PyPI · pypi.org

querysource

Credential file access: matched "GOOGLE_APPLICATION_CREDENTIALS"

Why PkgRadar flagged 4.4.0

Severity	Signal	Evidence
medium	Credential file access	matched "GOOGLE_APPLICATION_CREDENTIALS" · querysource-4.4.0/querysource/providers/sources/ga.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`4.4.0`	Review	9	2026-05-30

Block this in CI

PkgRadar gates querysource (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi querysource==4.4.0