PkgRadar

PyPI · pypi.org

code-puppy

Py Runtime Dynamic Dangerous Import: Dynamic __import__('sys') — reflection bypass for static checks.

Why PkgRadar flagged 0.0.564

SeveritySignalEvidence
highPy Runtime Dynamic Dangerous ImportDynamic __import__('sys') — reflection bypass for static checks. · code_puppy-0.0.564/code_puppy/messaging/queue_console.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.564High risk192026-06-13
0.0.563High risk192026-06-12
0.0.562High risk192026-06-12
0.0.561High risk192026-06-11
0.0.560High risk192026-06-11
0.0.559High risk192026-06-11
0.0.558High risk192026-06-11
0.0.557High risk192026-06-10
0.0.556High risk192026-06-10
0.0.555High risk192026-06-09
0.0.554High risk192026-06-09
0.0.553High risk192026-06-09
0.0.552High risk192026-06-09
0.0.551High risk192026-06-09
0.0.550High risk192026-06-09
0.0.549High risk192026-06-08
0.0.548High risk192026-06-08
0.0.547High risk192026-06-08
0.0.546High risk192026-06-06
0.0.545High risk192026-06-04
0.0.544High risk192026-06-04
0.0.543High risk192026-06-03
0.0.542High risk192026-06-02
0.0.541High risk192026-06-02
0.0.540High risk192026-06-02
0.0.539High risk192026-06-01
0.0.538High risk192026-06-01
0.0.537High risk192026-05-31
0.0.536High risk192026-05-31
0.0.535High risk192026-05-30
0.0.534High risk192026-05-30
0.0.533High risk192026-05-30
0.0.532High risk192026-05-30
0.0.531High risk192026-05-30
0.0.530High risk192026-05-30

Block this in CI

PkgRadar gates code-puppy (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi code-puppy==0.0.564
Start free — 25 scans / moView full evidence