{"package":"Js2Py","ecosystem":"pypi","latest_version":"0.74","description":"JavaScript to Python Translator & JavaScript interpreter written in 100% pure Python.","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/PiotrDabkowski/Js2Py","repository":"https://github.com/PiotrDabkowski/Js2Py","downloads_weekly":206648,"health":{"score":48,"risk":"high","breakdown":{"maintenance":0,"popularity":14,"security":20,"maturity":12,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":1,"medium":0,"low":0,"details":[{"vuln_id":"CVE-2024-28397","severity":"high","summary":"js2py allows remote code execution","affected_versions":"<=0.74|=0.1|=0.2|=0.21|=0.22|=0.23|=0.25|=0.26|=0.27|=0.28|=0.29|=0.30|=0.31|=0.32|=0.33|=0.35|=0.36|=0.37|=0.39|=0.40|=0.41|=0.42|=0.43|=0.44|=0.47|=0.48|=0.49|=0.50|=0.51|=0.52|=0.53|=0.54|=0.55|=0.56|=0.57|=0.58|=0.59|=0.60|=0.61|=0.62|=0.63|=0.66|=0.67|=0.68|=0.69|=0.70|=0.71|=0.72|=0.74","fixed_version":null,"source":"osv","published_at":"2024-06-20T18:34:08Z","in_kev":false,"epss_prob":0.65098,"epss_percentile":0.98489,"threat_tier":"likely_exploited"}],"actively_exploited_count":0,"likely_exploited_count":1},"versions":{"latest":"0.74","total_count":48,"recent":["0.52","0.53","0.54","0.55","0.56","0.57","0.58","0.59","0.60","0.61","0.62","0.63","0.66","0.67","0.68","0.69","0.70","0.71","0.72","0.74"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2022-11-06T10:43:50.988014Z","dependencies_count":3,"dependencies":["tzlocal (>=1.2)","six (>=1.10)","pyjsparser (>=2.5.1)"]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["1 high severity vulnerabilities"],"use_version":"0.74","version_hint":null,"summary":"Js2Py@0.74 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":769,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":3992,"last_release_days_ago":1271,"avg_days_between_releases":210,"release_velocity":"stale"}}