← Back to the AI Dependency AtlasExact repository supply-chain dossier

Ressource Efficient Computer Vision

uba-ki-lab/ressource-efficient-computer-vision
pypi

This dossier retains 244 exact component occurrences from 3 published evidence files at one immutable repository commit.

opencode:107759aa07461b879project ID + commit SHA + exact evidence path

Published dependency evidence does not prove deployment, productive use, procurement or runtime reachability.

project ID + commit SHA + exact evidence path
244exact component occurrences
227package identities
3evidence files
170OSV records returned
Exact published evidence

Files that resolve this repository’s dependencies

Every file remains tied to the observed commit. A parse error stays visible and never becomes a zero.

Evidence pathpyproject.toml
Format
exact-manifest-pin
Parser state
parsed
Resolved components
2
Open exact source ↗
Evidence pathsbom.jsonsha256:5ae12d5615c84d40c25d23a8c2e2306ea5f3f1f75a14a27e1c36426ce966c99f
Format
sbom-json
Parser state
parse_error
Resolved components
0
Open exact source ↗
Evidence pathuv.locksha256:e2f86442aaca182ff71abf8a0d916c515193ed063af29d024bd5365c66c3aa2c
Format
uv-lock
Parser state
parsed
Resolved components
242
Open exact source ↗
Observed relations

Package identities at this commit

pypiTransformerspypi:transformers
1 Occurrence4.57.4
Apache-2.025 OSV records returned
pypiPyTorchpypi:torch
2 Occurrences2.7.1+cpu · 2.9.1
BSD-3-Clause23 OSV records returned
pypiCodeCarbonpypi:codecarbon
1 Occurrence3.2.1
MIT
pypiHugging Face Tokenizerspypi:tokenizers
1 Occurrence0.22.2
non-standard
pypiOpenCVpypi:opencv-python
2 Occurrences4.11.0.86
Apache-2.0
pypiscikit-learnpypi:scikit-learn
1 Occurrence1.8.0
BSD-3-Clause · non-standard
pypiUltralyticspypi:ultralytics
1 Occurrence8.3.252
AGPL-3.0
pypimlflowpypi:mlflow
1 Occurrence3.8.1
non-standard23 OSV records returned
pypipillowpypi:pillow
1 Occurrence12.1.0
HPND · MIT-CMU15 OSV records returned
pypitornadopypi:tornado
1 Occurrence6.5.4
Apache-2.010 OSV records returned
pypistarlettepypi:starlette
1 Occurrence0.50.0
BSD-3-Clause8 OSV records returned
pypiurllib3pypi:urllib3
1 Occurrence2.6.3
MIT7 OSV records returned
pypicryptographypypi:cryptography
1 Occurrence46.0.3
Apache-2.0 OR BSD-3-Clause6 OSV records returned
pypiwerkzeugpypi:werkzeug
1 Occurrence3.1.5
BSD-3-Clause · non-standard6 OSV records returned
pypiflask-corspypi:flask-cors
1 Occurrence6.0.2
MIT5 OSV records returned
pypigitpythonpypi:gitpython
1 Occurrence3.1.46
BSD-3-Clause5 OSV records returned
pypijinja2pypi:jinja2
1 Occurrence3.1.6
BSD-3-Clause · non-standard4 OSV records returned
pypirequestspypi:requests
1 Occurrence2.32.5
Apache-2.03 OSV records returned
pypisetuptoolspypi:setuptools
1 Occurrence80.9.0
MIT3 OSV records returned
pypifilelockpypi:filelock
1 Occurrence3.20.3
MIT · Unlicense2 OSV records returned
pypimakopypi:mako
1 Occurrence1.3.10
MIT2 OSV records returned
pypiprotobufpypi:protobuf
1 Occurrence6.33.4
BSD-3-Clause2 OSV records returned
pypipyasn1pypi:pyasn1
1 Occurrence0.6.1
BSD-2-Clause2 OSV records returned
pypistreamlitpypi:streamlit
1 Occurrence1.55.0
Apache-2.02 OSV records returned
pypicertifipypi:certifi
1 Occurrence2026.1.4
MPL-2.01 OSV record returned
pypiclickpypi:click
1 Occurrence8.3.1
BSD-3-Clause · non-standard1 OSV record returned
pypiflaskpypi:flask
1 Occurrence3.1.2
BSD-3-Clause · non-standard1 OSV record returned
pypifonttoolspypi:fonttools
1 Occurrence4.61.1
MIT1 OSV record returned
pypih11pypi:h11
1 Occurrence0.16.0
MIT1 OSV record returned
pypiidnapypi:idna
1 Occurrence3.11
BSD-3-Clause · non-standard1 OSV record returned
pypijupyter-corepypi:jupyter-core
1 Occurrence5.9.1
BSD-3-Clause · non-standard1 OSV record returned
pypijwcryptopypi:jwcrypto
1 Occurrence1.5.6
non-standard1 OSV record returned
pypimarimopypi:marimo
1 Occurrence0.23.4
Apache-2.01 OSV record returned
pypimarkdownpypi:markdown
1 Occurrence3.10
BSD-3-Clause1 OSV record returned
pypipyarrowpypi:pyarrow
1 Occurrence22.0.0
Apache-2.0 · non-standard1 OSV record returned
pypipygmentspypi:pygments
1 Occurrence2.19.2
BSD-2-Clause1 OSV record returned
pypipymdown-extensionspypi:pymdown-extensions
1 Occurrence10.21.2
MIT1 OSV record returned
pypipytestpypi:pytest
1 Occurrence9.0.2
MIT1 OSV record returned
pypipython-dotenvpypi:python-dotenv
1 Occurrence1.2.1
BSD-3-Clause1 OSV record returned
pypisqlparsepypi:sqlparse
1 Occurrence0.5.5
non-standard1 OSV record returned
pypitqdmpypi:tqdm
1 Occurrence4.67.1
MIT AND MPL-2.01 OSV record returned
pypiabsl-pypypi:absl-py
1 Occurrence2.3.1
Apache-2.0
pypiaddictpypi:addict
1 Occurrence2.4.0
MIT
pypialbucorepypi:albucore
1 Occurrence0.0.24
non-standard
pypialbumentationspypi:albumentations
1 Occurrence2.0.8
non-standard
pypialembicpypi:alembic
1 Occurrence1.18.0
MIT
pypialtairpypi:altair
1 Occurrence6.0.0
non-standard
pypiannotated-docpypi:annotated-doc
1 Occurrence0.0.4
MIT
pypiannotated-typespypi:annotated-types
1 Occurrence0.7.0
MIT
pypiantlr4-python3-runtimepypi:antlr4-python3-runtime
1 Occurrence4.9.3
non-standard
pypianyiopypi:anyio
1 Occurrence4.12.1
MIT
pypiappnopepypi:appnope
1 Occurrence0.1.4
non-standard
pypiarrowpypi:arrow
1 Occurrence1.4.0
non-standard
pypiasttokenspypi:asttokens
1 Occurrence3.0.1
Apache-2.0
pypiattrspypi:attrs
1 Occurrence25.4.0
MIT
pypiautogradpypi:autograd
1 Occurrence1.8.0
non-standard
pypiblinkerpypi:blinker
1 Occurrence1.9.0
MIT
pypicachetoolspypi:cachetools
1 Occurrence6.2.4
MIT
pypicffipypi:cffi
1 Occurrence2.0.0
MIT
pypicharset-normalizerpypi:charset-normalizer
1 Occurrence3.4.4
MIT
pypicloudpicklepypi:cloudpickle
1 Occurrence3.1.2
BSD-3-Clause
pypicoloramapypi:colorama
1 Occurrence0.4.6
non-standard
pypicolorlogpypi:colorlog
1 Occurrence6.10.1
MIT
pypicommpypi:comm
1 Occurrence0.2.3
non-standard
pypicontourpypypi:contourpy
1 Occurrence1.3.3
non-standard
pypicyclerpypi:cycler
1 Occurrence0.12.1
non-standard
pypidatabricks-sdkpypi:databricks-sdk
1 Occurrence0.77.0
non-standard
pypidebugpypypi:debugpy
1 Occurrence1.8.19
MIT
pypidecoratorpypi:decorator
1 Occurrence5.2.1
BSD-2-Clause · non-standard
pypidockerpypi:docker
1 Occurrence7.1.0
Apache-2.0
pypidocutilspypi:docutils
1 Occurrence0.22.4
non-standard
pypiescnnpypi:escnn
1 Occurrence1.0.11
non-standard
pypiexecutingpypi:executing
1 Occurrence2.2.1
MIT
pypifastapipypi:fastapi
1 Occurrence0.128.0
MIT
pypifief-clientpypi:fief-client
1 Occurrence0.20.0
MIT
pypifsspecpypi:fsspec
1 Occurrence2026.1.0
BSD-3-Clause · non-standard
pypigitdbpypi:gitdb
1 Occurrence4.0.12
non-standard
pypigoogle-authpypi:google-auth
1 Occurrence2.47.0
Apache-2.0
pypigraphenepypi:graphene
1 Occurrence3.4.3
MIT
pypigraphql-corepypi:graphql-core
1 Occurrence3.2.7
MIT
pypigraphql-relaypypi:graphql-relay
1 Occurrence3.2.0
MIT
pypigreenletpypi:greenlet
1 Occurrence3.3.0
MIT · MIT AND PSF-2.0 · MIT AND Python-2.0
pypigroundingdino-pypypi:groundingdino-py
1 Occurrence0.4.0
non-standard
pypigrpciopypi:grpcio
1 Occurrence1.76.0
Apache-2.0
pypigunicornpypi:gunicorn
1 Occurrence23.0.0
MIT
pypihf-xetpypi:hf-xet
1 Occurrence1.2.0
Apache-2.0
pypihttpcorepypi:httpcore
1 Occurrence1.0.9
BSD-3-Clause
pypihttpxpypi:httpx
1 Occurrence0.27.2
BSD-3-Clause
pypihueypypi:huey
1 Occurrence2.6.0
MIT
pypihuggingface-hubpypi:huggingface-hub
1 Occurrence0.36.0
Apache-2.0 · non-standard
pypihydra-corepypi:hydra-core
1 Occurrence1.3.2
MIT
pypiimageiopypi:imageio
1 Occurrence2.37.2
BSD-2-Clause
pypiimportlib-metadatapypi:importlib-metadata
1 Occurrence8.7.1
Apache-2.0 · non-standard
pypiiniconfigpypi:iniconfig
1 Occurrence2.3.0
MIT
pypiipykernelpypi:ipykernel
1 Occurrence7.1.0
BSD-3-Clause · non-standard
pypiipythonpypi:ipython
1 Occurrence9.9.0
BSD-3-Clause
pypiipython-pygments-lexerspypi:ipython-pygments-lexers
1 Occurrence1.1.1
non-standard
pypiipywidgetspypi:ipywidgets
1 Occurrence8.1.8
BSD-3-Clause
pypiitsdangerouspypi:itsdangerous
1 Occurrence2.2.0
BSD-3-Clause · non-standard
pypijedipypi:jedi
1 Occurrence0.19.2
MIT
pypijoblibpypi:joblib
1 Occurrence1.5.3
BSD-3-Clause
pypijsonschemapypi:jsonschema
1 Occurrence4.26.0
MIT
pypijsonschema-specificationspypi:jsonschema-specifications
1 Occurrence2025.9.1
MIT
pypijupyter-clientpypi:jupyter-client
1 Occurrence8.8.0
non-standard
pypijupyterlab-widgetspypi:jupyterlab-widgets
1 Occurrence3.0.16
BSD-3-Clause · non-standard
pypijwtpypi:jwt
1 Occurrence1.4.0
non-standard
pypikiwisolverpypi:kiwisolver
1 Occurrence1.4.9
non-standard
pypilazy-loaderpypi:lazy-loader
1 Occurrence0.4
non-standard
pypilie-learnpypi:lie-learn
1 Occurrence0.0.2
non-standard
pypilightning-utilitiespypi:lightning-utilities
1 Occurrence0.15.2
Apache-2.0
pypiloropypi:loro
1 Occurrence1.10.3
Not reported
pypimarkdown-it-pypypi:markdown-it-py
1 Occurrence4.0.0
MIT
pypimarkupsafepypi:markupsafe
1 Occurrence3.0.3
BSD-3-Clause · non-standard
pypimatplotlibpypi:matplotlib
1 Occurrence3.10.8
non-standard
pypimatplotlib-inlinepypi:matplotlib-inline
1 Occurrence0.2.1
non-standard
pypimdurlpypi:mdurl
1 Occurrence0.1.2
MIT
pypimlflow-skinnypypi:mlflow-skinny
1 Occurrence3.8.1
non-standard
pypimlflow-tracingpypi:mlflow-tracing
1 Occurrence3.8.1
non-standard
pypimpmathpypi:mpmath
1 Occurrence1.3.0
non-standard
pypimsgspecpypi:msgspec
1 Occurrence0.21.1
BSD-3-Clause · non-standard

This page displays 120 of 227 ordered rows. The machine-readable dossier retains the complete exact projection.

OSV

Related OSV records

GHSA-248v-346w-9cwc

Certifi removes GLOBALTRUST root certificate

1 repository10 Jun 2026
GHSA-27jp-wm6q-gp25

sqlparse: formatting list of tuples leads to denial of service

2 repositories19 Feb 2026
GHSA-29pf-2h5f-8g72

HuggingFace transformers vulnerable to remote code execution

8 repositories13 Jul 2026
GHSA-29vq-49wr-vm6x

Werkzeug safe_join() allows Windows special device names

6 repositories13 Jul 2026
GHSA-2c2j-9gv5-cj73

Starlette has possible denial-of-service vector when parsing large files in multipart forms

4 repositories07 Jul 2026
GHSA-2g68-c3qc-8985

Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain

1 repository07 Jul 2026
GHSA-2h4p-vjrc-8xpq

Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup

5 repositories13 Jul 2026
GHSA-2xpw-w6gg-jr37

urllib3 streaming API improperly handles highly compressed data

13 repositories07 Jul 2026
GHSA-33p9-3p43-82vq

Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

2 repositories07 Jul 2026
GHSA-3749-ghw9-m3mg

PyTorch susceptible to local Denial of Service

3 repositories10 Jun 2026
GHSA-37mw-44qp-f5jm

Transformers is vulnerable to ReDoS attack through its DonutProcessor class

2 repositories07 Jul 2026
GHSA-38jv-5279-wg99

Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)

13 repositories07 Jul 2026
GHSA-3x9g-8vmp-wqvf

Tornado: Authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient

6 repositories13 Jul 2026
GHSA-42h5-h8qh-vv9v

MLflow allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem

3 repositories13 Jul 2026
GHSA-43qf-4rqw-9q2g

Flask-CORS vulnerable to Improper Handling of Case Sensitivity

2 repositories07 Jul 2026
GHSA-46r5-x6jq-v8g6

MLflow is vulnerable to an authorization bypass affecting the AJAX endpoint

3 repositories10 Jun 2026
GHSA-48p4-8xcf-vxj5

urllib3 does not control redirects in browsers and Node.js

7 repositories07 Jul 2026
GHSA-4w7r-h757-3r74

Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

2 repositories07 Jul 2026
GHSA-4x5p-f36r-mxxr

mlflow Creates of Temporary File in Directory with Insecure Permissions

1 repository07 Jul 2026
GHSA-5239-wwwm-4pmq

Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching

13 repositories13 Jul 2026
GHSA-537c-gmf6-5ccf

Vulnerable OpenSSL included in cryptography wheels

7 repositories16 Jun 2026
GHSA-53q9-r3pm-6pq6

PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

1 repository04 Feb 2026
GHSA-59p9-h35m-wg4g

Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer

2 repositories07 Jul 2026
GHSA-5qmp-p3c4-72qj

MLflow: Deterministic sampling in dataset digest enables predictable collisions

3 repositories15 Jul 2026
GHSA-5rjg-fvgr-3xxf

setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

2 repositories11 May 2026
GHSA-5wmx-573v-2qwq

Python-Markdown has an Uncaught Exception

2 repositories10 Jun 2026
GHSA-5xmw-vc9v-4wf2

Pillow has a heap buffer overflow with nested list coordinates

10 repositories13 Jul 2026
GHSA-62q4-447f-wv8h

Regression in pymdownx.snippets reintroduces sibling-prefix path traversal bypass despite restrict_base_path

1 repository13 Jul 2026
GHSA-63vm-454h-vhhq

pyasn1 has a DoS vulnerability in decoder

7 repositories07 Jul 2026
GHSA-65h7-c7c4-mghx

MLflow Has a Server-Side Request Forgery (SSRF) Vulnerability

3 repositories13 Jul 2026
GHSA-65pc-fj4g-8rjx

Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

17 repositories08 Jul 2026
GHSA-68rp-wp8r-4726

Flask session does not add `Vary: Cookie` header when accessed in some ways

6 repositories13 Jul 2026
GHSA-69w3-r845-3855

HuggingFace Transformers allows for arbitrary code execution in the `Trainer` class

8 repositories13 Jul 2026
GHSA-6rvg-6v2m-4j46

Transformers Regular Expression Denial of Service (ReDoS) vulnerability

1 repository07 Jul 2026
GHSA-6w46-j5rx-g56g

pytest has vulnerable tmpdir handling

6 repositories07 Jul 2026
GHSA-7545-fcxq-7j24

GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repository

4 repositories13 Jul 2026
GHSA-75cm-x2w3-8mgf

MLflow: unauthenticated access to certain FastAPI routes

3 repositories13 Jul 2026
GHSA-768j-98cg-p3fv

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

6 repositories07 Jul 2026
GHSA-78cv-mqj4-43f7

Tornado has incomplete validation of cookie attributes

6 repositories13 Jul 2026
GHSA-79v4-65xg-pq4g

Vulnerable OpenSSL included in cryptography wheels

3 repositories07 Jul 2026
GHSA-7cx3-6m66-7c5m

Tornado vulnerable to excessive logging caused by malformed multipart form data

2 repositories07 Jul 2026
GHSA-7f5h-v6xp-fcq8

Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

5 repositories07 Jul 2026
GHSA-7gcm-g887-7qv7

protobuf affected by a JSON recursion depth bypass

10 repositories07 Jul 2026
GHSA-7p48-42j8-8846

Unauthenticated SSRF Vulnerability in Streamlit on Windows (NTLM Credential Exposure)

1 repository13 Jul 2026
GHSA-7qhf-v65m-g5f3

mlflow: FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization

3 repositories01 Jul 2026
GHSA-7rxf-gvfg-47g4

Flask-CORS improper regex path matching vulnerability

2 repositories07 Jul 2026
GHSA-82w8-qh3p-5jfq

Starlette: request.form() limits silently ignored for application/x-www-form-urlencoded enable DoS

8 repositories27 Jun 2026
GHSA-84pr-m4jr-85g5

flask-cors vulnerable to log injection when the log level is set to debug

1 repository10 Jun 2026
Interpretation boundary

Exact identities in, explicit limits out

The collector reads bounded lockfiles, SBOMs and exact double-equals pins at one immutable commit. Version ranges are never resolved by assumption.

Retrieval, parsing, matching and publishing use no generative AI model.

i6eal (2026): Ressource Efficient Computer Vision — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/repository/opencode-10775/

Reading this dossier

Does this repository dossier prove deployment?
No. It documents dependencies published at one observed commit, not a deployed environment.
Why are exact versions required?
OSV and registry metadata can be linked reproducibly only to an observed package@version tuple. The collector never substitutes a newest release for a range.
Does a missing row mean the dependency is absent?
No. It means not observed within the bounded files and repository checkpoint. Incomplete trees and parser failures remain explicit.

Need a permanent dependency evidence trail for another public code cohort?

We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.

Discuss a data projectExplore all tools