PyPI · pypi.org
apollotab
Python Bun Js Exec: Python file references the Bun JavaScript runtime — cross-language execution
Why PkgRadar flagged 0.2.4
| Severity | Signal | Evidence |
|---|---|---|
| high | Python Bun Js Exec | Python file references the Bun JavaScript runtime — cross-language execution · apollotab-0.2.4/venv/Lib/site-packages/pygments/lexers/_vim_builtins.py |
| medium | Py Import Time Subprocess | subprocess call — process spawning. · apollotab-0.2.4/venv/Lib/site-packages/docutils/writers/odf_odt/__init__.py |
| medium | Py Import Time Subprocess | subprocess call — process spawning. · apollotab-0.2.4/venv/Lib/site-packages/jaraco/context/__init__.py |
| medium | Py Import Time Eval Exec | Python eval()/exec() called on a string. · apollotab-0.2.4/venv/Lib/site-packages/PyQt5/uic/__init__.py |
| medium | Py Import Time Eval Exec | Python eval()/exec() called on a string. · apollotab-0.2.4/venv/Lib/site-packages/jaraco/functools/__init__.py |
| medium | Py Import Time Eval Exec | Python eval()/exec() called on a string. · apollotab-0.2.4/venv/Lib/site-packages/pip/_vendor/pkg_resources/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · apollotab-0.2.4/venv/Lib/site-packages/jaraco/context/__init__.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.2.4 | High risk | 194 | 2026-06-12 |
0.2.3 | High risk | 194 | 2026-06-12 |
0.2.2 | High risk | 194 | 2026-06-12 |
0.2.1 | Low risk | 0 | 2026-06-12 |
0.2.0 | Low risk | 0 | 2026-06-12 |
Block this in CI
pkgradar gate --ecosystem pypi apollotab==0.2.4