{"package":"dspy","ecosystem":"conda","latest_version":"3.0.2","description":"DSPy","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/stanfordnlp/dspy","repository":"","downloads_weekly":209,"health":{"score":47,"risk":"high","breakdown":{"maintenance":10,"popularity":3,"security":23,"maturity":9,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2025-12695","severity":"medium","summary":"DSPy does not properly restrict file reads","affected_versions":"<=3.0.3|=0.0.1|=0.0.2|=0.0.3|=0.1.3|=0.1.4|=0.1.5|=2.5.1|=2.5.10|=2.5.11|=2.5.12|=2.5.13|=2.5.14|=2.5.15|=2.5.16|=2.5.17|=2.5.18|=2.5.19|=2.5.2|=2.5.20|=2.5.21|=2.5.22|=2.5.23|=2.5.24|=2.5.25|=2.5.26|=2.5.27|=2.5.28|=2.5.29|=2.5.3|=2.5.30|=2.5.31|=2.5.32|=2.5.33|=2.5.34|=2.5.35|=2.5.36|=2.5.37|=2.5.38|=2.5.39|=2.5.4|=2.5.40|=2.5.41|=2.5.42|=2.5.43|=2.5.5|=2.5.6|=2.5.7|=2.5.8|=2.5.9|=2.6.0|=2.6.0rc1|=2.6.0rc11|=2.6.0rc2|=2.6.0rc3|=2.6.0rc4|=2.6.0rc5|=2.6.0rc6|=2.6.0rc7|=2.6.0rc8|=2.6.1|=2.6.10|=2.6.11|=2.6.12|=2.6.13|=2.6.14|=2.6.15|=2.6.16|=2.6.17|=2.6.18|=2.6.19|=2.6.2|=2.6.20|=2.6.21|=2.6.22|=2.6.23|=2.6.24|=2.6.25|=2.6.26|=2.6.27|=2.6.27a1|=2.6.3|=2.6.4|=2.6.5|=2.6.6|=2.6.7|=2.6.8|=2.6.9|=2.6.9rc1|=3.0.0|=3.0.0b1|=3.0.0b2|=3.0.0b3|=3.0.0b4|=3.0.1|=3.0.2|=3.0.3","fixed_version":null,"source":"osv","published_at":"2025-11-04T15:31:35Z","in_kev":false,"epss_prob":0.00011,"epss_percentile":0.01295,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"3.0.2","total_count":16,"recent":["2.6.11","2.6.12","2.6.13","2.6.15","2.6.16","2.6.17","2.6.18","2.6.19","2.6.21","2.6.22","2.6.23","2.6.24","2.6.25","2.6.26","2.6.27","3.0.2"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":"2025-03-13 15:09:27.893000+00:00","last_published":"2025-08-22 17:59:07.752000+00:00","dependencies_count":0,"dependencies":[]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"3.0.2","version_hint":null,"summary":"dspy@3.0.2 is safe to use (health: 47/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":366,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":16,"first_release_age_days":412,"last_release_days_ago":250,"avg_days_between_releases":27,"release_velocity":"moderate"},"popularity_warning":{"this_ecosystem_downloads":209,"more_popular_in":{"ecosystem":"pypi","downloads_weekly":1877341},"hint":"This is the conda package 'dspy' (209 dl/week). A much more popular package with the same name exists in pypi (1,877,341 dl/week). Confirm you queried the right ecosystem."}}