{"package":"gix-blame","ecosystem":"cargo","latest_version":"0.13.0","description":"A crate of the gitoxide project dedicated to implementing a 'blame' algorithm","license":"MIT OR Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":null,"repository":"https://github.com/GitoxideLabs/gitoxide","downloads_weekly":1360520,"health":{"score":81,"risk":"low","breakdown":{"maintenance":25,"popularity":17,"security":23,"maturity":9,"community":7},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2025-31130","severity":"medium","summary":"gitoxide does not detect SHA-1 collision attacks","affected_versions":"<0.41.0|<0.27.0|<0.39.0|<0.48.0|<0.68.0|<0.58.0|<0.42.0|<0.46.0|<0.71.0|<0.20.0|<0.1.0|<0.44.0|<0.51.0|<0.13.0|<0.39.0|<0.18.0|<0.10.0|<0.4.0|<0.19.0|<0.49.0|<0.51.0|<0.33.0|<0.19.0|<0.18.0|<0.45.0|<0.40.0|<0.18.0","fixed_version":"0.18.0","source":"osv","published_at":"2025-04-04T16:06:08Z","in_kev":false,"epss_prob":0.00056,"epss_percentile":0.17273,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.13.0","total_count":15,"recent":["0.13.0","0.12.0","0.11.0","0.10.0","0.9.0","0.8.0","0.7.0","0.6.0","0.5.0","0.4.0","0.3.0","0.2.1","0.2.0","0.1.0","0.0.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":"2025-01-18T15:51:21.096592Z","last_published":"2026-04-27T22:55:31.800255Z","dependencies_count":0,"dependencies":[]},"github_stats":{"stars":11272,"forks":462,"open_issues":186,"is_archived":false,"pushed_at":"2026-05-01T13:49:27Z","subscribers_count":55},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"0.13.0","version_hint":"Update to >= 0.18.0 to fix known vulnerabilities","summary":"gix-blame@0.13.0 is safe to use (health: 81/100)"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":15,"first_release_age_days":468,"last_release_days_ago":4,"avg_days_between_releases":33,"release_velocity":"active"}}