig': event_action=event_action, headers={ 'Authorization': f"Bearer {token}", - 'User-Agent': 'SocketPythonScript/0.0.1', + 'User-Agent': USER_AGENT, "accept": "application/json" } ) diff --git a/socketsecurity/core/scm/gitlab.py b/socketsecurity/core/scm/gitlab.py index b5f46b7..c8aba49 100644 --- a/socketsecurity/core/scm/gitlab.py +++ b/socketsecurity/core/scm/gitlab.py @@ -3,6 +3,7 @@ from dataclasses import dataclass from typing import Optional +from socketsecurity import USER_AGENT from socketsecurity.core import log from socketsecurity.core.classes import Comment from socketsecurity.core.scm_comments import Comments @@ -79,7 +80,7 @@ def _get_auth_headers(token: str) -> dict: - Other tokens: Use PRIVATE-TOKEN as fallback """ base_headers = { - 'User-Agent': 'SocketPythonScript/0.0.1', + 'User-Agent': USER_AGENT, "accept": "application/json" } @@ -150,7 +151,7 @@ def _get_fallback_headers(self, original_headers: dict) -> dict: If using Bearer, fallback to PRIVATE-TOKEN and vice versa. """ base_headers = { - 'User-Agent': 'SocketPythonScript/0.0.1', + 'User-Agent': USER_AGENT, "accept": "application/json" } @@ -171,11 +172,11 @@ def _get_fallback_headers(self, original_headers: dict) -> dict: } # No fallback available - return None + return {} def check_event_type(self) -> str: pipeline_source = self.config.pipeline_source.lower() - if pipeline_source in ["web", 'merge_request_event', "push", "api"]: + if pipeline_source in ["web", 'merge_request_event', "push", "api", 'pipeline']: if not self.config.mr_iid: return "main" return "diff" @@ -234,8 +235,8 @@ def add_socket_comments( new_security_comment: bool = True, new_overview_comment: bool = True ) -> None: - existing_overview_comment = comments.get("overview") - existing_security_comment = comments.get("security") + existing_overview_comment = comments.get("overview", "") + existing_security_comment = comments.get("security", "") if new_overview_comment: log.debug("New Dependency Overview comment") if existing_overview_comment is not None: @@ -256,7 +257,7 @@ def add_socket_comments( self.post_comment(security_comment) def remove_comment_alerts(self, comments: dict): - security_alert = comments.get("security") + security_alert = comments.get("security", "") if security_alert is not None: security_alert: Comment new_body = Comments.process_security_comment(security_alert, comments) diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 2813790..79b8374 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -114,7 +114,7 @@ def main_code(): # Git setup is_repo = False - git_repo = None + git_repo: Git try: git_repo = Git(config.target_path) is_repo = True diff --git a/tests/unit/test_gitlab_auth.py b/tests/unit/test_gitlab_auth.py index be34224..3c6d6dd 100644 --- a/tests/unit/test_gitlab_auth.py +++ b/tests/unit/test_gitlab_auth.py @@ -3,6 +3,7 @@ import pytest from unittest.mock import patch, MagicMock +from socketsecurity import USER_AGENT from socketsecurity.core.scm.gitlab import GitlabConfig @@ -58,7 +59,7 @@ def test_all_headers_include_base_headers(self): for token in test_tokens: headers = GitlabConfig._get_auth_headers(token) - assert headers['User-Agent'] == 'SocketPythonScript/0.0.1' + assert headers['User-Agent'] == USER_AGENT assert headers['accept'] == 'application/json' @patch.dict(os.environ, {'CI_JOB_TOKEN': 'ci-token-123'}) From ef1fbf9bd2b3620472c56aa4bff62944a5adcc84 Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 6 Nov 2025 22:29:45 -0500 Subject: [PATCH 106/149] feat: add Socket tier 1 reachability analysis support (#125) * feat: add Socket tier 1 reachability analysis support - Add --reach flag and related CLI arguments for reachability analysis - Add ReachabilityAnalyzer class to run @coana-tech/cli - Add dependency checks for java, npm, uv, npx when --reach is enabled - Add --only-facts-file mode to submit only .socket.facts.json - Auto-install @coana-tech/cli if not present - Stream reachability CLI output to stderr for user visibility - Filter .socket.facts.json from manifest uploads but include in full scans - Set tmp=False in FullScanParams to fix API 400 errors * docs: update README with reachability parameters and remove java requirement - Add comprehensive reachability analysis parameters section to README - Document all --reach-* CLI flags with descriptions and defaults - List required dependencies (npm, npx, uv) excluding java - Remove java from required dependencies check in socketcli.py - Update usage synopsis to include reachability flags * Added org check details --- README.md | 28 ++- pyproject.toml | 7 +- socketsecurity/__init__.py | 2 +- socketsecurity/config.py | 102 +++++++++- socketsecurity/core/helper/__init__.py | 3 +- socketsecurity/core/tools/reachability.py | 234 ++++++++++++++++++++++ socketsecurity/socketcli.py | 136 ++++++++++++- uv.lock | 46 ++++- 8 files changed, 545 insertions(+), 13 deletions(-) create mode 100644 socketsecurity/core/tools/reachability.py diff --git a/README.md b/README.md index 89ff153..29444ab 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,11 @@ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--repo-is-public] [--branc [--save-manifest-tar SAVE_MANIFEST_TAR] [--files FILES] [--sub-path SUB_PATH] [--workspace-name WORKSPACE_NAME] [--excluded-ecosystems EXCLUDED_ECOSYSTEMS] [--default-branch] [--pending-head] [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--exclude-license-details] [--allow-unverified] [--disable-security-issue] - [--ignore-commit-files] [--disable-blocking] [--enable-diff] [--scm SCM] [--timeout TIMEOUT] [--include-module-folders] [--version] + [--ignore-commit-files] [--disable-blocking] [--enable-diff] [--scm SCM] [--timeout TIMEOUT] [--include-module-folders] + [--reach] [--reach-version REACH_VERSION] [--reach-analysis-timeout REACH_ANALYSIS_TIMEOUT] + [--reach-analysis-memory-limit REACH_ANALYSIS_MEMORY_LIMIT] [--reach-ecosystems REACH_ECOSYSTEMS] [--reach-exclude-paths REACH_EXCLUDE_PATHS] + [--reach-min-severity {low,medium,high,critical}] [--reach-skip-cache] [--reach-disable-analytics] [--reach-output-file REACH_OUTPUT_FILE] + [--only-facts-file] [--version] ```` If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY` @@ -160,6 +164,28 @@ If you don't want to provide the Socket API Token every time then you can use th | --allow-unverified | False | False | Allow unverified packages | | --disable-security-issue | False | False | Disable security issue checks | +#### Reachability Analysis +| Parameter | Required | Default | Description | +|:---------------------------------|:---------|:--------|:---------------------------------------------------------------------------------------------------------------------------| +| --reach | False | False | Enable reachability analysis to identify which vulnerable functions are actually called by your code | +| --reach-version | False | latest | Version of @coana-tech/cli to use for analysis | +| --reach-analysis-timeout | False | 1200 | Timeout in seconds for the reachability analysis (default: 1200 seconds / 20 minutes) | +| --reach-analysis-memory-limit | False | 4096 | Memory limit in MB for the reachability analysis (default: 4096 MB / 4 GB) | +| --reach-ecosystems | False | | Comma-separated list of ecosystems to analyze (e.g., "npm,pypi"). If not specified, all supported ecosystems are analyzed | +| --reach-exclude-paths | False | | Comma-separated list of file paths or patterns to exclude from reachability analysis | +| --reach-min-severity | False | | Minimum severity level for reporting reachability results (low, medium, high, critical) | +| --reach-skip-cache | False | False | Skip cache and force fresh reachability analysis | +| --reach-disable-analytics | False | False | Disable analytics collection during reachability analysis | +| --reach-output-file | False | .socket.facts.json | Path where reachability analysis results should be saved | +| --only-facts-file | False | False | Submit only the .socket.facts.json file to an existing scan (requires --reach and a prior scan) | + +**Reachability Analysis Requirements:** +- `npm` - Required to install and run @coana-tech/cli +- `npx` - Required to execute @coana-tech/cli +- `uv` - Required for Python environment management + +The CLI will automatically install @coana-tech/cli if not present. Use `--reach` to enable reachability analysis during a full scan, or use `--only-facts-file` with `--reach` to submit reachability results to an existing scan. + #### Advanced Configuration | Parameter | Required | Default | Description | |:-------------------------|:---------|:--------|:----------------------------------------------------------------------| diff --git a/pyproject.toml b/pyproject.toml index 6b2ea18..f326d59 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.15" +version = "2.2.18" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,8 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socketdev>=3.0.6,<4.0.0' + 'socketdev>=3.0.6,<4.0.0', + "bs4>=0.0.2", ] readme = "README.md" description = "Socket Security CLI for CI/CD" @@ -158,4 +159,4 @@ docstring-code-format = false docstring-code-line-length = "dynamic" [tool.hatch.build.targets.wheel] -include = ["socketsecurity", "LICENSE"] \ No newline at end of file +include = ["socketsecurity", "LICENSE"] diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index c4b1ae5..a61cd78 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.2.15' +__version__ = '2.2.18' USER_AGENT = f'SocketPythonCLI/{__version__}' diff --git a/socketsecurity/config.py b/socketsecurity/config.py index bbfb4bc..0fc5351 100644 --- a/socketsecurity/config.py +++ b/socketsecurity/config.py @@ -62,7 +62,19 @@ class CliConfig: save_manifest_tar: Optional[str] = None sub_paths: List[str] = field(default_factory=list) workspace_name: Optional[str] = None - + # Reachability Flags + reach: bool = False + reach_version: Optional[str] = None + reach_analysis_memory_limit: Optional[int] = None + reach_analysis_timeout: Optional[int] = None + reach_disable_analytics: bool = False + reach_ecosystems: Optional[List[str]] = None + reach_exclude_paths: Optional[List[str]] = None + reach_skip_cache: bool = False + reach_min_severity: Optional[str] = None + reach_output_file: Optional[str] = None + only_facts_file: bool = False + @classmethod def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': parser = create_argument_parser() @@ -110,6 +122,17 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': 'save_manifest_tar': args.save_manifest_tar, 'sub_paths': args.sub_paths or [], 'workspace_name': args.workspace_name, + 'reach': args.reach, + 'reach_version': args.reach_version, + 'reach_analysis_timeout': args.reach_analysis_timeout, + 'reach_analysis_memory_limit': args.reach_analysis_memory_limit, + 'reach_disable_analytics': args.reach_disable_analytics, + 'reach_ecosystems': args.reach_ecosystems.split(',') if args.reach_ecosystems else None, + 'reach_exclude_paths': args.reach_exclude_paths.split(',') if args.reach_exclude_paths else None, + 'reach_skip_cache': args.reach_skip_cache, + 'reach_min_severity': args.reach_min_severity, + 'reach_output_file': args.reach_output_file, + 'only_facts_file': args.only_facts_file, 'version': __version__ } try: @@ -141,6 +164,11 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig': logging.error("--workspace-name requires --sub-path to be specified") exit(1) + # Validate that only_facts_file requires reach + if args.only_facts_file and not args.reach: + logging.error("--only-facts-file requires --reach to be specified") + exit(1) + return cls(**config_args) def to_dict(self) -> dict: @@ -474,6 +502,78 @@ def create_argument_parser() -> argparse.ArgumentParser: help="Enabling including module folders like node_modules" ) + # Reachability Configuration + reachability_group = parser.add_argument_group('Reachability Analysis') + reachability_group.add_argument( + "--reach", + dest="reach", + action="store_true", + help="Enable reachability analysis" + ) + reachability_group.add_argument( + "--reach-version", + dest="reach_version", + metavar="", + help="Specific version of @coana-tech/cli to use (e.g., '1.2.3')" + ) + reachability_group.add_argument( + "--reach-timeout", + dest="reach_analysis_timeout", + type=int, + metavar="", + help="Timeout for reachability analysis in seconds" + ) + reachability_group.add_argument( + "--reach-memory-limit", + dest="reach_analysis_memory_limit", + type=int, + metavar="", + help="Memory limit for reachability analysis in MB" + ) + reachability_group.add_argument( + "--reach-ecosystems", + dest="reach_ecosystems", + metavar="", + help="Ecosystems to analyze for reachability (comma-separated, e.g., 'npm,pypi')" + ) + reachability_group.add_argument( + "--reach-exclude-paths", + dest="reach_exclude_paths", + metavar="", + help="Paths to exclude from reachability analysis (comma-separated)" + ) + reachability_group.add_argument( + "--reach-min-severity", + dest="reach_min_severity", + metavar="", + help="Minimum severity level for reachability analysis (info, low, moderate, high, critical)" + ) + reachability_group.add_argument( + "--reach-skip-cache", + dest="reach_skip_cache", + action="store_true", + help="Skip cache usage for reachability analysis" + ) + reachability_group.add_argument( + "--reach-disable-analytics", + dest="reach_disable_analytics", + action="store_true", + help="Disable analytics sharing for reachability analysis" + ) + reachability_group.add_argument( + "--reach-output-file", + dest="reach_output_file", + metavar="", + default=".socket.facts.json", + help="Output file path for reachability analysis results (default: .socket.facts.json)" + ) + reachability_group.add_argument( + "--only-facts-file", + dest="only_facts_file", + action="store_true", + help="Submit only the .socket.facts.json file when creating full scan (requires --reach)" + ) + parser.add_argument( '--version', action='version', diff --git a/socketsecurity/core/helper/__init__.py b/socketsecurity/core/helper/__init__.py index f10cb6e..ab7d06f 100644 --- a/socketsecurity/core/helper/__init__.py +++ b/socketsecurity/core/helper/__init__.py @@ -1,5 +1,6 @@ import markdown -from bs4 import BeautifulSoup, NavigableString, Tag +from bs4 import BeautifulSoup, Tag +from bs4.element import NavigableString import string diff --git a/socketsecurity/core/tools/reachability.py b/socketsecurity/core/tools/reachability.py new file mode 100644 index 0000000..064b699 --- /dev/null +++ b/socketsecurity/core/tools/reachability.py @@ -0,0 +1,234 @@ +from socketdev import socketdev +from typing import List, Optional, Dict, Any +import os +import subprocess +import json +import pathlib +import logging +import sys + +log = logging.getLogger(__name__) + + +class ReachabilityAnalyzer: + def __init__(self, sdk: socketdev, api_token: str): + self.sdk = sdk + self.api_token = api_token + + def _ensure_coana_cli_installed(self, version: Optional[str] = None) -> str: + """ + Check if @coana-tech/cli is installed, and install it if not present. + + Args: + version: Specific version to install (e.g., '1.2.3') + + Returns: + str: The package specifier to use with npx + """ + # Determine the package specifier + package_spec = f"@coana-tech/cli@{version}" if version else "@coana-tech/cli" + + # Check if the package is already available + try: + check_cmd = ["npm", "list", "-g", "@coana-tech/cli", "--depth=0"] + result = subprocess.run( + check_cmd, + capture_output=True, + text=True, + timeout=10 + ) + + # If npm list succeeds and mentions the package, it's installed + if result.returncode == 0 and "@coana-tech/cli" in result.stdout: + log.debug(f"@coana-tech/cli is already installed globally") + return package_spec + + except Exception as e: + log.debug(f"Could not check for existing @coana-tech/cli installation: {e}") + + # Package not found or check failed - install it + log.info("Downloading reachability analysis plugin (@coana-tech/cli)...") + log.info("This may take a moment on first run...") + + try: + install_cmd = ["npm", "install", "-g", package_spec] + log.debug(f"Installing with command: {' '.join(install_cmd)}") + + result = subprocess.run( + install_cmd, + capture_output=True, + text=True, + timeout=300 # 5 minute timeout for installation + ) + + if result.returncode != 0: + log.warning(f"Global installation failed, npx will download on demand") + log.debug(f"Install stderr: {result.stderr}") + else: + log.info("Reachability analysis plugin installed successfully") + + except subprocess.TimeoutExpired: + log.warning("Installation timed out, npx will download on demand") + except Exception as e: + log.warning(f"Could not install globally: {e}, npx will download on demand") + + return package_spec + + + def run_reachability_analysis( + self, + org_slug: str, + target_directory: str, + tar_hash: Optional[str] = None, + output_path: str = ".socket.facts.json", + timeout: Optional[int] = None, + memory_limit: Optional[int] = None, + ecosystems: Optional[List[str]] = None, + exclude_paths: Optional[List[str]] = None, + min_severity: Optional[str] = None, + skip_cache: bool = False, + disable_analytics: bool = False, + repo_name: Optional[str] = None, + branch_name: Optional[str] = None, + version: Optional[str] = None, + ) -> Dict[str, Any]: + """ + Run reachability analysis. + + Args: + org_slug: Socket organization slug + target_directory: Directory to analyze + tar_hash: Tar hash from manifest upload or existing scan (optional) + output_path: Output file path for results + timeout: Analysis timeout in seconds + memory_limit: Memory limit in MB + ecosystems: List of ecosystems to analyze (e.g., ['npm', 'pypi']) + exclude_paths: Paths to exclude from analysis + min_severity: Minimum severity level (info, low, moderate, high, critical) + skip_cache: Skip cache usage + disable_analytics: Disable analytics sharing + repo_name: Repository name + branch_name: Branch name + version: Specific version of @coana-tech/cli to use + + Returns: + Dict containing scan_id and report_path + """ + # Ensure @coana-tech/cli is installed + cli_package = self._ensure_coana_cli_installed(version) + + # Build CLI command arguments + cmd = ["npx", cli_package, "run", target_directory] + + # Add required arguments + output_dir = str(pathlib.Path(output_path).parent) + cmd.extend([ + "--output-dir", output_dir, + "--socket-mode", output_path, + "--disable-report-submission" + ]) + + # Add conditional arguments + if timeout: + cmd.extend(["--analysis-timeout", str(timeout)]) + + if memory_limit: + cmd.extend(["--memory-limit", str(memory_limit)]) + + if disable_analytics: + cmd.append("--disable-analytics-sharing") + + # KEY POINT: Only add manifest tar hash if we have one + if tar_hash: + cmd.extend(["--run-without-docker", "--manifests-tar-hash", tar_hash]) + + if ecosystems: + cmd.extend(["--purl-types"] + ecosystems) + + if exclude_paths: + cmd.extend(["--exclude-dirs"] + exclude_paths) + + if min_severity: + cmd.extend(["--min-severity", min_severity]) + + if skip_cache: + cmd.append("--skip-cache-usage") + + # Set up environment variables + env = os.environ.copy() + + # Required environment variables for Coana CLI + env["SOCKET_ORG_SLUG"] = org_slug + env["SOCKET_CLI_API_TOKEN"] = self.api_token + + # Optional environment variables + if repo_name: + env["SOCKET_REPO_NAME"] = repo_name + + if branch_name: + env["SOCKET_BRANCH_NAME"] = branch_name + + # Execute CLI + log.info("Running reachability analysis...") + log.debug(f"Reachability command: {' '.join(cmd)}") + log.debug(f"Environment: SOCKET_ORG_SLUG={org_slug}, SOCKET_REPO_NAME={repo_name or 'not set'}, SOCKET_BRANCH_NAME={branch_name or 'not set'}") + + try: + # Run with output streaming to stderr (don't capture output) + result = subprocess.run( + cmd, + env=env, + cwd=os.getcwd(), + stdout=sys.stderr, # Send stdout to stderr so user sees it + stderr=sys.stderr, # Send stderr to stderr + timeout=timeout + 60 if timeout else None # Add buffer to subprocess timeout + ) + + if result.returncode != 0: + log.error(f"Reachability analysis failed with exit code {result.returncode}") + raise Exception(f"Reachability analysis failed with exit code {result.returncode}") + + # Extract scan ID from output file + scan_id = self._extract_scan_id(output_path) + + log.info(f"Reachability analysis completed successfully") + if scan_id: + log.info(f"Scan ID: {scan_id}") + + return { + "scan_id": scan_id, + "report_path": output_path, + "tar_hash_used": tar_hash + } + + except subprocess.TimeoutExpired: + log.error(f"Reachability analysis timed out after {timeout} seconds") + raise Exception(f"Reachability analysis timed out after {timeout} seconds") + except Exception as e: + log.error(f"Failed to run reachability analysis: {str(e)}") + raise Exception(f"Failed to run reachability analysis: {str(e)}") + + def _extract_scan_id(self, facts_file_path: str) -> Optional[str]: + """ + Extract tier1ReachabilityScanId from the socket facts JSON file. + + Args: + facts_file_path: Path to the .socket.facts.json file + + Returns: + Optional[str]: The scan ID if found, None otherwise + """ + try: + if not os.path.exists(facts_file_path): + log.warning(f"Facts file not found: {facts_file_path}") + return None + + with open(facts_file_path, 'r') as f: + facts = json.load(f) + + scan_id = facts.get('tier1ReachabilityScanId') + return scan_id.strip() if scan_id else None + + except (json.JSONDecodeError, IOError) as e: + log.warning(f"Failed to extract scan ID from {facts_file_path}: {e}") + return None diff --git a/socketsecurity/socketcli.py b/socketsecurity/socketcli.py index 79b8374..ed3ebc0 100644 --- a/socketsecurity/socketcli.py +++ b/socketsecurity/socketcli.py @@ -1,6 +1,7 @@ import json import sys import traceback +import shutil from dotenv import load_dotenv from git import InvalidGitRepositoryError, NoSuchPathError @@ -75,6 +76,50 @@ def main_code(): log.debug("loaded client") core = Core(socket_config, sdk) log.debug("loaded core") + + # Check for required dependencies if reachability analysis is enabled + if config.reach: + log.info("Reachability analysis enabled, checking for required dependencies...") + required_deps = ["npm", "uv", "npx"] + missing_deps = [] + found_deps = [] + + for dep in required_deps: + if shutil.which(dep): + found_deps.append(dep) + log.debug(f"Found required dependency: {dep}") + else: + missing_deps.append(dep) + + if missing_deps: + log.error(f"Reachability analysis requires the following dependencies: {', '.join(required_deps)}") + log.error(f"Missing dependencies: {', '.join(missing_deps)}") + log.error("Please install the missing dependencies and try again.") + sys.exit(3) + + log.info(f"All required dependencies found: {', '.join(found_deps)}") + + # Check if organization has an enterprise plan + log.info("Checking organization plan for reachability analysis eligibility...") + org_response = sdk.org.get(use_types=True) + organizations = org_response.get("organizations", {}) + + if organizations: + org_id = next(iter(organizations)) + org_plan = organizations[org_id].get('plan', '') + + # Check if plan matches enterprise* pattern (enterprise, enterprise_trial, etc.) + if not org_plan.startswith('enterprise'): + log.error(f"Reachability analysis is only available for enterprise plans.") + log.error(f"Your organization plan is: {org_plan}") + log.error("Please upgrade to an enterprise plan to use reachability analysis.") + sys.exit(3) + + log.info(f"Organization plan verified: {org_plan}") + else: + log.error("Unable to retrieve organization information for plan verification.") + sys.exit(3) + # Parse files argument try: if isinstance(config.files, list): @@ -112,6 +157,9 @@ def main_code(): # Determine if files were explicitly specified files_explicitly_specified = config.files != "[]" and len(specified_files) > 0 + # Variable to track if we need to override files with facts file + facts_file_to_submit = None + # Git setup is_repo = False git_repo: Git @@ -172,6 +220,85 @@ def main_code(): # If no repo name was set but workspace_name is provided, we'll use it later log.debug(f"Workspace name provided: {config.workspace_name}") + # Run reachability analysis if enabled + if config.reach: + from socketsecurity.core.tools.reachability import ReachabilityAnalyzer + + log.info("Starting reachability analysis...") + + # Find manifest files in scan paths (excluding .socket.facts.json to avoid circular dependency) + log.info("Finding manifest files for reachability analysis...") + manifest_files = [] + for scan_path in scan_paths: + scan_manifests = core.find_files(scan_path) + # Filter out .socket.facts.json files from manifest upload + scan_manifests = [f for f in scan_manifests if not f.endswith('.socket.facts.json')] + manifest_files.extend(scan_manifests) + + if not manifest_files: + log.warning("No manifest files found for reachability analysis") + else: + log.info(f"Found {len(manifest_files)} manifest files for reachability upload") + + # Upload manifests and get tar hash + log.info("Uploading manifest files...") + try: + # Get org_slug early (we'll need it) + org_slug = core.config.org_slug + + # Upload manifest files + tar_hash = sdk.uploadmanifests.upload_manifest_files( + org_slug=org_slug, + file_paths=manifest_files, + workspace=config.repo or "default-workspace", + base_path=None, + base_paths=base_paths, + use_lazy_loading=False + ) + log.info(f"Manifest upload successful, tar hash: {tar_hash}") + + # Initialize and run reachability analyzer + analyzer = ReachabilityAnalyzer(sdk, config.api_token) + + # Determine output path + output_path = config.reach_output_file or ".socket.facts.json" + + # Run the analysis + result = analyzer.run_reachability_analysis( + org_slug=org_slug, + target_directory=config.target_path, + tar_hash=tar_hash, + output_path=output_path, + timeout=config.reach_analysis_timeout, + memory_limit=config.reach_analysis_memory_limit, + ecosystems=config.reach_ecosystems, + exclude_paths=config.reach_exclude_paths, + min_severity=config.reach_min_severity, + skip_cache=config.reach_skip_cache or False, + disable_analytics=config.reach_disable_analytics or False, + repo_name=config.repo, + branch_name=config.branch, + version=config.reach_version + ) + + log.info(f"Reachability analysis completed successfully") + log.info(f"Results written to: {result['report_path']}") + if result.get('scan_id'): + log.info(f"Reachability scan ID: {result['scan_id']}") + + # If only-facts-file mode, mark the facts file for submission + if config.only_facts_file: + import os + facts_file_to_submit = os.path.abspath(output_path) + log.info(f"Only-facts-file mode: will submit only {facts_file_to_submit}") + + except Exception as e: + log.error(f"Reachability analysis failed: {str(e)}") + if not config.disable_blocking: + sys.exit(3) + + log.info("Continuing with normal scan flow...") + scm = None if config.scm == "github": from socketsecurity.core.scm.github import Github, GithubConfig @@ -188,6 +315,12 @@ def main_code(): if scm is not None and not config.default_branch: config.default_branch = scm.config.is_default_branch + # Override files if only-facts-file mode is active + if facts_file_to_submit: + specified_files = [facts_file_to_submit] + files_explicitly_specified = True + log.debug(f"Overriding files to only submit facts file: {facts_file_to_submit}") + # Determine files to check based on the new logic files_to_check = [] force_api_mode = False @@ -282,7 +415,8 @@ def main_code(): pull_request=pr_number, committers=config.committers, make_default_branch=is_default_branch, - set_as_pending_head=is_default_branch + set_as_pending_head=is_default_branch, + tmp=False ) params.include_license_details = not config.exclude_license_details diff --git a/uv.lock b/uv.lock index 3375542..ad16f82 100644 --- a/uv.lock +++ b/uv.lock @@ -35,6 +35,31 @@ wheels = [ { url = "https://files.pythonhosted.org/packages/b9/fa/123043af240e49752f1c4bd24da5053b6bd00cad78c2be53c0d1e8b975bc/backports.tarfile-1.2.0-py3-none-any.whl", hash = "sha256:77e284d754527b01fb1e6fa8a1afe577858ebe4e9dad8919e34c862cb399bc34", size = 30181, upload-time = "2024-05-28T17:01:53.112Z" }, ] +[[package]] +name = "beautifulsoup4" +version = "4.14.2" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "soupsieve" }, + { name = "typing-extensions" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/77/e9/df2358efd7659577435e2177bfa69cba6c33216681af51a707193dec162a/beautifulsoup4-4.14.2.tar.gz", hash = "sha256:2a98ab9f944a11acee9cc848508ec28d9228abfd522ef0fad6a02a72e0ded69e", size = 625822, upload-time = "2025-09-29T10:05:42.613Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/94/fe/3aed5d0be4d404d12d36ab97e2f1791424d9ca39c2f754a6285d59a3b01d/beautifulsoup4-4.14.2-py3-none-any.whl", hash = "sha256:5ef6fa3a8cbece8488d66985560f97ed091e22bbc4e9c2338508a9d5de6d4515", size = 106392, upload-time = "2025-09-29T10:05:43.771Z" }, +] + +[[package]] +name = "bs4" +version = "0.0.2" +source = { registry = "https://pypi.org/simple" } +dependencies = [ + { name = "beautifulsoup4" }, +] +sdist = { url = "https://files.pythonhosted.org/packages/c9/aa/4acaf814ff901145da37332e05bb510452ebed97bc9602695059dd46ef39/bs4-0.0.2.tar.gz", hash = "sha256:a48685c58f50fe127722417bae83fe6badf500d54b55f7e39ffe43b798653925", size = 698, upload-time = "2024-01-17T18:15:47.371Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/51/bb/bf7aab772a159614954d84aa832c129624ba6c32faa559dfb200a534e50b/bs4-0.0.2-py2.py3-none-any.whl", hash = "sha256:abf8742c0805ef7f662dce4b51cca104cffe52b835238afc169142ab9b3fbccc", size = 1189, upload-time = "2024-01-17T18:15:48.613Z" }, +] + [[package]] name = "certifi" version = "2025.8.3" @@ -1027,22 +1052,23 @@ wheels = [ [[package]] name = "socketdev" -version = "3.0.5" +version = "3.0.14" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "requests" }, { name = "typing-extensions" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/19/b7/fe90d55105df76e9ff3af025f64b2d2b515c30ac0866a9973a093f25c5ed/socketdev-3.0.5.tar.gz", hash = "sha256:58cbe8613c3c892cdbae4941cb53f065051f8e991500d9d61618b214acf4ffc2", size = 129576, upload-time = "2025-09-09T07:15:48.232Z" } +sdist = { url = "https://files.pythonhosted.org/packages/71/e8/362072e5a8b94aa550d91ec0d7ef9ee63120284ceaedc9c8e1889a32abcf/socketdev-3.0.14.tar.gz", hash = "sha256:bcd1c548ac93f91ecc504f8a42be0ad59e457baa9ab17d02fcd2ccd9f10ace5e", size = 131919, upload-time = "2025-10-17T01:53:04.019Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/de/05/c3fc7d0418c2598302ad4b0baf111fa492b31a8fa14acfa394af6f55b373/socketdev-3.0.5-py3-none-any.whl", hash = "sha256:e050f50d2c6b4447107edd3368b56b053e1df62056d424cc1616e898303638ef", size = 55083, upload-time = "2025-09-09T07:15:46.52Z" }, + { url = "https://files.pythonhosted.org/packages/80/ac/aa54c296ecfff89d32974396517eb67bec17737cb863ef1f41bfe1ef83f1/socketdev-3.0.14-py3-none-any.whl", hash = "sha256:189d3e717f774b402eee55d933ddc13e41b52fc9e6410ab4362d5198ff57c723", size = 57338, upload-time = "2025-10-17T01:53:02.356Z" }, ] [[package]] name = "socketsecurity" -version = "2.2.7" +version = "2.2.15" source = { editable = "." } dependencies = [ + { name = "bs4" }, { name = "gitpython" }, { name = "mdutils" }, { name = "packaging" }, @@ -1070,6 +1096,7 @@ test = [ [package.metadata] requires-dist = [ + { name = "bs4", specifier = ">=0.0.2" }, { name = "gitpython" }, { name = "hatch", marker = "extra == 'dev'" }, { name = "mdutils" }, @@ -1084,12 +1111,21 @@ requires-dist = [ { name = "python-dotenv" }, { name = "requests" }, { name = "ruff", marker = "extra == 'dev'", specifier = ">=0.3.0" }, - { name = "socketdev", specifier = ">=3.0.5,<4.0.0" }, + { name = "socketdev", specifier = ">=3.0.6,<4.0.0" }, { name = "twine", marker = "extra == 'dev'" }, { name = "uv", marker = "extra == 'dev'", specifier = ">=0.1.0" }, ] provides-extras = ["test", "dev"] +[[package]] +name = "soupsieve" +version = "2.8" +source = { registry = "https://pypi.org/simple" } +sdist = { url = "https://files.pythonhosted.org/packages/6d/e6/21ccce3262dd4889aa3332e5a119a3491a95e8f60939870a3a035aabac0d/soupsieve-2.8.tar.gz", hash = "sha256:e2dd4a40a628cb5f28f6d4b0db8800b8f581b65bb380b97de22ba5ca8d72572f", size = 103472, upload-time = "2025-08-27T15:39:51.78Z" } +wheels = [ + { url = "https://files.pythonhosted.org/packages/14/a0/bb38d3b76b8cae341dad93a2dd83ab7462e6dbcdd84d43f54ee60a8dc167/soupsieve-2.8-py3-none-any.whl", hash = "sha256:0cc76456a30e20f5d7f2e14a98a4ae2ee4e5abdc7c5ea0aafe795f344bc7984c", size = 36679, upload-time = "2025-08-27T15:39:50.179Z" }, +] + [[package]] name = "tomli" version = "2.2.1" From 6279c13faf852e16c77d63f42d6eb3f4c7a28d3b Mon Sep 17 00:00:00 2001 From: Douglas Date: Thu, 6 Nov 2025 23:33:24 -0500 Subject: [PATCH 107/149] Pin to new verison of SDK (#126) * Pin to new verison of SDK * Fix branch not being a string in auto detection * Add the Reachability CLI to the Docker build so that it is already present and doesn't need to be pulled * If version isn't specific always pull latest coana cli, else make sure we have the specified version --- Dockerfile | 3 +- pyproject.toml | 4 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/git_interface.py | 3 +- socketsecurity/core/tools/reachability.py | 48 ++++++++++++----------- uv.lock | 10 ++--- 6 files changed, 37 insertions(+), 33 deletions(-) diff --git a/Dockerfile b/Dockerfile index 040036d..92186f3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,8 @@ ARG PIP_INDEX_URL=https://pypi.org/simple ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple RUN apk update \ - && apk add --no-cache git nodejs npm yarn + && apk add --no-cache git nodejs npm yarn \ + && npm install @coana-tech/cli -g # Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total) RUN for i in $(seq 1 10); do \ diff --git a/pyproject.toml b/pyproject.toml index f326d59..511f0ff 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.18" +version = "2.2.22" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socketdev>=3.0.6,<4.0.0', + 'socketdev>=3.0.16,<4.0.0', "bs4>=0.0.2", ] readme = "README.md" diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index a61cd78..bec9daa 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.2.18' +__version__ = '2.2.22' USER_AGENT = f'SocketPythonCLI/{__version__}' diff --git a/socketsecurity/core/git_interface.py b/socketsecurity/core/git_interface.py index 84eec25..d750284 100644 --- a/socketsecurity/core/git_interface.py +++ b/socketsecurity/core/git_interface.py @@ -97,8 +97,7 @@ def __init__(self, path: str): else: # Try to get branch name from git properties try: - self.branch = self.head.reference - urllib.parse.unquote(str(self.branch)) + self.branch = urllib.parse.unquote(str(self.head.reference)) log.debug(f"Branch detected from git reference: {self.branch}") except Exception as error: log.debug(f"Failed to get branch from git reference: {error}") diff --git a/socketsecurity/core/tools/reachability.py b/socketsecurity/core/tools/reachability.py index 064b699..7d3048e 100644 --- a/socketsecurity/core/tools/reachability.py +++ b/socketsecurity/core/tools/reachability.py @@ -17,10 +17,10 @@ def __init__(self, sdk: socketdev, api_token: str): def _ensure_coana_cli_installed(self, version: Optional[str] = None) -> str: """ - Check if @coana-tech/cli is installed, and install it if not present. + Check if @coana-tech/cli is installed, and install/update it if needed. Args: - version: Specific version to install (e.g., '1.2.3') + version: Specific version to install (e.g., '1.2.3'). If None, updates to latest. Returns: str: The package specifier to use with npx @@ -28,27 +28,31 @@ def _ensure_coana_cli_installed(self, version: Optional[str] = None) -> str: # Determine the package specifier package_spec = f"@coana-tech/cli@{version}" if version else "@coana-tech/cli" - # Check if the package is already available - try: - check_cmd = ["npm", "list", "-g", "@coana-tech/cli", "--depth=0"] - result = subprocess.run( - check_cmd, - capture_output=True, - text=True, - timeout=10 - ) - - # If npm list succeeds and mentions the package, it's installed - if result.returncode == 0 and "@coana-tech/cli" in result.stdout: - log.debug(f"@coana-tech/cli is already installed globally") - return package_spec + # If a specific version is requested, check if it's already installed + if version: + try: + check_cmd = ["npm", "list", "-g", "@coana-tech/cli", "--depth=0"] + result = subprocess.run( + check_cmd, + capture_output=True, + text=True, + timeout=10 + ) - except Exception as e: - log.debug(f"Could not check for existing @coana-tech/cli installation: {e}") - - # Package not found or check failed - install it - log.info("Downloading reachability analysis plugin (@coana-tech/cli)...") - log.info("This may take a moment on first run...") + # If npm list succeeds and mentions the specific version, it's installed + if result.returncode == 0 and f"@coana-tech/cli@{version}" in result.stdout: + log.debug(f"@coana-tech/cli@{version} is already installed globally") + return package_spec + + except Exception as e: + log.debug(f"Could not check for existing @coana-tech/cli installation: {e}") + + # Install or update the package + if version: + log.info(f"Installing reachability analysis plugin (@coana-tech/cli@{version})...") + else: + log.info("Updating reachability analysis plugin (@coana-tech/cli) to latest version...") + log.info("This may take a moment...") try: install_cmd = ["npm", "install", "-g", package_spec] diff --git a/uv.lock b/uv.lock index ad16f82..0dac6d3 100644 --- a/uv.lock +++ b/uv.lock @@ -1052,20 +1052,20 @@ wheels = [ [[package]] name = "socketdev" -version = "3.0.14" +version = "3.0.16" source = { registry = "https://pypi.org/simple" } dependencies = [ { name = "requests" }, { name = "typing-extensions" }, ] -sdist = { url = "https://files.pythonhosted.org/packages/71/e8/362072e5a8b94aa550d91ec0d7ef9ee63120284ceaedc9c8e1889a32abcf/socketdev-3.0.14.tar.gz", hash = "sha256:bcd1c548ac93f91ecc504f8a42be0ad59e457baa9ab17d02fcd2ccd9f10ace5e", size = 131919, upload-time = "2025-10-17T01:53:04.019Z" } +sdist = { url = "https://files.pythonhosted.org/packages/02/0d/6da0e0c34b97eef3a926d55470fa4bda2fcbbc42cc9e26ac51a34c6f117d/socketdev-3.0.16.tar.gz", hash = "sha256:5145300945e4e8d2d7f71db9c55cb44cc1449874f9d6416cc1d6ec129c64d638", size = 132505, upload-time = "2025-11-07T03:24:16.231Z" } wheels = [ - { url = "https://files.pythonhosted.org/packages/80/ac/aa54c296ecfff89d32974396517eb67bec17737cb863ef1f41bfe1ef83f1/socketdev-3.0.14-py3-none-any.whl", hash = "sha256:189d3e717f774b402eee55d933ddc13e41b52fc9e6410ab4362d5198ff57c723", size = 57338, upload-time = "2025-10-17T01:53:02.356Z" }, + { url = "https://files.pythonhosted.org/packages/a3/91/8486b2a62ba71d62a8f4f2f9ad22c61fcaabb461c5f269bbe0734eae76f9/socketdev-3.0.16-py3-none-any.whl", hash = "sha256:f5e413f5f2f8c0c938d5654da7f0a157c0be02a25e14d94af62c252e9fb3b502", size = 58567, upload-time = "2025-11-07T03:24:14.965Z" }, ] [[package]] name = "socketsecurity" -version = "2.2.15" +version = "2.2.18" source = { editable = "." } dependencies = [ { name = "bs4" }, @@ -1111,7 +1111,7 @@ requires-dist = [ { name = "python-dotenv" }, { name = "requests" }, { name = "ruff", marker = "extra == 'dev'", specifier = ">=0.3.0" }, - { name = "socketdev", specifier = ">=3.0.6,<4.0.0" }, + { name = "socketdev", specifier = ">=3.0.16,<4.0.0" }, { name = "twine", marker = "extra == 'dev'" }, { name = "uv", marker = "extra == 'dev'", specifier = ">=0.1.0" }, ] From 144c4e22835ff093f74f71e62f669af7366cf435 Mon Sep 17 00:00:00 2001 From: Douglas Date: Fri, 7 Nov 2025 05:08:56 -0800 Subject: [PATCH 108/149] Add uv to the docker build (#127) --- Dockerfile | 6 +++++- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 92186f3..6c5bdbb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,9 +6,13 @@ ARG PIP_INDEX_URL=https://pypi.org/simple ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple RUN apk update \ - && apk add --no-cache git nodejs npm yarn \ + && apk add --no-cache git nodejs npm yarn curl \ && npm install @coana-tech/cli -g +# Install uv +RUN curl -LsSf https://astral.sh/uv/install.sh | sh +ENV PATH="/root/.cargo/bin:${PATH}" + # Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total) RUN for i in $(seq 1 10); do \ echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \ diff --git a/pyproject.toml b/pyproject.toml index 511f0ff..cf3abcb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.22" +version = "2.2.23" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index bec9daa..4a034ca 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.2.22' +__version__ = '2.2.23' USER_AGENT = f'SocketPythonCLI/{__version__}' From 2684a9d2c3fd880b35bc1a06d2e45f1290a9b737 Mon Sep 17 00:00:00 2001 From: Douglas Date: Fri, 7 Nov 2025 14:59:36 -0800 Subject: [PATCH 109/149] Doug/fix uv default path (#128) * Fixed docker build to have uv in the default path * Fix default path for UV and minimum SDK version to fix tar hash upload * Ensuring socketdev is updated in the dockerfile --- Dockerfile | 40 +++++++++++++++++++--------- pyproject.toml | 4 +-- scripts/build_container.sh | 53 ++++++++++++++++++++++++++++++++++--- socketsecurity/__init__.py | 2 +- socketsecurity/socketcli.py | 3 +-- 5 files changed, 81 insertions(+), 21 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6c5bdbb..65ffbe8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,24 +4,38 @@ ARG CLI_VERSION ARG SDK_VERSION ARG PIP_INDEX_URL=https://pypi.org/simple ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple +ARG USE_LOCAL_INSTALL=false RUN apk update \ && apk add --no-cache git nodejs npm yarn curl \ && npm install @coana-tech/cli -g # Install uv -RUN curl -LsSf https://astral.sh/uv/install.sh | sh -ENV PATH="/root/.cargo/bin:${PATH}" +COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv -# Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total) -RUN for i in $(seq 1 10); do \ - echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \ - if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \ - break; \ +# Install CLI based on build mode +RUN if [ "$USE_LOCAL_INSTALL" = "true" ]; then \ + echo "Using local development install"; \ + else \ + for i in $(seq 1 10); do \ + echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \ + if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \ + break; \ + fi; \ + echo "Install failed, waiting 30s before retry..."; \ + sleep 30; \ + done && \ + if [ ! -z "$SDK_VERSION" ]; then \ + pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \ fi; \ - echo "Install failed, waiting 30s before retry..."; \ - sleep 30; \ - done && \ - if [ ! -z "$SDK_VERSION" ]; then \ - pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \ - fi \ No newline at end of file + fi + +# Copy local source and install in editable mode if USE_LOCAL_INSTALL is true +COPY . /app +WORKDIR /app +RUN if [ "$USE_LOCAL_INSTALL" = "true" ]; then \ + pip install --upgrade -e .; \ + pip install --upgrade socketdev; \ + fi + +# ENTRYPOINT ["socketcli"] \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index cf3abcb..c1ab9cc 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.23" +version = "2.2.26" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ @@ -16,7 +16,7 @@ dependencies = [ 'GitPython', 'packaging', 'python-dotenv', - 'socketdev>=3.0.16,<4.0.0', + 'socketdev>=3.0.17,<4.0.0', "bs4>=0.0.2", ] readme = "README.md" diff --git a/scripts/build_container.sh b/scripts/build_container.sh index f268246..2e078d4 100755 --- a/scripts/build_container.sh +++ b/scripts/build_container.sh @@ -24,9 +24,15 @@ verify_package() { echo $VERSION if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then - echo "$0 pypi-build=enable stable=true" - echo "\tpypi-build: Build and publish a new version of the package to pypi. Options are prod or test" - echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog" + echo "$0 pypi-build=