{"package":"datasette","ecosystem":"pypi","latest_version":"0.65.2","description":"An open source multi-tool for exploring and publishing data","license":"Apache License, Version 2.0","license_risk":"unknown","commercial_use_notes":"verify manually — license not parseable / not declared.","homepage":"https://datasette.io/","repository":"","downloads_weekly":0,"health":{"score":55,"risk":"high","breakdown":{"maintenance":15,"popularity":0,"security":23,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2023-40570","severity":"medium","summary":"Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as datasette-auth-passwords. The `/-/api` API explorer endpoint could reveal the names of both databases and tables - but not their contents - to an unauthenticated user. Datasette 1.0a4 has a fix for this issue. This will block access to th","affected_versions":"<01e0558825b8f7ec17d3b691aa072daf122fcc74|=0.10|=0.11|=0.12|=0.13|=0.14|=0.15|=0.16|=0.17|=0.18|=0.19|=0.20|=0.21|=0.22|=0.22.1|=0.23|=0.23.1|=0.23.2|=0.24|=0.25|=0.25.1|=0.25.2|=0.26|=0.26.1|=0.26.2|=0.27|=0.27.1|=0.28|=0.29|=0.29.1|=0.29.2|=0.29.3|=0.30|=0.30.1|=0.30.2|=0.31|=0.31.1|=0.31.2|=0.32|=0.33|=0.34|=0.35|=0.36|=0.37|=0.37.1|=0.38|=0.39|=0.40|=0.41|=0.42|=0.43|=0.44|=0.45|=0.45a0|=0.45a1|=0.45a2|=0.45a3|=0.45a4|=0.45a5|=0.46|=0.47|=0.47.1|=0.47.2|=0.47.3|=0.48|=0.49|=0.49.1|=0.49a0|=0.49a1|=0.50|=0.50.1|=0.50.2|=0.50a0|=0.50a1|=0.51|=0.51.1|=0.51a0|=0.51a1|=0.51a2|=0.52|=0.52.1|=0.52.2|=0.52.3|=0.52.4|=0.52.5|=0.53|=0.54|=0.54.1|=0.54a0|=0.55|=0.56|=0.56.1|=0.57|=0.57.1|=0.57a0|=0.57a1|=0.58|=0.58.1|=0.58a0|=0.58a1|=0.59|=0.59.1|=0.59.2|=0.59.3|=0.59.4|=0.59a0|=0.59a1|=0.59a2|=0.60|=0.60.1|=0.60.2|=0.60a0|=0.60a1|=0.61|=0.61.1|=0.61a0|=0.62|=0.62a0|=0.62a1|=0.63|=0.63.1|=0.63.2|=0.63.3|=0.63a0|=0.63a1|=0.64|=0.64.1|=0.64.2|=0.64.3|=0.8|=0.9|=1.0a0|=1.0a1|=1.0a2|=1.0a3|=1.0a4|=1.0a5|=1.0a6|=0.64.4|=1.0a7|=0.64.5|=0.64.6|=0.64.7|=0.64.8|=0.65|=0.65.1|=1.0a10|=1.0a11|=1.0a12|=1.0a13|=1.0a14|=1.0a15|=1.0a16|=1.0a17|=1.0a18|=1.0a19|=1.0a8|=1.0a9","fixed_version":"01e0558825b8f7ec17d3b691aa072daf122fcc74","source":"osv","published_at":"2023-08-25T01:15:00Z","in_kev":false,"epss_prob":0.00325,"epss_percentile":0.55457,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.65.2","total_count":167,"recent":["1.0a9","1.0a10","1.0a11","1.0a12","1.0a13","1.0a14","1.0a15","1.0a16","1.0a17","1.0a18","1.0a19","1.0a20","1.0a21","1.0a22","1.0a23","1.0a24","1.0a25","1.0a26","1.0a27","1.0a28"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2025-11-05T18:23:23.916182Z","dependencies_count":35,"dependencies":["asgiref>=3.2.10","click>=7.1.1","click-default-group>=1.2.3","Jinja2>=2.10.3","hupper>=1.9","httpx>=0.20","pluggy>=1.0","uvicorn>=0.11","aiofiles>=0.4","janus>=0.6.2","asgi-csrf>=0.9","PyYAML>=5.3","mergedeep>=1.1.1","itsdangerous>=1.1","setuptools","pip","platformdirs>=2.1.0","typing_extensions>=4.0.0","flexcache>=0.3","flexparser>=0.3","furo==2024.8.6; extra == \"docs\"","sphinx-autobuild; extra == \"docs\"","codespell; extra == \"docs\"","blacken-docs; extra == \"docs\"","sphinx-copybutton; extra == \"docs\"","pytest>=5.2.2; extra == \"test\"","pytest-xdist>=2.2.1; extra == \"test\"","pytest-asyncio>=0.17; extra == \"test\"","beautifulsoup4>=4.8.1; extra == \"test\"","black==24.4.2; extra == \"test\"","blacken-docs==1.12.1; extra == \"test\"","pytest-timeout>=1.4.2; extra == \"test\"","trustme>=0.7; extra == \"test\"","cogapp>=3.3.0; extra == \"test\"","rich; extra == \"rich\""]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"0.65.2","version_hint":"Update to >= 01e0558825b8f7ec17d3b691aa072daf122fcc74 to fix known vulnerabilities","summary":"datasette@0.65.2 is safe to use (health: 55/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":798,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":true,"targets":[{"legitimate_package":"datasets","distance":2,"reason":"close_name"}]},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"co_used_with":[{"package":"minatar","occurrences":6}],"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":175,"avg_days_between_releases":null,"release_velocity":"moderate"}}