PyPI · pypi.org

snakemake-executor-plugin-sge

Py Import Time Subprocess: subprocess call with shell=True — passes argv to /bin/sh.

Why PkgRadar flagged 0.6.13

Severity	Signal	Evidence
medium	Py Import Time Subprocess	subprocess call with shell=True — passes argv to /bin/sh. · snakemake_executor_plugin_sge-0.6.13/snakemake_executor_plugin_sge/__init__.py

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`0.6.13`	Review	48	2026-06-06
`0.6.12`	Review	48	2026-06-06
`0.6.11`	Review	48	2026-06-06
`0.6.10`	Review	48	2026-06-06
`0.6.9`	Review	48	2026-06-05
`0.6.8`	Review	48	2026-06-05
`0.6.7`	Review	48	2026-06-05
`0.6.6`	Review	48	2026-06-05
`0.6.5`	Review	48	2026-06-05
`0.6.4`	Review	48	2026-06-05

Block this in CI

PkgRadar gates snakemake-executor-plugin-sge (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi snakemake-executor-plugin-sge==0.6.13