PkgRadar

PyPI · pypi.org

truefoundry

Credential file access: matched "aws_access_key"

Why PkgRadar flagged 0.16.0rc1

SeveritySignalEvidence
mediumCredential file accessmatched "aws_access_key" · truefoundry-0.16.0rc1/truefoundry/deploy/builder/builders/tfy_spark_buildpack/tfy_execute_notebook.py

Scanned versions

VersionVerdictScoreScanned (UTC)
0.16.0rc1Review102026-06-01
0.15.4rc1Review442026-05-27

Block this in CI

PkgRadar gates truefoundry (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi truefoundry==0.16.0rc1
Start free — 25 scans / moView full evidence