Service navigation

[matthew-shaw]

No description provided.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/dnspython	2.7.0	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 1 Found 5/28 approved changesets -- score normalized to 1 Maintained 🟢 10 30 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 9 SAST tool detected but not run on all commits
pip/govuk-frontend-jinja	3.4.0	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 0 Found 0/4 approved changesets -- score normalized to 0 Maintained 🟢 8 10 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
pip/govuk-frontend-wtf	3.2.0	🟢 5	Details Check Score Reason Code-Review ⚠️ 2 Found 2/10 approved changesets -- score normalized to 2 Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Packaging 🟢 10 packaging workflow detected Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST 🟢 7 SAST tool detected but not run on all commits
pip/idna	3.10	🟢 7.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 10 out of 10 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review ⚠️ 0 Found 1/14 approved changesets -- score normalized to 0 Contributors 🟢 10 project has 41 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool ⚠️ 0 no update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 SAST 🟢 8 SAST tool is not run on all commits -- score normalized to 8 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/importlib-resources	6.4.5	🟢 5.9	Details Check Score Reason Code-Review ⚠️ 0 Found 0/28 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/markupsafe	3.0.1	🟢 6.7	Details Check Score Reason Code-Review ⚠️ 0 Found 1/15 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Signed-Releases 🟢 10 5 out of the last 5 releases have a total of 5 signed artifacts. Packaging 🟢 10 packaging workflow detected Security-Policy 🟢 9 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/redis	5.1.1	🟢 6.6	Details Check Score Reason Maintained 🟢 10 25 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy ⚠️ 0 security policy file not detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 3 7 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
pip/rich	13.9.2	🟢 7.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 5/9 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
pip/bandit	1.7.10	🟢 6.6	Details Check Score Reason Code-Review 🟢 9 Found 12/13 approved changesets -- score normalized to 9 Maintained 🟢 10 18 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 9 1 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected
pip/black	24.10.0	🟢 6.5	Details Check Score Reason Code-Review 🟢 7 Found 22/28 approved changesets -- score normalized to 7 Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected
pip/build	1.2.2.post1	🟢 6.1	Details Check Score Reason Maintained 🟢 10 26 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/charset-normalizer	3.4.0	🟢 8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 21 out of 21 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review ⚠️ 0 Found 1/12 approved changesets -- score normalized to 0 Contributors 🟢 3 project has 1 contributing companies or organizations -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 SAST 🟢 10 SAST tool is run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases 🟢 10 5 out of the last 5 releases have a total of 5 signed artifacts. Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/coverage	7.6.3	🟢 8.5	Details Check Score Reason Code-Review ⚠️ 0 Found 1/29 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices 🟢 5 badge detected: Passing Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing 🟢 10 project is fuzzed Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
pip/cyclonedx-python-lib	7.6.2	🟢 5.9	Details Check Score Reason Code-Review ⚠️ 1 Found 2/15 approved changesets -- score normalized to 1 Maintained 🟢 10 26 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices ⚠️ 2 badge detected: InProgress Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool is not run on all commits -- score normalized to 9
pip/filelock	3.16.1	Unknown	Unknown
pip/idna	3.10	🟢 7.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 10 10 out of 10 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review ⚠️ 0 Found 1/14 approved changesets -- score normalized to 0 Contributors 🟢 10 project has 41 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool ⚠️ 0 no update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 SAST 🟢 8 SAST tool is not run on all commits -- score normalized to 8 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/msgpack	1.1.0	🟢 5.6	Details Check Score Reason Code-Review ⚠️ 1 Found 3/30 approved changesets -- score normalized to 1 Maintained 🟢 9 6 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing 🟢 10 project is fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/mypy	1.12.0	🟢 6.3	Details Check Score Reason Code-Review 🟢 8 Found 25/30 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/platformdirs	4.3.6	Unknown	Unknown
pip/py-serializable	1.1.2	🟢 5.4	Details Check Score Reason Code-Review ⚠️ 1 Found 1/9 approved changesets -- score normalized to 1 Maintained 🟢 10 11 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/pyparsing	3.2.0	🟢 6.6	Details Check Score Reason Code-Review ⚠️ 0 Found 1/28 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected
pip/pyproject-hooks	1.2.0	Unknown	Unknown
pip/pytest	8.3.3	🟢 6.5	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy ⚠️ 0 security policy file not detected Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/rich	13.9.2	🟢 7.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 5/9 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing 🟢 10 project is fuzzed Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Vulnerabilities 🟢 9 1 existing vulnerabilities detected
pip/urllib3	2.2.3	🟢 9.1	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices 🟢 5 badge detected: Passing Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 124 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10 Packaging 🟢 10 packaging workflow detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 SAST 🟢 10 SAST tool is run on all commits Security-Policy 🟢 10 security policy file detected Signed-Releases 🟢 8 4 out of the last 5 releases have a total of 4 signed artifacts. Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

requirements.txt

• dnspython@2.7.0
• govuk-frontend-jinja@3.4.0
• govuk-frontend-wtf@3.2.0
• idna@3.10
• importlib-resources@6.4.5
• markupsafe@3.0.1
• redis@5.1.1
• rich@13.9.2
• dnspython@2.6.1
• govuk-frontend-jinja@3.3.0
• govuk-frontend-wtf@3.1.0
• idna@3.8
• importlib-resources@6.4.4
• markupsafe@2.1.5
• redis@5.0.8
• rich@13.8.0

requirements_dev.txt

• bandit@1.7.10
• black@24.10.0
• build@1.2.2.post1
• charset-normalizer@3.4.0
• coverage@7.6.3
• cyclonedx-python-lib@7.6.2
• filelock@3.16.1
• idna@3.10
• msgpack@1.1.0
• mypy@1.12.0
• platformdirs@4.3.6
• py-serializable@1.1.2
• pyparsing@3.2.0
• pyproject-hooks@1.2.0
• pytest@8.3.3
• rich@13.9.2
• urllib3@2.2.3
• bandit@1.7.9
• black@24.8.0
• build@1.2.1
• charset-normalizer@3.3.2
• coverage@7.6.1
• cyclonedx-python-lib@7.6.0
• filelock@3.15.4
• idna@3.8
• msgpack@1.0.8
• mypy@1.11.2
• platformdirs@4.2.2
• py-serializable@1.1.0
• pyparsing@3.1.4
• pyproject-hooks@1.1.0
• pytest@8.3.2
• rich@13.8.0
• urllib3@2.2.2