{"package":"bandit","ecosystem":"homebrew","latest_version":"1.9.4","description":"Security-oriented static analyser for Python code","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/PyCQA/bandit","repository":"https://github.com/PyCQA/bandit","downloads_weekly":48,"health":{"score":56,"risk":"high","breakdown":{"maintenance":20,"popularity":0,"security":25,"maturity":9,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":0,"critical":0,"high":0,"medium":0,"low":0,"details":[]},"versions":{"latest":"1.9.4","total_count":1,"recent":["1.9.4"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2026-03-30T09:15:24Z","dependencies_count":2,"dependencies":["libyaml","python@3.14"]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"1.9.4","version_hint":null,"summary":"bandit@1.9.4 is safe to use (health: 56/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":1631,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":1,"first_release_age_days":null,"last_release_days_ago":30,"avg_days_between_releases":null,"release_velocity":"active"},"popularity_warning":{"this_ecosystem_downloads":48,"more_popular_in":{"ecosystem":"pypi","downloads_weekly":5181927},"hint":"This is the homebrew package 'bandit' (48 dl/week). A much more popular package with the same name exists in pypi (5,181,927 dl/week). Confirm you queried the right ecosystem."}}