PyPI · pypi.org
getdango
Py Import Time Subprocess: subprocess call — process spawning.
Why PkgRadar flagged 1.0.4
| Severity | Signal | Evidence |
|---|---|---|
| medium | Py Import Time Subprocess | subprocess call — process spawning. · getdango-1.0.4/dango/transformation/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · getdango-1.0.4/dango/ingestion/dlt_sources/jira/__init__.py |
| high | Py Import Time Network Call | Network call (urllib/requests/httpx/http.client) at install or import time. · getdango-1.0.4/dango/ingestion/dlt_sources/mux/__init__.py |
| medium | Credential file access | matched "aws_access_key" · getdango-1.0.4/dango/platform/cloud/migrate.py |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.4 | High risk | 65 | 2026-06-15 |
1.0.3 | High risk | 65 | 2026-06-11 |
1.0.2 | High risk | 65 | 2026-06-08 |
1.0.1 | High risk | 65 | 2026-06-07 |
1.0.0 | High risk | 65 | 2026-06-07 |
1.0.0b7 | High risk | 65 | 2026-06-06 |
1.0.0b6 | High risk | 65 | 2026-06-05 |
1.0.0b5 | High risk | 65 | 2026-06-05 |
1.0.0b4 | High risk | 65 | 2026-06-02 |
1.0.0b3 | High risk | 65 | 2026-05-30 |
1.0.0b2 | High risk | 65 | 2026-05-30 |
1.0.0b1 | High risk | 65 | 2026-05-30 |
Block this in CI
pkgradar gate --ecosystem pypi getdango==1.0.4