PyPI · pypi.org

portman-proxy

Py Import Time Subprocess: subprocess call with shell=True — passes argv to /bin/sh.

Why PkgRadar flagged 0.1.2

Severity	Signal	Evidence
medium	Py Import Time Subprocess	subprocess call with shell=True — passes argv to /bin/sh. · portman_proxy-0.1.2/testenv/Lib/site-packages/watchdog/tricks/__init__.py
medium	Py Import Time Subprocess	subprocess call with shell=True — passes argv to /bin/sh. · portman_proxy-0.1.2/verify/Lib/site-packages/watchdog/tricks/__init__.py
medium	Py Import Time Subprocess	subprocess call — process spawning. · portman_proxy-0.1.2/testenv/Lib/site-packages/docutils/writers/odf_odt/__init__.py
medium	Py Import Time Subprocess	subprocess call — process spawning. · portman_proxy-0.1.2/testenv/Lib/site-packages/jaraco/context/__init__.py
medium	Py Import Time Subprocess	subprocess call — process spawning. · portman_proxy-0.1.2/testenv/Lib/site-packages/watchdog/tricks/__init__.py
medium	Py Import Time Subprocess	subprocess call — process spawning. · portman_proxy-0.1.2/verify/Lib/site-packages/watchdog/tricks/__init__.py
medium	Py Import Time Eval Exec	Python eval()/exec() called on a string. · portman_proxy-0.1.2/testenv/Lib/site-packages/jaraco/functools/__init__.py
medium	Py Import Time Eval Exec	Python eval()/exec() called on a string. · portman_proxy-0.1.2/testenv/Lib/site-packages/pip/_vendor/pkg_resources/__init__.py
medium	Py Import Time Eval Exec	Python eval()/exec() called on a string. · portman_proxy-0.1.2/verify/Lib/site-packages/pip/_vendor/pkg_resources/__init__.py
high	Py Import Time Network Call	Network call (urllib/requests/httpx/http.client) at install or import time. · portman_proxy-0.1.2/testenv/Lib/site-packages/jaraco/context/__init__.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.1.2`	High risk	224	2026-06-03
`0.1.1`	High risk	224	2026-06-03
`0.1.0`	High risk	200	2026-06-03

Block this in CI

PkgRadar gates portman-proxy (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi portman-proxy==0.1.2

Start free — 25 scans / mo View full evidence