PkgRadar

PyPI · pypi.org

url-sanitize

Credential File Packaged: url_sanitize-2.0.2/.npmrc

Why PkgRadar flagged 2.0.2

SeveritySignalEvidence
highCredential File Packagedurl_sanitize-2.0.2/.npmrc · url_sanitize-2.0.2/.npmrc
mediumPy Import Time Subprocesssubprocess call — process spawning. · url_sanitize-2.0.2/python/url_sanitize/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.2High risk762026-06-11
2.0.1High risk762026-06-03
2.0.0High risk762026-06-03
1.0.0High risk672026-06-01
0.1.4High risk672026-05-31
0.1.3High risk672026-05-31
0.1.2High risk672026-05-30

Block this in CI

PkgRadar gates url-sanitize (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi url-sanitize==2.0.2
Start free — 25 scans / moView full evidence