PyPI · pypi.org
durag
Credential file access: matched "aws_access_key"
Why PkgRadar flagged 2.1.12
| Severity | Signal | Evidence |
|---|---|---|
| medium | Credential file access | matched "aws_access_key" · durag-2.1.12/durag/embeddings/aws_bedrock.py |
| medium | Credential file access | matched "GOOGLE_APPLICATION_CREDENTIALS" · durag-2.1.12/durag/embeddings/vertexai.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.1.12 | Review | 35 | 2026-06-05 |
2.1.11 | Review | 35 | 2026-06-03 |
2.1.10 | Review | 35 | 2026-06-03 |
2.1.1 | Review | 35 | 2026-06-03 |
2.1.0 | Review | 35 | 2026-06-03 |
2.0.9 | Review | 35 | 2026-06-03 |
2.0.8 | Review | 35 | 2026-06-03 |
2.0.7 | Review | 35 | 2026-06-03 |
2.0.6 | Review | 35 | 2026-06-03 |
2.0.5 | Review | 35 | 2026-06-03 |
2.0.4 | Review | 35 | 2026-06-03 |
Block this in CI
pkgradar gate --ecosystem pypi durag==2.1.12