← Back to the AI Dependency AtlasExact repository supply-chain dossier

Objection management

uba-ki-lab/objection-management
pypi

This dossier retains 261 exact component occurrences from 1 published evidence files at one immutable repository commit.

opencode:41125c1425bf9990project ID + commit SHA + exact evidence path

Published dependency evidence does not prove deployment, productive use, procurement or runtime reachability.

project ID + commit SHA + exact evidence path
261exact component occurrences
261package identities
1evidence file
247OSV records returned
Exact published evidence

Files that resolve this repository’s dependencies

Every file remains tied to the observed commit. A parse error stays visible and never becomes a zero.

Evidence pathuv.locksha256:b084b72cc0723df0070f68ab42b2cd9c5447aa6df20204916c3de53c04f4c363
Format
uv-lock
Parser state
parsed
Resolved components
261
Open exact source ↗
Observed relations

Package identities at this commit

pypiTransformerspypi:transformers
1 Occurrence4.47.1
Apache-2.025 OSV records returned
pypiPyTorchpypi:torch
1 Occurrence2.5.1
BSD-3-Clause23 OSV records returned
pypiLiteLLMpypi:litellm
1 Occurrence1.53.7
MIT8 OSV records returned
pypiDSPypypi:dspy
1 Occurrence2.5.43
MIT1 OSV record returned
pypiHugging Face Datasetspypi:datasets
1 Occurrence3.2.0
Apache-2.0
pypiOpenAI SDKpypi:openai
1 Occurrence1.59.6
Apache-2.0
pypiSentence Transformerspypi:sentence-transformers
1 Occurrence3.3.1
Apache-2.0
pypiAcceleratepypi:accelerate
1 Occurrence1.2.1
non-standard
pypiHugging Face Tokenizerspypi:tokenizers
1 Occurrence0.21.0
non-standard
pypiOpenCVpypi:opencv-python
1 Occurrence4.10.0.84
Apache-2.0
pypiscikit-learnpypi:scikit-learn
1 Occurrence1.6.1
BSD-3-Clause · non-standard
pypitiktokenpypi:tiktoken
1 Occurrence0.8.0
non-standard
pypiXGBoostpypi:xgboost
1 Occurrence2.1.3
Apache-2.0
pypipypdfpypi:pypdf
1 Occurrence5.1.0
non-standard31 OSV records returned
pypiaiohttppypi:aiohttp
1 Occurrence3.11.11
Apache-2.0 · Apache-2.0 AND MIT30 OSV records returned
pypipillowpypi:pillow
1 Occurrence11.1.0
HPND · MIT-CMU15 OSV records returned
pypinltkpypi:nltk
1 Occurrence3.9.1
Apache-2.011 OSV records returned
pypitornadopypi:tornado
1 Occurrence6.4.2
Apache-2.010 OSV records returned
pypionnxpypi:onnx
1 Occurrence1.17.0
Apache-2.08 OSV records returned
pypipython-multipartpypi:python-multipart
1 Occurrence0.0.9
Apache-2.08 OSV records returned
pypistarlettepypi:starlette
1 Occurrence0.37.2
BSD-3-Clause8 OSV records returned
pypipyjwtpypi:pyjwt
1 Occurrence2.10.1
MIT7 OSV records returned
pypiurllib3pypi:urllib3
1 Occurrence2.3.0
MIT7 OSV records returned
pypicryptographypypi:cryptography
1 Occurrence42.0.8
Apache-2.0 OR BSD-3-Clause6 OSV records returned
pypijinja2pypi:jinja2
1 Occurrence3.1.5
BSD-3-Clause · non-standard4 OSV records returned
pypiujsonpypi:ujson
1 Occurrence5.10.0
BSD-3-Clause · BSD-3-Clause AND TCL · TCL4 OSV records returned
pypirequestspypi:requests
1 Occurrence2.32.3
Apache-2.03 OSV records returned
pypisetuptoolspypi:setuptools
1 Occurrence75.8.0
MIT3 OSV records returned
pypifilelockpypi:filelock
1 Occurrence3.16.1
MIT · Unlicense2 OSV records returned
pypimakopypi:mako
1 Occurrence1.3.8
MIT2 OSV records returned
pypipdfminer-sixpypi:pdfminer-six
1 Occurrence20240706
MIT2 OSV records returned
pypiprotobufpypi:protobuf
1 Occurrence5.29.3
BSD-3-Clause2 OSV records returned
pypipyasn1pypi:pyasn1
1 Occurrence0.6.1
BSD-2-Clause2 OSV records returned
pypipycryptopypi:pycrypto
1 Occurrence2.6.1
non-standard2 OSV records returned
pypisoupsievepypi:soupsieve
1 Occurrence2.6
MIT2 OSV records returned
pypicertifipypi:certifi
1 Occurrence2024.12.14
MPL-2.01 OSV record returned
pypiclickpypi:click
1 Occurrence8.1.8
BSD-3-Clause · non-standard1 OSV record returned
pypidiskcachepypi:diskcache
1 Occurrence5.6.3
Apache-2.01 OSV record returned
pypifastapi-ssopypi:fastapi-sso
1 Occurrence0.10.0
MIT1 OSV record returned
pypifonttoolspypi:fonttools
1 Occurrence4.55.3
MIT1 OSV record returned
pypih11pypi:h11
1 Occurrence0.14.0
MIT1 OSV record returned
pypiidnapypi:idna
1 Occurrence3.10
BSD-3-Clause · non-standard1 OSV record returned
pypijson-repairpypi:json-repair
1 Occurrence0.35.0
non-standard1 OSV record returned
pypijupyter-corepypi:jupyter-core
1 Occurrence5.7.2
BSD-3-Clause · non-standard1 OSV record returned
pypilxmlpypi:lxml
1 Occurrence5.3.0
BSD-3-Clause1 OSV record returned
pypimarshmallowpypi:marshmallow
1 Occurrence3.24.2
MIT1 OSV record returned
pypiorjsonpypi:orjson
1 Occurrence3.10.14
Apache-2.0 OR MIT · MPL-2.0 AND (Apache-2.0 OR MIT)1 OSV record returned
pypipi-heifpypi:pi-heif
1 Occurrence0.21.0
BSD-3-Clause1 OSV record returned
pypipyarrowpypi:pyarrow
1 Occurrence18.1.0
Apache-2.0 · non-standard1 OSV record returned
pypipycryptodomepypi:pycryptodome
1 Occurrence3.10.1
non-standard1 OSV record returned
pypipygmentspypi:pygments
1 Occurrence2.19.1
BSD-2-Clause1 OSV record returned
pypipynaclpypi:pynacl
1 Occurrence1.5.0
Apache-2.01 OSV record returned
pypipypdf2pypi:pypdf2
1 Occurrence3.0.1
non-standard1 OSV record returned
pypipython-dotenvpypi:python-dotenv
1 Occurrence1.0.1
BSD-3-Clause1 OSV record returned
pypitqdmpypi:tqdm
1 Occurrence4.67.1
MIT AND MPL-2.01 OSV record returned
pypiunstructuredpypi:unstructured
1 Occurrence0.16.12
Apache-2.01 OSV record returned
pypiaiofilespypi:aiofiles
1 Occurrence24.1.0
Apache-2.0
pypiaiohappyeyeballspypi:aiohappyeyeballs
1 Occurrence2.4.4
PSF-2.0
pypiaiosignalpypi:aiosignal
1 Occurrence1.3.2
Apache-2.0
pypialembicpypi:alembic
1 Occurrence1.14.0
MIT
pypiannotated-typespypi:annotated-types
1 Occurrence0.7.0
MIT
pypiantlr4-python3-runtimepypi:antlr4-python3-runtime
1 Occurrence4.9.3
non-standard
pypianyiopypi:anyio
1 Occurrence4.8.0
MIT
pypiappnopepypi:appnope
1 Occurrence0.1.4
non-standard
pypiapschedulerpypi:apscheduler
1 Occurrence3.11.0
MIT
pypiasttokenspypi:asttokens
1 Occurrence3.0.0
Apache-2.0
pypiasync-timeoutpypi:async-timeout
1 Occurrence5.0.1
Apache-2.0
pypiasyncerpypi:asyncer
1 Occurrence0.0.8
MIT
pypiattrspypi:attrs
1 Occurrence24.3.0
MIT
pypibackoffpypi:backoff
1 Occurrence2.2.1
MIT
pypibeautifulsoup4pypi:beautifulsoup4
1 Occurrence4.12.3
MIT
pypiblispypi:blis
1 Occurrence1.1.0
BSD-3-Clause
pypibs4pypi:bs4
1 Occurrence0.0.2
MIT
pypicachetoolspypi:cachetools
1 Occurrence5.5.0
MIT
pypicataloguepypi:catalogue
1 Occurrence2.0.10
MIT
pypicffipypi:cffi
1 Occurrence1.17.1
MIT
pypichardetpypi:chardet
1 Occurrence5.2.0
0BSD · non-standard
pypicharset-normalizerpypi:charset-normalizer
1 Occurrence3.4.1
MIT
pypicloudpathlibpypi:cloudpathlib
1 Occurrence0.20.0
MIT
pypicloudpicklepypi:cloudpickle
1 Occurrence3.1.0
BSD-3-Clause
pypicoloramapypi:colorama
1 Occurrence0.4.6
non-standard
pypicoloredlogspypi:coloredlogs
1 Occurrence15.0.1
MIT
pypicolorlogpypi:colorlog
1 Occurrence6.9.0
MIT
pypicommpypi:comm
1 Occurrence0.2.2
non-standard
pypiconfectionpypi:confection
1 Occurrence0.1.5
MIT
pypicontourpypypi:contourpy
1 Occurrence1.3.1
non-standard
pypicyclerpypi:cycler
1 Occurrence0.12.1
non-standard
pypicymempypi:cymem
1 Occurrence2.0.10
MIT
pypidataclasses-jsonpypi:dataclasses-json
1 Occurrence0.6.7
MIT
pypidebugpypypi:debugpy
1 Occurrence1.8.11
MIT
pypidecoratorpypi:decorator
1 Occurrence5.1.1
BSD-2-Clause · non-standard
pypideprecatedpypi:deprecated
1 Occurrence1.2.15
MIT
pypidillpypi:dill
1 Occurrence0.3.8
BSD-3-Clause
pypidistropypi:distro
1 Occurrence1.9.0
Apache-2.0
pypidnspythonpypi:dnspython
1 Occurrence2.7.0
ISC
pypieffdetpypi:effdet
1 Occurrence0.4.1
Apache-2.0
pypiemail-validatorpypi:email-validator
1 Occurrence2.2.0
Unlicense
pypiemojipypi:emoji
1 Occurrence2.14.0
BSD-3-Clause
pypieval-type-backportpypi:eval-type-backport
1 Occurrence0.2.2
MIT
pypievaluatepypi:evaluate
1 Occurrence0.4.3
Apache-2.0
pypiexceptiongrouppypi:exceptiongroup
1 Occurrence1.2.2
MIT
pypiexecutingpypi:executing
1 Occurrence2.1.0
MIT
pypifastapipypi:fastapi
1 Occurrence0.111.1
MIT
pypifastapi-clipypi:fastapi-cli
1 Occurrence0.0.7
MIT
pypifiletypepypi:filetype
1 Occurrence1.2.0
MIT
pypiflatbufferspypi:flatbuffers
1 Occurrence24.12.23
Apache-2.0
pypifrozenlistpypi:frozenlist
1 Occurrence1.5.0
Apache-2.0
pypifsspecpypi:fsspec
1 Occurrence2024.9.0
BSD-3-Clause · non-standard
pypigoogle-api-corepypi:google-api-core
1 Occurrence2.24.0
Apache-2.0
pypigoogle-authpypi:google-auth
1 Occurrence2.37.0
Apache-2.0
pypigoogle-cloud-visionpypi:google-cloud-vision
1 Occurrence3.9.0
Apache-2.0
pypigoogleapis-common-protospypi:googleapis-common-protos
1 Occurrence1.66.0
Apache-2.0
pypigreenletpypi:greenlet
1 Occurrence3.1.1
MIT · MIT AND PSF-2.0 · MIT AND Python-2.0
pypigrpciopypi:grpcio
1 Occurrence1.69.0
Apache-2.0
pypigrpcio-statuspypi:grpcio-status
1 Occurrence1.69.0
Apache-2.0
pypigunicornpypi:gunicorn
1 Occurrence22.0.0
MIT
pypihtml5libpypi:html5lib
1 Occurrence1.1
MIT
pypihttpcorepypi:httpcore
1 Occurrence1.0.7
BSD-3-Clause
pypihttptoolspypi:httptools
1 Occurrence0.6.4
MIT
pypihttpxpypi:httpx
1 Occurrence0.27.2
BSD-3-Clause

This page displays 120 of 261 ordered rows. The machine-readable dossier retains the complete exact projection.

OSV

Related OSV records

GHSA-248m-82v9-q6g6

pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams

1 repository13 Jul 2026
GHSA-248v-346w-9cwc

Certifi removes GLOBALTRUST root certificate

1 repository10 Jun 2026
GHSA-29pf-2h5f-8g72

HuggingFace transformers vulnerable to remote code execution

8 repositories13 Jul 2026
GHSA-2c2j-9gv5-cj73

Starlette has possible denial-of-service vector when parsing large files in multipart forms

4 repositories07 Jul 2026
GHSA-2fqr-mr3j-6wp8

aiohttp: Host-Only Cookies Become Domain Cookies After CookieJar Persistence

9 repositories13 Jul 2026
GHSA-2h4p-vjrc-8xpq

Mako vulnerable to path traversal via backslash URI on Windows in TemplateLookup

5 repositories13 Jul 2026
GHSA-2q4j-m29v-hq73

pypdf has possible Infinite Loop when processing outlines/bookmarks

1 repository07 Jul 2026
GHSA-2rw7-x74f-jg35

pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams

1 repository13 Jul 2026
GHSA-2vrm-gr82-f7m5

AIOHTTP has CRLF injection through multipart part content type header construction

9 repositories13 Jul 2026
GHSA-2wc2-fm75-p42x

Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

4 repositories13 Jul 2026
GHSA-2xpw-w6gg-jr37

urllib3 streaming API improperly handles highly compressed data

13 repositories07 Jul 2026
GHSA-33p9-3p43-82vq

Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

2 repositories07 Jul 2026
GHSA-3749-ghw9-m3mg

PyTorch susceptible to local Denial of Service

3 repositories10 Jun 2026
GHSA-37mw-44qp-f5jm

Transformers is vulnerable to ReDoS attack through its DonutProcessor class

2 repositories07 Jul 2026
GHSA-38jv-5279-wg99

Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)

13 repositories07 Jul 2026
GHSA-3crg-w4f6-42mx

pypdf: Manipulated XMP metadata entity declarations can exhaust RAM

1 repository13 Jul 2026
GHSA-3j69-69wj-xqx2

UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()

5 repositories18 Jul 2026
GHSA-3r9x-f23j-gc73

onnx Vulnerable to Path Traversal via Symlink

1 repository13 Jul 2026
GHSA-3wq7-rqq7-wx6j

AIOHTTP has late size enforcement for non-file multipart fields causes memory DoS

9 repositories13 Jul 2026
GHSA-3x9g-8vmp-wqvf

Tornado: Authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient

6 repositories13 Jul 2026
GHSA-428g-f7cq-pgp5

Marshmallow has DoS in Schema.load(many)

2 repositories07 Jul 2026
GHSA-469j-vmhf-r6v7

NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite

3 repositories13 Jul 2026
GHSA-48p4-8xcf-vxj5

urllib3 does not control redirects in browsers and Node.js

7 repositories07 Jul 2026
GHSA-4f6g-68pf-7vhv

pypdf has possible long runtimes for malformed startxref

1 repository07 Jul 2026
GHSA-4fvr-rgm6-gqmc

aiohttp: HTTP/1 Pipelined Requests Queue Without Limit

9 repositories13 Jul 2026
GHSA-4m7w-qmgq-4wj5

aiohttp: TLS Server Hostname Override Is Ignored When Reusing HTTPS Connections

9 repositories27 Jun 2026
GHSA-4pxv-j86v-mhcw

pypdf: Possible long runtimes for wrong size values in incremental mode

1 repository13 Jul 2026
GHSA-4vvm-4w3v-6mr8

pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character

1 repository13 Jul 2026
GHSA-4w7r-h757-3r74

Hugging Face Transformers vulnerable to Regular Expression Denial of Service (ReDoS) in the AdamWeightDecay optimizer

2 repositories07 Jul 2026
GHSA-4xc4-762w-m6cg

pypdf has possible long runtimes for missing /Root object with large /Size values

1 repository07 Jul 2026
GHSA-4xpc-pv4p-pm3w

LiteLLM: Authentication Bypass via Host Header Injection

4 repositories18 Jul 2026
GHSA-5239-wwwm-4pmq

Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching

13 repositories13 Jul 2026
GHSA-52x6-gq3r-vpf4

pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction

1 repository13 Jul 2026
GHSA-537c-gmf6-5ccf

Vulnerable OpenSSL included in cryptography wheels

7 repositories16 Jun 2026
GHSA-538c-55jv-c5g9

ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.

1 repository13 Jul 2026
GHSA-53mr-6c8q-9789

LiteLLM: Privilege escalation via unrestricted proxy configuration endpoint

4 repositories13 Jul 2026
GHSA-53q9-r3pm-6pq6

PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

1 repository04 Feb 2026
GHSA-54jq-c3m8-4m76

AIOHTTP vulnerable to brute-force leak of internal static file path components

7 repositories07 Jul 2026
GHSA-59g5-xgcq-4qw3

Denial of service (DoS) via deformation `multipart/form-data` boundary

1 repository07 Jul 2026
GHSA-59p9-h35m-wg4g

Hugging Face Transformers is vulnerable to ReDoS through its MarianTokenizer

2 repositories07 Jul 2026
GHSA-5hgr-hg42-57jg

pypdf: Inefficient decoding of FlateDecode PNG predictor streams

1 repository13 Jul 2026
GHSA-5rjg-fvgr-3xxf

setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

2 repositories11 May 2026
GHSA-5rvq-cxj2-64vf

python-multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service

5 repositories13 Jul 2026
GHSA-5xmw-vc9v-4wf2

Pillow has a heap buffer overflow with nested list coordinates

10 repositories13 Jul 2026
GHSA-63hf-3vf5-4wqf

AIOHTTP's C parser (llhttp) accepts null bytes and control characters in response header values - header injection/security bypass

9 repositories16 Jul 2026
GHSA-63hw-fmq6-xxg2

aiohttp: C HTTP Parser Bypasses max_line_size for Fragmented Lines

9 repositories13 Jul 2026
GHSA-63vm-454h-vhhq

pyasn1 has a DoS vulnerability in decoder

7 repositories07 Jul 2026
GHSA-6528-wvf6-f6qg

Pycrypto generates weak key parameters

1 repository19 Oct 2024
Interpretation boundary

Exact identities in, explicit limits out

The collector reads bounded lockfiles, SBOMs and exact double-equals pins at one immutable commit. Version ranges are never resolved by assumption.

Retrieval, parsing, matching and publishing use no generative AI model.

i6eal (2026): Objection management — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/repository/opencode-4112/

Reading this dossier

Does this repository dossier prove deployment?
No. It documents dependencies published at one observed commit, not a deployed environment.
Why are exact versions required?
OSV and registry metadata can be linked reproducibly only to an observed package@version tuple. The collector never substitutes a newest release for a range.
Does a missing row mean the dependency is absent?
No. It means not observed within the bounded files and repository checkpoint. Incomplete trees and parser failures remain explicit.

Need a permanent dependency evidence trail for another public code cohort?

We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.

Discuss a data projectExplore all tools