1. Advisor
  2. Python packages
  3. definitely-not-requests

definitely-not-requests

v2.28.2

Python HTTP for Humans. For more information about how to use this package see README

Latest version published 2 years ago
License: Apache-2.0
PyPI
GitHub

Ensure you're using the healthiest python packages

Snyk scans all the packages in your projects for vulnerabilities and provides automated fix advice

Package Health Score

51 / 100

This is a malicious package

definitely-not-requests is a malicious package. This instance of the definitely-not-requests package contains malware and attempts to compromise users by adopting dependency confusion techniques. A dependency confusion attack is a type of supply chain attack where malicious software is inserted into the development process by replacing a legitimate software package with a malicious one. Users are exposed if they've installed the definitely-not-requests package from public repositories. Installations of this package from private repositories or CDNs are likely safe to use. This package contains a malicious code. Avoid using all malicious instances of the package.

Popularity

Small
GitHub Stars
51.99K
Forks
9.29K
Contributors
410

Direct Usage Popularity

Based on project statistics from the GitHub repository for the PyPI package definitely-not-requests, we found that it has been starred 51,993 times.

Security

Security issues found
Powered by Snyk
2.28.2 (Latest)

Security and license risk for latest version

Release Date
Mar 8, 2023
Direct Vulnerabilities
Indirect Vulnerabilities
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
License Risk
  • 0
    H
  • 1
    M
  • 0
    L
All security vulnerabilities belong to production dependencies of direct and indirect packages.
License
Apache-2.0
Security Policy
Yes

You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

Keep your project free of vulnerabilities with Snyk

Maintenance

Inactive

Commit Frequency

Open Issues
177
Open PR
66
Last Release
2 years ago
Last Commit
16 days ago

Further analysis of the maintenance status of definitely-not-requests based on released PyPI versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for definitely-not-requests is that it hasn't seen any new versions released to PyPI in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Active
Readme
Yes
Contributing.md
Yes
Code of Conduct
Yes
Contributors
410
Funding
Yes

A good and healthy external contribution signal for definitely-not-requests project, which invites more than one hundred open source maintainers to collaborate on the repository.

Embed Package Health Score Badge

package health: 51/100 package health 51/100

Keep your project healthy

scan-reversed

Check your requirements.txt

NEW
Ensure all the packages you're using are healthy and well-maintained
arrow
intellij

Snyk Vulnerability Scanner

external
Get health score & security insights directly in your IDE
arrow

Package

Python Versions Compatibility
>=3.7, <4
Age
2 years
Latest Release
2 years ago
Dependencies
4 Direct / 4 Total
Versions
2
Maintainers
2
Wheels
OS Independent