update

[VinciGit00]

[github-actions[bot]]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

pyproject.toml

Package	Version	License	Issue Type
beautifulsoup4	^ 4.12.3	Null	Unknown License
tqdm	^ 4.66.4	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/beautifulsoup4	^ 4.12.3	Unknown	Unknown
pip/faiss-cpu	^ 1.8.0	:green_circle: 4.8	Details Check Score Reason Code-Review :warning: 1 Found 2/20 approved changesets -- score normalized to 1 Maintained :green_circle: 10 6 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/free-proxy	^ 1.1.1	:green_circle: 3.8	Details Check Score Reason Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review :green_circle: 3 Found 4/13 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: -1 No tokens found Pinned-Dependencies :warning: -1 no dependencies found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
pip/google	^ 3.0.0	:green_circle: 3.4	Details Check Score Reason Maintained :green_circle: 5 5 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 Code-Review :warning: 1 Found 4/25 approved changesets -- score normalized to 1 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Token-Permissions :warning: -1 No tokens found Dangerous-Workflow :warning: -1 no workflows found Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
pip/graphviz	^ 0.20.3	:green_circle: 5.5	Details Check Score Reason Code-Review :warning: 0 Found 2/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 22 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/html2text	^ 2024.2.26	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 6 Found 12/19 approved changesets -- score normalized to 6 Maintained :green_circle: 10 5 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/langchain	0.1.15	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/langchain-anthropic	^ 0.1.11	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/langchain-aws	^ 0.1.3	Unknown	Unknown
pip/langchain-google-genai	^ 1.0.3	Unknown	Unknown
pip/langchain-groq	^ 0.1.3	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/langchain-openai	^ 0.1.6	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/minify-html	^ 0.15.0	:green_circle: 3.5	Details Check Score Reason Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Branch-Protection :warning: 0 branch protection not enabled on development/release branches Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected SAST :warning: 0 no SAST tool detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/pandas	^ 2.2.2	:green_circle: 6.4	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no badge detected Code-Review :green_circle: 8 25 out of last 30 changesets reviewed before merge -- score normalized to 8 Contributors :green_circle: 10 47 different organizations found -- score normalized to 10 Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :warning: 0 no update tool detected Fuzzing :green_circle: 10 project is fuzzed with [OSSFuzz] License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) out of 30 and 21 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging :warning: -1 no published package detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 SAST :green_circle: 7 SAST tool detected but not run on all commmits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: 0 0 out of 5 artifacts are signed or have provenance Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Vulnerabilities :green_circle: 10 no vulnerabilities detected
pip/python-dotenv	^ 1.0.1	:green_circle: 5.2	Details Check Score Reason Code-Review :green_circle: 5 Found 16/29 approved changesets -- score normalized to 5 Maintained :green_circle: 8 4 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/tiktoken	^ 0.6.0	:green_circle: 5.1	Details Check Score Reason Code-Review :green_circle: 3 Found 10/30 approved changesets -- score normalized to 3 Maintained :green_circle: 10 10 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/tqdm	^ 4.66.4	:green_circle: 6.6	Details Check Score Reason Maintained :green_circle: 10 22 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 1 Found 1/8 approved changesets -- score normalized to 1 License :green_circle: 9 license file detected CII-Best-Practices :green_circle: 5 badge detected: Passing Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :green_circle: 8 5 out of the last 5 releases have a total of 5 signed artifacts. Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
pip/yahoo-search-py	^ 0.3	Unknown	Unknown
pip/beautifulsoup4	4.12.3	Unknown	Unknown
pip/faiss-cpu	1.8.0	:green_circle: 4.8	Details Check Score Reason Code-Review :warning: 1 Found 2/20 approved changesets -- score normalized to 1 Maintained :green_circle: 10 6 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected Packaging :green_circle: 10 packaging workflow detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/free-proxy	1.1.1	:green_circle: 3.8	Details Check Score Reason Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review :green_circle: 3 Found 4/13 approved changesets -- score normalized to 3 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: -1 No tokens found Pinned-Dependencies :warning: -1 no dependencies found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
pip/google	3.0.0	:green_circle: 3.4	Details Check Score Reason Maintained :green_circle: 5 5 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 Code-Review :warning: 1 Found 4/25 approved changesets -- score normalized to 1 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Token-Permissions :warning: -1 No tokens found Dangerous-Workflow :warning: -1 no workflows found Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
pip/graphviz	0.20.1	:green_circle: 5.5	Details Check Score Reason Code-Review :warning: 0 Found 2/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 22 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/html2text	2020.1.16	:green_circle: 6.1	Details Check Score Reason Code-Review :green_circle: 6 Found 12/19 approved changesets -- score normalized to 6 Maintained :green_circle: 10 5 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Signed-Releases :warning: -1 no releases found Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/langchain	0.1.14	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/langchain-aws	^ 0.1.2	Unknown	Unknown
pip/langchain-google-genai	1.0.1	Unknown	Unknown
pip/langchain-groq	0.1.3	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/langchain-openai	0.1.1	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/minify-html	0.15.0	:green_circle: 3.5	Details Check Score Reason Maintained :warning: 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Code-Review :warning: 0 Found 0/30 approved changesets -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Branch-Protection :warning: 0 branch protection not enabled on development/release branches Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected SAST :warning: 0 no SAST tool detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/pandas	2.0.3	:green_circle: 6.4	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 30 out of 30 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no badge detected Code-Review :green_circle: 8 25 out of last 30 changesets reviewed before merge -- score normalized to 8 Contributors :green_circle: 10 47 different organizations found -- score normalized to 10 Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :warning: 0 no update tool detected Fuzzing :green_circle: 10 project is fuzzed with [OSSFuzz] License :green_circle: 10 license file detected Maintained :green_circle: 10 30 commit(s) out of 30 and 21 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging :warning: -1 no published package detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 SAST :green_circle: 7 SAST tool detected but not run on all commmits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: 0 0 out of 5 artifacts are signed or have provenance Token-Permissions :warning: 0 non read-only tokens detected in GitHub workflows Vulnerabilities :green_circle: 10 no vulnerabilities detected
pip/python-dotenv	1.0.1	:green_circle: 5.2	Details Check Score Reason Code-Review :green_circle: 5 Found 16/29 approved changesets -- score normalized to 5 Maintained :green_circle: 8 4 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 8 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Signed-Releases :warning: -1 no releases found Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/tiktoken	>= 0.5.2,	:green_circle: 5.1	Details Check Score Reason Code-Review :green_circle: 3 Found 10/30 approved changesets -- score normalized to 3 Maintained :green_circle: 10 10 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
pip/tqdm	4.66.3	:green_circle: 6.6	Details Check Score Reason Maintained :green_circle: 10 22 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 1 Found 1/8 approved changesets -- score normalized to 1 License :green_circle: 9 license file detected CII-Best-Practices :green_circle: 5 badge detected: Passing Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :green_circle: 8 5 out of the last 5 releases have a total of 5 signed artifacts. Fuzzing :green_circle: 10 project is fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
pip/langchain-anthropic	0.1.11	:green_circle: 5	Details Check Score Reason Code-Review :green_circle: 4 Found 12/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Security-Policy :green_circle: 10 security policy file detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Packaging :green_circle: 10 packaging workflow detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :warning: 0 29 existing vulnerabilities detected
pip/yahoo-search-py	0.3	Unknown	Unknown

Scanned Manifest Files

pyproject.toml

• beautifulsoup4@^ 4.12.3
• faiss-cpu@^ 1.8.0
• free-proxy@^ 1.1.1
• google@^ 3.0.0
• graphviz@^ 0.20.3
• html2text@^ 2024.2.26
• [email protected]
• langchain-anthropic@^ 0.1.11
• langchain-aws@^ 0.1.3
• langchain-google-genai@^ 1.0.3
• langchain-groq@^ 0.1.3
• langchain-openai@^ 0.1.6
• minify-html@^ 0.15.0
• pandas@^ 2.2.2
• python-dotenv@^ 1.0.1
• tiktoken@^ 0.6.0
• tqdm@^ 4.66.4
• yahoo-search-py@^ 0.3
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• langchain-aws@^ 0.1.2
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• tiktoken@>= 0.5.2,
• [email protected]

requirements.txt

• [email protected]
• [email protected]

[github-actions[bot]]

:tada: This PR is included in version 0.10.0 :tada:

The release is available on:

• v0.10.0
• GitHub release

Your semantic-release bot :package::rocket: