← Back to the AI Dependency AtlasExact repository supply-chain dossier

photovoltaic_systems

uba-ki-lab/photovoltaic_systems
pypi

This dossier retains 99 exact component occurrences from 2 published evidence files at one immutable repository commit.

opencode:5201d0ec9137f298project ID + commit SHA + exact evidence path

Published dependency evidence does not prove deployment, productive use, procurement or runtime reachability.

project ID + commit SHA + exact evidence path
99exact component occurrences
98package identities
2evidence files
77OSV records returned
Exact published evidence

Files that resolve this repository’s dependencies

Every file remains tied to the observed commit. A parse error stays visible and never becomes a zero.

Evidence pathrequirements.txt
Format
exact-manifest-pin
Parser state
parsed
Resolved components
1
Open exact source ↗
Evidence pathsbom.jsonsha256:96f1a2a325045c8cc77018c4e6ddb5eee3755657b446c27c42dc724c0bcc6365
Format
sbom-json
Parser state
parsed
Resolved components
98
Open exact source ↗
Observed relations

Package identities at this commit

pypiPyTorchpypi:torch
1 Occurrence2.7.0
BSD-3-Clause23 OSV records returned
pypiOpenCVpypi:opencv-python
1 Occurrence4.11.0.86
Apache-2.0
pypiscikit-learnpypi:scikit-learn
2 Occurrences1.6.1
BSD-3-Clause · non-standard
pypipillowpypi:pillow
1 Occurrence11.2.1
HPND · MIT-CMU15 OSV records returned
pypiurllib3pypi:urllib3
1 Occurrence2.4.0
MIT7 OSV records returned
pypipippypi:pip
1 Occurrence25.1.1
MIT6 OSV records returned
pypijinja2pypi:jinja2
1 Occurrence3.1.6
BSD-3-Clause · non-standard4 OSV records returned
pypiujsonpypi:ujson
1 Occurrence5.10.0
BSD-3-Clause · BSD-3-Clause AND TCL · TCL4 OSV records returned
pypirequestspypi:requests
1 Occurrence2.32.3
Apache-2.03 OSV records returned
pypisetuptoolspypi:setuptools
1 Occurrence80.8.0
MIT3 OSV records returned
pypifilelockpypi:filelock
1 Occurrence3.18.0
MIT · Unlicense2 OSV records returned
pypisoupsievepypi:soupsieve
1 Occurrence2.7
MIT2 OSV records returned
pypicertifipypi:certifi
1 Occurrence2025.4.26
MPL-2.01 OSV record returned
pypiclickpypi:click
1 Occurrence8.2.1
BSD-3-Clause · non-standard1 OSV record returned
pypifonttoolspypi:fonttools
1 Occurrence4.58.0
MIT1 OSV record returned
pypigeopandaspypi:geopandas
1 Occurrence1.0.1
BSD-3-Clause1 OSV record returned
pypiidnapypi:idna
1 Occurrence3.10
BSD-3-Clause · non-standard1 OSV record returned
pypilxmlpypi:lxml
1 Occurrence5.4.0
BSD-3-Clause1 OSV record returned
pypipyarrowpypi:pyarrow
1 Occurrence20.0.0
Apache-2.0 · non-standard1 OSV record returned
pypitqdmpypi:tqdm
1 Occurrence4.67.1
MIT AND MPL-2.01 OSV record returned
pypiaffinepypi:affine
1 Occurrence2.4.0
non-standard
pypiarrowpypi:arrow
1 Occurrence1.3.0
non-standard
pypiattrspypi:attrs
1 Occurrence25.3.0
MIT
pypibeautifulsoup4pypi:beautifulsoup4
1 Occurrence4.13.4
MIT
pypiboolean-pypypi:boolean-py
1 Occurrence5.0
BSD-2-Clause
pypichardetpypi:chardet
1 Occurrence5.2.0
0BSD · non-standard
pypicharset-normalizerpypi:charset-normalizer
1 Occurrence3.4.2
MIT
pypiclick-pluginspypi:click-plugins
1 Occurrence1.1.1
non-standard
pypicligjpypi:cligj
1 Occurrence0.7.2
non-standard
pypicontourpypypi:contourpy
1 Occurrence1.3.2
non-standard
pypicyclerpypi:cycler
1 Occurrence0.12.1
non-standard
pypicyclonedx-bompypi:cyclonedx-bom
1 Occurrence6.1.1
Apache-2.0
pypicyclonedx-python-libpypi:cyclonedx-python-lib
1 Occurrence10.0.1
Apache-2.0
pypidefusedxmlpypi:defusedxml
1 Occurrence0.7.1
non-standard
pypifqdnpypi:fqdn
1 Occurrence1.5.1
non-standard
pypifsspecpypi:fsspec
1 Occurrence2025.5.0
BSD-3-Clause · non-standard
pypigeojsonpypi:geojson
1 Occurrence3.2.0
non-standard
pypiisodurationpypi:isoduration
1 Occurrence20.11.0
ISC
pypijoblibpypi:joblib
1 Occurrence1.5.0
BSD-3-Clause
pypijsonpointerpypi:jsonpointer
1 Occurrence3.0.0
non-standard
pypijsonschemapypi:jsonschema
1 Occurrence4.23.0
MIT
pypijsonschema-specificationspypi:jsonschema-specifications
1 Occurrence2025.4.1
MIT
pypikiwisolverpypi:kiwisolver
1 Occurrence1.4.8
non-standard
pypikneedpypi:kneed
1 Occurrence0.8.5
Not reported
pypilicense-expressionpypi:license-expression
1 Occurrence30.4.1
Apache-2.0
pypimarkupsafepypi:markupsafe
1 Occurrence3.0.2
BSD-3-Clause · non-standard
pypimatplotlibpypi:matplotlib
1 Occurrence3.10.3
non-standard
pypimpmathpypi:mpmath
1 Occurrence1.3.0
non-standard
pypinetworkxpypi:networkx
1 Occurrence3.4.2
BSD-3-Clause · non-standard
pypinumpypypi:numpy
1 Occurrence2.2.6
0BSD AND BSD-3-Clause AND CC0-1.0 AND MIT AND Zlib · non-standard
pypinvidia-cublas-cu12pypi:nvidia-cublas-cu12
1 Occurrence12.6.4.1
non-standard
pypinvidia-cuda-cupti-cu12pypi:nvidia-cuda-cupti-cu12
1 Occurrence12.6.80
non-standard
pypinvidia-cuda-nvrtc-cu12pypi:nvidia-cuda-nvrtc-cu12
1 Occurrence12.6.77
non-standard
pypinvidia-cuda-runtime-cu12pypi:nvidia-cuda-runtime-cu12
1 Occurrence12.6.77
non-standard
pypinvidia-cudnn-cu12pypi:nvidia-cudnn-cu12
1 Occurrence9.5.1.17
non-standard
pypinvidia-cufft-cu12pypi:nvidia-cufft-cu12
1 Occurrence11.3.0.4
non-standard
pypinvidia-cufile-cu12pypi:nvidia-cufile-cu12
1 Occurrence1.11.1.6
non-standard
pypinvidia-curand-cu12pypi:nvidia-curand-cu12
1 Occurrence10.3.7.77
non-standard
pypinvidia-cusolver-cu12pypi:nvidia-cusolver-cu12
1 Occurrence11.7.1.2
non-standard
pypinvidia-cusparse-cu12pypi:nvidia-cusparse-cu12
1 Occurrence12.5.4.2
non-standard
pypinvidia-cusparselt-cu12pypi:nvidia-cusparselt-cu12
1 Occurrence0.6.3
non-standard
pypinvidia-nccl-cu12pypi:nvidia-nccl-cu12
1 Occurrence2.26.2
BSD-3-Clause · non-standard
pypinvidia-nvjitlink-cu12pypi:nvidia-nvjitlink-cu12
1 Occurrence12.6.85
non-standard
pypinvidia-nvtx-cu12pypi:nvidia-nvtx-cu12
1 Occurrence12.6.77
Apache-2.0 · non-standard
pypiosmpythontoolspypi:osmpythontools
1 Occurrence0.3.5
GPL-3.0
pypipackageurl-pythonpypi:packageurl-python
1 Occurrence0.16.0
MIT
pypipackagingpypi:packaging
1 Occurrence25.0
Apache-2.0 OR BSD-2-Clause · non-standard
pypipandaspypi:pandas
1 Occurrence2.2.3
non-standard
pypipip-requirements-parserpypi:pip-requirements-parser
1 Occurrence32.0.1
MIT
pypipy-serializablepypi:py-serializable
1 Occurrence2.0.0
Apache-2.0
pypipyogriopypi:pyogrio
1 Occurrence0.11.0
non-standard
pypipyparsingpypi:pyparsing
1 Occurrence3.2.3
MIT
pypipyprojpypi:pyproj
1 Occurrence3.7.1
MIT
pypipython-dateutilpypi:python-dateutil
1 Occurrence2.9.0.post0
non-standard
pypipytzpypi:pytz
1 Occurrence2025.2
MIT
pypipyyamlpypi:pyyaml
1 Occurrence6.0.2
MIT
pypirasteriopypi:rasterio
1 Occurrence1.4.3
BSD-3-Clause · non-standard
pypireferencingpypi:referencing
1 Occurrence0.36.2
MIT
pypirfc3339-validatorpypi:rfc3339-validator
1 Occurrence0.1.4
MIT
pypirfc3987pypi:rfc3987
1 Occurrence1.3.8
non-standard
pypirpds-pypypi:rpds-py
1 Occurrence0.25.0
MIT
pypiscipypypi:scipy
1 Occurrence1.15.3
non-standard
pypisegment-anythingpypi:segment-anything
1 Occurrence1.0
Apache-2.0
pypishapelypypi:shapely
1 Occurrence2.1.1
BSD-3-Clause
pypisixpypi:six
1 Occurrence1.17.0
MIT
pypisortedcontainerspypi:sortedcontainers
1 Occurrence2.4.0
Apache-2.0
pypisupervisionpypi:supervision
1 Occurrence0.25.1
MIT
pypisympypypi:sympy
1 Occurrence1.14.0
non-standard
pypithreadpoolctlpypi:threadpoolctl
1 Occurrence3.6.0
BSD-3-Clause
pypitomlipypi:tomli
1 Occurrence2.2.1
MIT
pypitorchvisionpypi:torchvision
1 Occurrence0.22.0
non-standard
pypitritonpypi:triton
1 Occurrence3.3.0
MIT
pypitypes-python-dateutilpypi:types-python-dateutil
1 Occurrence2.9.0.20250516
Apache-2.0
pypityping-extensionspypi:typing-extensions
1 Occurrence4.13.2
PSF-2.0 · non-standard
pypitzdatapypi:tzdata
1 Occurrence2025.2
Apache-2.0
pypiuri-templatepypi:uri-template
1 Occurrence1.3.0
MIT
pypiwebcolorspypi:webcolors
1 Occurrence24.11.1
BSD-3-Clause
pypixarraypypi:xarray
1 Occurrence2025.4.0
Apache-2.0
OSV

Related OSV records

GHSA-248v-346w-9cwc

Certifi removes GLOBALTRUST root certificate

1 repository10 Jun 2026
GHSA-2wc2-fm75-p42x

Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

4 repositories13 Jul 2026
GHSA-2xpw-w6gg-jr37

urllib3 streaming API improperly handles highly compressed data

13 repositories07 Jul 2026
GHSA-3749-ghw9-m3mg

PyTorch susceptible to local Denial of Service

3 repositories10 Jun 2026
GHSA-38jv-5279-wg99

Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)

13 repositories07 Jul 2026
GHSA-3j69-69wj-xqx2

UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()

5 repositories18 Jul 2026
GHSA-48p4-8xcf-vxj5

urllib3 does not control redirects in browsers and Node.js

7 repositories07 Jul 2026
GHSA-4xh5-x5gv-qwph

pip's fallback tar extraction doesn't check symbolic links point to extraction directory

3 repositories07 Jul 2026
GHSA-53q9-r3pm-6pq6

PyTorch: `torch.load` with `weights_only=True` leads to remote code execution

1 repository04 Feb 2026
GHSA-58qw-9mgm-455v

pip has an interpretation conflict due to handling both concatenated tar and ZIP files as ZIP files

3 repositories13 Jul 2026
GHSA-5rjg-fvgr-3xxf

setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

2 repositories11 May 2026
GHSA-5xmw-vc9v-4wf2

Pillow has a heap buffer overflow with nested list coordinates

10 repositories13 Jul 2026
GHSA-6497-prx7-gpmq

geopandas SQL Injection Vulnerability in to_postgis() Allows Information Disclosure

1 repository10 Jun 2026
GHSA-65pc-fj4g-8rjx

Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

17 repositories08 Jul 2026
GHSA-6vgw-5pg2-w6jp

pip Path Traversal vulnerability

3 repositories07 Jul 2026
GHSA-768j-98cg-p3fv

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

6 repositories07 Jul 2026
GHSA-836r-79rf-4m37

Soup Sieve: Regular Expression Denial of Service (ReDoS) via Selector Parser

4 repositories13 Jul 2026
GHSA-887c-mr87-cxwp

PyTorch Improper Resource Shutdown or Release vulnerability

7 repositories14 Jul 2026
GHSA-9hjg-9r4m-mvj7

Requests vulnerable to .netrc credentials leak via malicious URLs

7 repositories07 Jul 2026
GHSA-9wx4-h78v-vm56

Requests `Session` object does not verify requests after making first request with verify=False

1 repository07 Jul 2026
GHSA-c38f-wx89-p2xg

UltraJSON has a Memory Leak in ujson.dump() on Write Failure

5 repositories13 Jul 2026
GHSA-c678-jfcj-6jmf

PyTorch Tuple Handler is Vulnerable to Memory Corruption through Manipulation of None Argument

2 repositories09 Jun 2026
GHSA-c8rr-9gxc-jprv

UltraJSON has an integer overflow handling large indent leads to buffer overflow or infinite loop

4 repositories13 Jul 2026
GHSA-cfh3-3jmp-rvhc

Pillow affected by out-of-bounds write when loading PSD images

12 repositories13 Jul 2026
GHSA-cpwx-vrp4-4pq7

Jinja2 vulnerable to sandbox breakout through attr filter selecting format method

2 repositories07 Jul 2026
GHSA-cx63-2mw6-8hw5

setuptools vulnerable to Command Injection via package URL

1 repository07 Jul 2026
GHSA-f4hp-rmr7-r7v8

PyTorch is Vulnerable to Memory Consumption through pad_packed_sequence Function

2 repositories10 Jun 2026
GHSA-g7vv-2v7x-gj9p

tqdm CLI arguments injection attack

1 repository07 Jul 2026
GHSA-gc5v-m9x4-r6x2

Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function

15 repositories13 Jul 2026
GHSA-gm62-xv2j-4w53

urllib3 allows an unbounded number of links in the decompression chain

13 repositories07 Jul 2026
GHSA-gmj6-6f8f-6699

Jinja has a sandbox breakout through malicious filenames

1 repository07 Jul 2026
GHSA-h75v-3vvj-5mfj

Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

1 repository07 Jul 2026
GHSA-jp4c-xjxw-mgf9

pip Vulnerable to Inclusion of Functionality from Untrusted Control Sphere

3 repositories13 Jul 2026
GHSA-mf9v-mfxr-j63j

urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

3 repositories08 Jun 2026
GHSA-mq26-g339-26xf

Command Injection in pip when used with Mercurial

1 repository10 Jun 2026
GHSA-pq67-6m6q-mj2v

urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation

7 repositories07 Jul 2026
GHSA-pwv6-vv43-88gr

Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)

13 repositories13 Jul 2026
GHSA-q2x7-8rv6-6q7h

Jinja has a sandbox breakout through indirect reference to format method

1 repository07 Jul 2026
GHSA-qccp-gfcp-xxvc

urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

15 repositories20 May 2026
GHSA-qfhq-4f3w-5fph

PyTorch is vulnerable to memory corruption through its torch.lstm_cell function

9 repositories10 Jun 2026
GHSA-qmgc-5h2g-mvrw

filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock

10 repositories07 Jul 2026
GHSA-r73j-pqj5-w3x7

Pillow has a PDF Parsing Trailer Infinite Loop (DoS)

13 repositories13 Jul 2026
GHSA-rgxp-2hwp-jwgg

Apache Arrow: Potential use-after-free when reading IPC file with pre-buffering

10 repositories12 Jun 2026
GHSA-rrmf-rvhw-rf47

PyTorch is vulnerable to memory corruption through its torch.jit.script function

10 repositories17 Jul 2026
GHSA-vfmq-68hx-4jfw

lxml: Default configuration of iterparse() and ETCompatXMLParser() allows XXE to local files

5 repositories06 Jun 2026
GHSA-vgrw-7cvw-pwgx

PyTorch is vulnerable to memory corruption through its unpack_sequence function

8 repositories10 Jun 2026
GHSA-w853-jp5j-5j7f

filelock has a TOCTOU race condition which allows symlink attacks during lock file creation

10 repositories07 Jul 2026
GHSA-wf93-45jw-7689

pip: Path traversal in console_scripts/gui_scripts entry point names allows installing scripts outside of target directory

3 repositories14 Jul 2026
Interpretation boundary

Exact identities in, explicit limits out

The collector reads bounded lockfiles, SBOMs and exact double-equals pins at one immutable commit. Version ranges are never resolved by assumption.

Retrieval, parsing, matching and publishing use no generative AI model.

i6eal (2026): photovoltaic_systems — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/repository/opencode-5201/

Reading this dossier

Does this repository dossier prove deployment?
No. It documents dependencies published at one observed commit, not a deployed environment.
Why are exact versions required?
OSV and registry metadata can be linked reproducibly only to an observed package@version tuple. The collector never substitutes a newest release for a range.
Does a missing row mean the dependency is absent?
No. It means not observed within the bounded files and repository checkpoint. Incomplete trees and parser failures remain explicit.

Need a permanent dependency evidence trail for another public code cohort?

We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.

Discuss a data projectExplore all tools