PkgRadar

PyPI · pypi.org

quick-sentiments

Py Import Time Eval Exec: Python eval()/exec() called on a string.

Why PkgRadar flagged 0.5.4

SeveritySignalEvidence
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · quick_sentiments-0.5.4/quicktest/Lib/site-packages/packaging/licenses/__init__.py
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · quick_sentiments-0.5.4/quicktest/Lib/site-packages/pip/_vendor/pkg_resources/__init__.py
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · quick_sentiments-0.5.4/quicktest/Lib/site-packages/pkg_resources/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.5.4Review492026-06-07
0.5.3Review492026-06-07
0.5.2Review492026-06-07
0.5.1Review492026-06-07

Block this in CI

PkgRadar gates quick-sentiments (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi quick-sentiments==0.5.4
Start free — 25 scans / moView full evidence