Is antilles-tools safe to use?

antilles-tools has 2 known vulnerabilities on the latest version (1.0.0). DepScope rates its health at 20/100 (critical risk).

What is the latest version of antilles-tools?

The latest version of antilles-tools is 1.0.0, released 2021-09-27.

Does antilles-tools have known vulnerabilities?

Yes. antilles-tools has 2 known vulnerabilities. See depscope.dev/pkg/pypi/antilles-tools for details.

Is antilles-tools deprecated?

No, antilles-tools is actively maintained. Latest release: 1.0.0 (2021-09-27).

What are alternatives to antilles-tools?

Popular alternatives to antilles-tools in PyPI include: boto3, packaging, urllib3, idna, typing_extensions.

What license does antilles-tools use?

antilles-tools is licensed under BSD-3 and EPL-1.0.

antilles-tools

pypiv1.0.0

Tools collection for antilles project

License BSD-3 and EPL-1.0permissive1 versions0 deps

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= 1.0.1 to fix known vulnerabilities

Moderate health score (20/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

20/25

security

0/15

maturity

0/15

community

Vulnerabilities

1 high1 low

Advisories (2)

Severity	ID	Summary	Fixed in
high	CVE-2021-3840	Antilles Dependency Confusion Vulnerability	1.0.1
unknown	CVE-2021-3840	A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). MITRE classifies this weakness as an Uncontrolled Search Path Element (CWE-427) in which a private package dependency may be replaced by an unauthorized package of the same name published to a well-known public repository such as PyPi	1.0.1

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/antilles-tools

antilles-tools

pypiv1.0.0

Tools collection for antilles project

License BSD-3 and EPL-1.0permissive1 versions0 deps

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= 1.0.1 to fix known vulnerabilities

Moderate health score (20/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

20/25

security

0/15

maturity

0/15

community

Vulnerabilities

1 high1 low

Advisories (2)

Severity	ID	Summary	Fixed in
high	CVE-2021-3840	Antilles Dependency Confusion Vulnerability	1.0.1
unknown	CVE-2021-3840	A dependency confusion vulnerability was reported in the Antilles open-source software prior to version 1.0.1 that could allow for remote code execution during installation due to a package listed in requirements.txt not existing in the public package index (PyPi). MITRE classifies this weakness as an Uncontrolled Search Path Element (CWE-427) in which a private package dependency may be replaced by an unauthorized package of the same name published to a well-known public repository such as PyPi	1.0.1

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/antilles-tools