PkgRadar

PyPI · pypi.org

migration-workbench

Credential file access: matched "GOOGLE_APPLICATION_CREDENTIALS"

Why PkgRadar flagged 0.8.0

SeveritySignalEvidence
mediumCredential file accessmatched "GOOGLE_APPLICATION_CREDENTIALS" · migration_workbench-0.8.0/connectors/google_sheets.py
mediumCredential file accessmatched "GOOGLE_APPLICATION_CREDENTIALS" · migration_workbench-0.8.0/profiler/management/commands/profile_preflight.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.8.0Review202026-05-27

Block this in CI

PkgRadar gates migration-workbench (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi migration-workbench==0.8.0
Start free — 25 scans / moView full evidence