← Back to the AI Dependency AtlasExact package identity dossier

python-multipart

pypi:python-multipart
pypi

This dossier links the stable identity pypi:python-multipart to 5 exact observed versions across 6 public repositories.

pypipypi:python-multipartecosystem:name + exact version + evidence path

A package identity or provider interface in published code does not prove configuration, an account, procurement, data transfer or an API call.

ecosystem:name + exact version + evidence path
6repositories
7exact evidence rows
5exact versions
1reported license expression
8OSV records returned
Exact published evidence

Observed exact versions and registry metadata

Publication age and licenses come from deps.dev metadata. They are context—not a maintenance, legal or portability verdict.

Exact version0.0.910 Feb 2024
Repositories
1
Occurrences
1
Reported licenses
Apache-2.0
no verified publish attestation reported8 OSV records
Open exact source ↗
Exact version0.0.1828 Nov 2024
Repositories
1
Occurrences
1
Reported licenses
Apache-2.0
verified publish attestation7 OSV records
Open exact source ↗
Exact version0.0.2016 Dec 2024
Repositories
3
Occurrences
3
Reported licenses
Apache-2.0
verified publish attestation7 OSV records
Open exact source ↗
Exact version0.0.3104 Jun 2026
Repositories
1
Occurrences
1
Reported licenses
Apache-2.0
verified publish attestationNo OSV record returned for this exact version
Open exact source ↗
Exact version0.0.3204 Jun 2026
Repositories
1
Occurrences
1
Reported licenses
Apache-2.0
verified publish attestationNo OSV record returned for this exact version
Open exact source ↗
Observed relations

Repositories carrying this identity

MUCGPTlandeshauptstadt-muenchen/mucgpt
0.0.31 · 0.0.322 Occurrences
kiva-llm-gatewaybaden-wuerttemberg/innenministerium/kiva.platform/kiva-llm-gateway
0.0.181 Occurrence
Coding Agent Usage Simulationuba-ki-lab/coding-agent-usage-simulation
0.0.201 Occurrence
LLM Questionnaire Benchmarking Frameworkuba-ki-lab/llm-questionnaire-benchmarking-framework
0.0.201 Occurrence
LLM Testframeworkuba-ki-lab/llm-testframework
0.0.201 Occurrence
Objection managementuba-ki-lab/objection-management
0.0.91 Occurrence
Exact published evidence

exact evidence rows

Coding Agent Usage Simulationuba-ki-lab/coding-agent-usage-simulation
pypi:python-multipart@0.0.20uv.lock
declaration relationship not reporteddevelopment scope not reported
Open exact source ↗
kiva-llm-gatewaybaden-wuerttemberg/innenministerium/kiva.platform/kiva-llm-gateway
pypi:python-multipart@0.0.18poetry.lock
declaration relationship not reportednot marked as development-only
Open exact source ↗
LLM Questionnaire Benchmarking Frameworkuba-ki-lab/llm-questionnaire-benchmarking-framework
pypi:python-multipart@0.0.20uv.lock
declaration relationship not reporteddevelopment scope not reported
Open exact source ↗
LLM Testframeworkuba-ki-lab/llm-testframework
pypi:python-multipart@0.0.20uv.lock
declaration relationship not reporteddevelopment scope not reported
Open exact source ↗
MUCGPTlandeshauptstadt-muenchen/mucgpt
pypi:python-multipart@0.0.31mucgpt-assistant-service/uv.lock
declaration relationship not reporteddevelopment scope not reported
Open exact source ↗
MUCGPTlandeshauptstadt-muenchen/mucgpt
pypi:python-multipart@0.0.32mucgpt-core-service/uv.lock
declaration relationship not reporteddevelopment scope not reported
Open exact source ↗
Objection managementuba-ki-lab/objection-management
pypi:python-multipart@0.0.9uv.lock
declaration relationship not reporteddevelopment scope not reported
Open exact source ↗
OSV

Related OSV records

GHSA-59g5-xgcq-4qw3

Denial of service (DoS) via deformation `multipart/form-data` boundary

1 repository07 Jul 2026
GHSA-5rvq-cxj2-64vf

python-multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service

5 repositories13 Jul 2026
GHSA-6jv3-5f52-599m

python-multipart: Semicolon treated as querystring field separator enables parameter smuggling

5 repositories13 Jul 2026
GHSA-mj87-hwqh-73pj

python-multipart affected by Denial of Service via large multipart preamble or epilogue data

5 repositories13 Jul 2026
GHSA-pp6c-gr5w-3c5g

python-multipart has Denial of Service via unbounded multipart part headers

5 repositories13 Jul 2026
GHSA-v9pg-7xvm-68hf

python-multipart: Negative Content-Length in parse_form buffers the entire body in memory

5 repositories13 Jul 2026
GHSA-vffw-93wf-4j4q

python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters

5 repositories16 Jul 2026
GHSA-wp53-j4wj-2cfg

Python-Multipart has Arbitrary File Write via Non-Default Configuration

5 repositories07 Jul 2026
Interpretation boundary

Exact identities in, explicit limits out

Only exact npm and PyPI tuples are enriched. Reported SPDX expressions are metadata; no compatibility, obligation or legal conclusion is inferred.

Retrieval, parsing, matching and publishing use no generative AI model.

i6eal (2026): python-multipart — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/paket/python-multipart-7d2a810e/

Reading this dossier

Does package presence prove that a provider is used?
No. Even a direct interface declaration does not establish configuration, credentials, procurement, data transfer or an API call.
Why are exact versions required?
OSV and registry metadata can be linked reproducibly only to an observed package@version tuple. The collector never substitutes a newest release for a range.
Does a missing row mean the dependency is absent?
No. It means not observed within the bounded files and repository checkpoint. Incomplete trees and parser failures remain explicit.

Need a permanent dependency evidence trail for another public code cohort?

We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.

Discuss a data projectExplore all tools