← Back to the AI Dependency AtlasExact repository supply-chain dossier

strahlenexposition

uba-ki-lab/strahlenexposition
pypi

This dossier retains 324 exact component occurrences from 2 published evidence files at one immutable repository commit.

opencode:51421dd9cd8ca823project ID + commit SHA + exact evidence path

Published dependency evidence does not prove deployment, productive use, procurement or runtime reachability.

project ID + commit SHA + exact evidence path
324exact component occurrences
224package identities
2evidence files
120OSV records returned
Exact published evidence

Files that resolve this repository’s dependencies

Every file remains tied to the observed commit. A parse error stays visible and never becomes a zero.

Evidence pathpoetry.locksha256:c489b7b61f52a098139ff30c50edcca0e32753b4b014f22e0b51d2e97c950433
Format
poetry-lock
Parser state
parsed
Resolved components
102
Open exact source ↗
Evidence pathsbom.jsonsha256:4352d1512c073ad9072f4876774e7e60b4d7287e992b698284e6e3054e972883
Format
sbom-json
Parser state
parsed
Resolved components
222
Open exact source ↗
Observed relations

Package identities at this commit

pypiscikit-learnpypi:scikit-learn
2 Occurrences1.6.1
BSD-3-Clause · non-standard
pypimistunepypi:mistune
1 Occurrence3.1.3
BSD-3-Clause16 OSV records returned
pypipillowpypi:pillow
2 Occurrences11.2.1
HPND · MIT-CMU15 OSV records returned
pypitornadopypi:tornado
1 Occurrence6.4.2
Apache-2.010 OSV records returned
pypijupyter-serverpypi:jupyter-server
1 Occurrence2.15.0
non-standard7 OSV records returned
pypiurllib3pypi:urllib3
2 Occurrences2.4.0
MIT7 OSV records returned
pypicryptographypypi:cryptography
1 Occurrence44.0.0
Apache-2.0 OR BSD-3-Clause6 OSV records returned
pypipippypi:pip
1 Occurrence22.0.2
MIT6 OSV records returned
pypiwerkzeugpypi:werkzeug
2 Occurrences3.0.6
BSD-3-Clause · non-standard6 OSV records returned
pypijupyterlabpypi:jupyterlab
1 Occurrence4.4.0
non-standard5 OSV records returned
pypijinja2pypi:jinja2
2 Occurrences3.1.6
BSD-3-Clause · non-standard4 OSV records returned
pypinbconvertpypi:nbconvert
1 Occurrence7.16.6
non-standard3 OSV records returned
pypinotebookpypi:notebook
1 Occurrence7.0.7
non-standard3 OSV records returned
pypirequestspypi:requests
2 Occurrences2.32.3
Apache-2.03 OSV records returned
pypisetuptoolspypi:setuptools
2 Occurrences80.0.1
MIT3 OSV records returned
pypibleachpypi:bleach
1 Occurrence6.2.0
non-standard2 OSV records returned
pypidulwichpypi:dulwich
1 Occurrence0.22.7
non-standard2 OSV records returned
pypifilelockpypi:filelock
2 Occurrences3.18.0
MIT · Unlicense2 OSV records returned
pypipoetrypypi:poetry
1 Occurrence2.0.1
MIT2 OSV records returned
pypisoupsievepypi:soupsieve
1 Occurrence2.6
MIT2 OSV records returned
pypiweasyprintpypi:weasyprint
2 Occurrences64.1
non-standard2 OSV records returned
pypibrotlipypi:brotli
2 Occurrences1.1.0
MIT1 OSV record returned
pypicertifipypi:certifi
2 Occurrences2025.4.26
MPL-2.01 OSV record returned
pypiclickpypi:click
2 Occurrences8.1.8
BSD-3-Clause · non-standard1 OSV record returned
pypiflaskpypi:flask
2 Occurrences3.0.3
BSD-3-Clause · non-standard1 OSV record returned
pypifonttoolspypi:fonttools
2 Occurrences4.57.0
MIT1 OSV record returned
pypih11pypi:h11
1 Occurrence0.14.0
MIT1 OSV record returned
pypiidnapypi:idna
2 Occurrences3.10
BSD-3-Clause · non-standard1 OSV record returned
pypijaraco-contextpypi:jaraco-context
1 Occurrence6.0.1
MIT1 OSV record returned
pypijupyter-corepypi:jupyter-core
1 Occurrence5.7.2
BSD-3-Clause · non-standard1 OSV record returned
pypilxmlpypi:lxml
1 Occurrence5.4.0
BSD-3-Clause1 OSV record returned
pypimarkdownpypi:markdown
1 Occurrence3.8
BSD-3-Clause1 OSV record returned
pypimsgpackpypi:msgpack
2 Occurrences1.1.0
Apache-2.01 OSV record returned
pypipyarrowpypi:pyarrow
2 Occurrences20.0.0
Apache-2.0 · non-standard1 OSV record returned
pypipygmentspypi:pygments
2 Occurrences2.19.1
BSD-2-Clause1 OSV record returned
pypipytestpypi:pytest
2 Occurrences7.4.4
MIT1 OSV record returned
pypivirtualenvpypi:virtualenv
2 Occurrences20.30.0
MIT1 OSV record returned
pypiaccessible-pygmentspypi:accessible-pygments
1 Occurrence0.0.5
BSD-3-Clause
pypiadjusttextpypi:adjusttext
2 Occurrences1.3.0
MIT
pypialabasterpypi:alabaster
2 Occurrences1.0.0
non-standard
pypianyiopypi:anyio
1 Occurrence4.9.0
MIT
pypiargon2-cffipypi:argon2-cffi
1 Occurrence23.1.0
MIT
pypiargon2-cffi-bindingspypi:argon2-cffi-bindings
1 Occurrence21.2.0
MIT
pypiarrowpypi:arrow
1 Occurrence1.3.0
non-standard
pypiasttokenspypi:asttokens
1 Occurrence3.0.0
Apache-2.0
pypiasync-lrupypi:async-lru
1 Occurrence2.0.5
MIT
pypiattrspypi:attrs
1 Occurrence25.3.0
MIT
pypibabelpypi:babel
2 Occurrences2.17.0
BSD-3-Clause
pypibackports-tarfilepypi:backports-tarfile
1 Occurrence1.2.0
MIT
pypibeautifulsoup4pypi:beautifulsoup4
1 Occurrence4.13.3
MIT
pypiblinkerpypi:blinker
2 Occurrences1.9.0
MIT
pypiboolean-pypypi:boolean-py
1 Occurrence5.0
BSD-2-Clause
pypibrotlicffipypi:brotlicffi
1 Occurrence1.1.0.0
MIT
pypibuildpypi:build
1 Occurrence1.2.2.post1
MIT
pypicachecontrolpypi:cachecontrol
1 Occurrence0.14.2
non-standard
pypicffipypi:cffi
2 Occurrences1.17.1
MIT
pypicfgvpypi:cfgv
2 Occurrences3.4.0
MIT
pypichardetpypi:chardet
1 Occurrence5.2.0
0BSD · non-standard
pypicharset-normalizerpypi:charset-normalizer
2 Occurrences3.4.1
MIT
pypicleopypi:cleo
1 Occurrence2.1.0
MIT
pypicoloramapypi:colorama
1 Occurrence0.4.6
non-standard
pypicommpypi:comm
1 Occurrence0.2.2
non-standard
pypicontourpypypi:contourpy
2 Occurrences1.3.2
non-standard
pypicoveragepypi:coverage
2 Occurrences7.8.0
Apache-2.0
pypicrashtestpypi:crashtest
1 Occurrence0.4.1
MIT
pypicssselect2pypi:cssselect2
2 Occurrences0.8.0
non-standard
pypicyclerpypi:cycler
2 Occurrences0.12.1
non-standard
pypicyclonedx-bompypi:cyclonedx-bom
1 Occurrence6.0.0
Apache-2.0
pypicyclonedx-python-libpypi:cyclonedx-python-lib
1 Occurrence10.0.0
Apache-2.0
pypidashpypi:dash
2 Occurrences2.18.2
MIT
pypidash-ag-gridpypi:dash-ag-grid
2 Occurrences31.3.1
MIT
pypidash-bootstrap-componentspypi:dash-bootstrap-components
2 Occurrences1.7.1
non-standard
pypidash-core-componentspypi:dash-core-components
2 Occurrences2.0.0
MIT
pypidash-html-componentspypi:dash-html-components
2 Occurrences2.0.0
MIT
pypidash-tablepypi:dash-table
2 Occurrences5.0.0
MIT
pypidebugpypypi:debugpy
1 Occurrence1.8.13
MIT
pypidecoratorpypi:decorator
1 Occurrence5.2.1
BSD-2-Clause · non-standard
pypidefusedxmlpypi:defusedxml
1 Occurrence0.7.1
non-standard
pypidistlibpypi:distlib
2 Occurrences0.3.9
PSF-2.0
pypidocutilspypi:docutils
2 Occurrences0.21.2
non-standard
pypiexceptiongrouppypi:exceptiongroup
2 Occurrences1.2.2
MIT
pypiexecutingpypi:executing
1 Occurrence2.2.0
MIT
pypifastexcelpypi:fastexcel
2 Occurrences0.12.1
MIT
pypifastjsonschemapypi:fastjsonschema
1 Occurrence2.21.1
non-standard
pypifpdfpypi:fpdf
1 Occurrence1.7.2
non-standard
pypifqdnpypi:fqdn
1 Occurrence1.5.1
non-standard
pypighp-importpypi:ghp-import
1 Occurrence2.1.0
non-standard
pypihttpcorepypi:httpcore
1 Occurrence1.0.7
BSD-3-Clause
pypihttpxpypi:httpx
1 Occurrence0.28.1
BSD-3-Clause
pypiidentifypypi:identify
2 Occurrences2.6.10
MIT
pypiimagesizepypi:imagesize
2 Occurrences1.4.1
MIT
pypiimportlib-metadatapypi:importlib-metadata
2 Occurrences8.7.0
Apache-2.0 · non-standard
pypiiniconfigpypi:iniconfig
2 Occurrences2.1.0
MIT
pypiinstallerpypi:installer
1 Occurrence0.7.0
MIT
pypiipykernelpypi:ipykernel
1 Occurrence6.29.5
BSD-3-Clause · non-standard
pypiipythonpypi:ipython
1 Occurrence8.34.0
BSD-3-Clause
pypiipywidgetspypi:ipywidgets
1 Occurrence8.1.5
BSD-3-Clause
pypiisodurationpypi:isoduration
1 Occurrence20.11.0
ISC
pypiitsdangerouspypi:itsdangerous
2 Occurrences2.2.0
BSD-3-Clause · non-standard
pypijaraco-classespypi:jaraco-classes
1 Occurrence3.4.0
MIT
pypijaraco-functoolspypi:jaraco-functools
1 Occurrence4.1.0
MIT
pypijedipypi:jedi
1 Occurrence0.19.2
MIT
pypijeepneypypi:jeepney
1 Occurrence0.8.0
MIT
pypijoblibpypi:joblib
2 Occurrences1.4.2
BSD-3-Clause
pypijson5pypi:json5
1 Occurrence0.12.0
non-standard
pypijsonpointerpypi:jsonpointer
1 Occurrence3.0.0
non-standard
pypijsonschemapypi:jsonschema
1 Occurrence4.23.0
MIT
pypijsonschema-specificationspypi:jsonschema-specifications
1 Occurrence2025.4.1
MIT
pypijupyterpypi:jupyter
1 Occurrence1.1.1
non-standard
pypijupyter-clientpypi:jupyter-client
1 Occurrence8.6.3
non-standard
pypijupyter-consolepypi:jupyter-console
1 Occurrence6.6.3
non-standard
pypijupyter-eventspypi:jupyter-events
1 Occurrence0.12.0
non-standard
pypijupyter-lsppypi:jupyter-lsp
1 Occurrence2.2.5
BSD-3-Clause
pypijupyter-server-terminalspypi:jupyter-server-terminals
1 Occurrence0.5.3
non-standard
pypijupyterlab-pygmentspypi:jupyterlab-pygments
1 Occurrence0.3.0
non-standard
pypijupyterlab-serverpypi:jupyterlab-server
1 Occurrence2.27.3
non-standard
pypijupyterlab-widgetspypi:jupyterlab-widgets
1 Occurrence3.0.13
BSD-3-Clause · non-standard
pypikaleidopypi:kaleido
3 Occurrences0.1.0.post1 · 0.2.1
MIT
pypikeyringpypi:keyring
1 Occurrence25.6.0
MIT
pypikiwisolverpypi:kiwisolver
2 Occurrences1.4.8
non-standard

This page displays 120 of 224 ordered rows. The machine-readable dossier retains the complete exact projection.

OSV

Related OSV records

GHSA-248v-346w-9cwc

Certifi removes GLOBALTRUST root certificate

1 repository10 Jun 2026
GHSA-24qx-w28j-9m6p

Jupyter Server has a CORS Origin Validation Bypass via `re.match()` in `allow_origin_pat` (from huntr)

1 repository13 Jul 2026
GHSA-2599-h6xx-hpxp

Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write

1 repository13 Jul 2026
GHSA-29vq-49wr-vm6x

Werkzeug safe_join() allows Windows special device names

6 repositories13 Jul 2026
GHSA-2g68-c3qc-8985

Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain

1 repository07 Jul 2026
GHSA-2qfp-q593-8484

Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation

1 repository13 Jul 2026
GHSA-2wc2-fm75-p42x

Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

4 repositories13 Jul 2026
GHSA-2xpw-w6gg-jr37

urllib3 streaming API improperly handles highly compressed data

13 repositories07 Jul 2026
GHSA-33p9-3p43-82vq

Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

2 repositories07 Jul 2026
GHSA-37w4-hwhx-4rc4

JupyterLab has an Extension Manager API/GUI Policy Discrepancy, allowing 3rd party (malicious) extensions install via POST request

1 repository08 Jun 2026
GHSA-38jv-5279-wg99

Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)

13 repositories07 Jul 2026
GHSA-3x9g-8vmp-wqvf

Tornado: Authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient

6 repositories13 Jul 2026
GHSA-48p4-8xcf-vxj5

urllib3 does not control redirects in browsers and Node.js

7 repositories07 Jul 2026
GHSA-4c99-qj7h-p3vg

nbconvert has an Arbitrary File Write via Path Traversal in Cell Attachment Filenames

1 repository13 Jul 2026
GHSA-4xh5-x5gv-qwph

pip's fallback tar extraction doesn't check symbolic links point to extraction directory

3 repositories07 Jul 2026
GHSA-5239-wwwm-4pmq

Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching

13 repositories13 Jul 2026
GHSA-537c-gmf6-5ccf

Vulnerable OpenSSL included in cryptography wheels

7 repositories16 Jun 2026
GHSA-5789-5fc7-67v3

Jupyter Server: Path Traversal via incorrect startswith() root directory check allows access to sibling directories

1 repository06 Jun 2026
GHSA-58cw-g322-p94v

Mistune has XSS via unescaped figclass/figwidth in Figure directive

1 repository09 Jun 2026
GHSA-58pv-8j8x-9vj2

jaraco.context Has a Path Traversal Vulnerability

1 repository07 Jul 2026
GHSA-58qw-9mgm-455v

pip has an interpretation conflict due to handling both concatenated tar and ZIP files as ZIP files

3 repositories13 Jul 2026
GHSA-597g-3phw-6986

virtualenv Has TOCTOU Vulnerabilities in Directory Creation

6 repositories07 Jul 2026
GHSA-5mrq-x3x5-8v8f

Jupyter Server's Authentication Cookies Remain Valid After Password Reset and Server Restart

1 repository06 Jun 2026
GHSA-5rjg-fvgr-3xxf

setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

2 repositories11 May 2026
GHSA-5wmx-573v-2qwq

Python-Markdown has an Uncaught Exception

2 repositories10 Jun 2026
GHSA-5xmw-vc9v-4wf2

Pillow has a heap buffer overflow with nested list coordinates

10 repositories13 Jul 2026
GHSA-65pc-fj4g-8rjx

Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

17 repositories08 Jul 2026
GHSA-68rp-wp8r-4726

Flask session does not add `Vary: Cookie` header when accessed in some ways

6 repositories13 Jul 2026
GHSA-6v7p-g79w-8964

MessagePack for Python: Out-of-bounds read / crash on Unpacker reuse after a caught error

4 repositories08 Jul 2026
GHSA-6vgw-5pg2-w6jp

pip Path Traversal vulnerability

3 repositories07 Jul 2026
GHSA-6w46-j5rx-g56g

pytest has vulnerable tmpdir handling

6 repositories07 Jul 2026
GHSA-73h3-mf4w-8647

Poetry has Path Traversal in tar extraction on Python 3.10.0 - 3.10.12 and 3.11.0 - 3.11.4

1 repository13 Jul 2026
GHSA-768j-98cg-p3fv

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

6 repositories07 Jul 2026
GHSA-78cv-mqj4-43f7

Tornado has incomplete validation of cookie attributes

6 repositories13 Jul 2026
GHSA-79v4-65xg-pq4g

Vulnerable OpenSSL included in cryptography wheels

3 repositories07 Jul 2026
GHSA-7cx3-6m66-7c5m

Tornado vulnerable to excessive logging caused by malformed multipart form data

2 repositories07 Jul 2026
GHSA-7jqv-fw35-gmx9

nbconvert has an Arbitrary File Read via Path Traversal in HTMLExporter Image Embedding

1 repository13 Jul 2026
GHSA-836r-79rf-4m37

Soup Sieve: Regular Expression Denial of Service (ReDoS) via Selector Parser

4 repositories13 Jul 2026
GHSA-87hc-h4r5-73f7

Werkzeug safe_join() allows Windows special device names with compound extensions

5 repositories07 Jul 2026
GHSA-897w-fcg9-f6xj

Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows

1 repository13 Jul 2026
GHSA-8g87-j6q8-g93x

Mistune Math Plugin has an XSS Escape Bypass

1 repository13 Jul 2026
GHSA-8mp2-v27r-99xp

Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input

1 repository13 Jul 2026
GHSA-8rfp-98v4-mmr6

Bleach: URI sanitization allows disallowed URI schemes with Unicode > U+00A0 in output

1 repository18 Jun 2026
GHSA-983w-rhvv-gwmv

WeasyPrint has a Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect

1 repository07 Jul 2026
GHSA-9hjg-9r4m-mvj7

Requests vulnerable to .netrc credentials leak via malicious URLs

7 repositories07 Jul 2026
GHSA-9q39-rmj3-p4r2

HTML injection in Jupyter Notebook and JupyterLab leading to DOM Clobbering

1 repository13 Jul 2026
GHSA-9wx4-h78v-vm56

Requests `Session` object does not verify requests after making first request with verify=False

1 repository07 Jul 2026
GHSA-cfh3-3jmp-rvhc

Pillow affected by out-of-bounds write when loading PSD images

12 repositories13 Jul 2026
Interpretation boundary

Exact identities in, explicit limits out

The collector reads bounded lockfiles, SBOMs and exact double-equals pins at one immutable commit. Version ranges are never resolved by assumption.

Retrieval, parsing, matching and publishing use no generative AI model.

i6eal (2026): strahlenexposition — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/repository/opencode-5142/

Reading this dossier

Does this repository dossier prove deployment?
No. It documents dependencies published at one observed commit, not a deployed environment.
Why are exact versions required?
OSV and registry metadata can be linked reproducibly only to an observed package@version tuple. The collector never substitutes a newest release for a range.
Does a missing row mean the dependency is absent?
No. It means not observed within the bounded files and repository checkpoint. Incomplete trees and parser failures remain explicit.

Need a permanent dependency evidence trail for another public code cohort?

We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.

Discuss a data projectExplore all tools