{"package":"Colorama","ecosystem":"pypi","latest_version":"0.4.6","description":"Cross-platform colored terminal text.","license":"BSD-3-Clause","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://pypi.org/project/colorama/","repository":"https://github.com/tartley/colorama","downloads_weekly":96710737,"health":{"score":62,"risk":"moderate","breakdown":{"maintenance":0,"popularity":20,"security":25,"maturity":12,"community":5},"deprecated":false,"max_score":100},"vulnerabilities":{"count":0,"critical":0,"high":0,"medium":0,"low":0,"details":[]},"versions":{"latest":"0.4.6","total_count":46,"recent":["0.2.7","0.3.0","0.3.1","0.3.2","0.3.3","0.3.4","0.3.5","0.3.6","0.3.7","0.3.8","0.3.9","0.4.0","0.4.1","0.4.2","0.4.3","0.4.4","0.4.5rc1","0.4.5","0.4.6rc1","0.4.6"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2022-10-25T02:36:20.889702Z","dependencies_count":0,"dependencies":[]},"github_stats":{"stars":3777,"forks":272,"open_issues":134,"is_archived":false,"pushed_at":"2025-07-09T17:06:02+00:00"},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":{"count":1,"matches_current_version":true,"incidents":[{"affected_versions":">=0.0.0","incident_type":"typosquat","year":2024,"summary":"Typosquats `colorsama`, `coloroma`, `coloraama` (and several others) published in PyPI in 2023-2024 with info-stealer payloads targeting Discord tokens and crypto wallets.","refs":["https://checkmarx.com/blog/colourama-typosquatting-attack/"],"matches_current_version":true}]},"recommendation":{"action":"do_not_use","issues":["Historical compromise KB matches current version (1 incident(s))"],"use_version":null,"version_hint":"Check /api/versions for a safe release","summary":"Colorama: version matches a known historical supply-chain compromise. DO NOT install."},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":781,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":true,"criticality_score":0.525,"criticality_tier":"high","velocity_pct":0.0,"velocity_trend":"stable","publish_security":null},"version_history_summary":{"total_versions":20,"first_release_age_days":5856,"last_release_days_ago":1285,"avg_days_between_releases":308,"release_velocity":"stale"}}