← Back to the AI Dependency AtlasExact repository supply-chain dossier

Energieautarkes Wohnquartier - Backend

energieautarkes-wohnquartier/backend
pypi

This dossier retains 81 exact component occurrences from 1 published evidence files at one immutable repository commit.

opencode:6174fc7e24cd5464project ID + commit SHA + exact evidence path

Published dependency evidence does not prove deployment, productive use, procurement or runtime reachability.

project ID + commit SHA + exact evidence path
81exact component occurrences
81package identities
1evidence file
63OSV records returned
Exact published evidence

Files that resolve this repository’s dependencies

Every file remains tied to the observed commit. A parse error stays visible and never becomes a zero.

Evidence pathpoetry.locksha256:6876a231ced00a8d5ac3f1a8fa53fd89e79d737091ef2925e25665b04e92e693
Format
poetry-lock
Parser state
parsed
Resolved components
81
Open exact source ↗
Observed relations

Package identities at this commit

pypiscikit-learnpypi:scikit-learn
1 Occurrence1.6.1
BSD-3-Clause · non-standard
pypiTensorFlowpypi:tensorflow
1 Occurrence2.19.0
Apache-2.0
pypipillowpypi:pillow
1 Occurrence11.2.1
HPND · MIT-CMU15 OSV records returned
pypikeraspypi:keras
1 Occurrence3.9.2
Apache-2.09 OSV records returned
pypiurllib3pypi:urllib3
1 Occurrence2.4.0
MIT7 OSV records returned
pypiwerkzeugpypi:werkzeug
1 Occurrence3.1.3
BSD-3-Clause · non-standard6 OSV records returned
pypiflask-corspypi:flask-cors
1 Occurrence5.0.1
MIT5 OSV records returned
pypijinja2pypi:jinja2
1 Occurrence3.1.6
BSD-3-Clause · non-standard4 OSV records returned
pypirequestspypi:requests
1 Occurrence2.32.3
Apache-2.03 OSV records returned
pypisetuptoolspypi:setuptools
1 Occurrence80.4.0
MIT3 OSV records returned
pypiprotobufpypi:protobuf
1 Occurrence5.29.4
BSD-3-Clause2 OSV records returned
pypicertifipypi:certifi
1 Occurrence2025.4.26
MPL-2.01 OSV record returned
pypiclickpypi:click
1 Occurrence8.2.0
BSD-3-Clause · non-standard1 OSV record returned
pypiflaskpypi:flask
1 Occurrence3.1.1
BSD-3-Clause · non-standard1 OSV record returned
pypifonttoolspypi:fonttools
1 Occurrence4.58.0
MIT1 OSV record returned
pypiidnapypi:idna
1 Occurrence3.10
BSD-3-Clause · non-standard1 OSV record returned
pypimarkdownpypi:markdown
1 Occurrence3.8
BSD-3-Clause1 OSV record returned
pypipygmentspypi:pygments
1 Occurrence2.19.1
BSD-2-Clause1 OSV record returned
pypipython-dotenvpypi:python-dotenv
1 Occurrence1.1.0
BSD-3-Clause1 OSV record returned
pypiwheelpypi:wheel
1 Occurrence0.45.1
MIT1 OSV record returned
pypiabsl-pypypi:absl-py
1 Occurrence2.2.2
Apache-2.0
pypiastunparsepypi:astunparse
1 Occurrence1.6.3
non-standard
pypiblinkerpypi:blinker
1 Occurrence1.9.0
MIT
pypicharset-normalizerpypi:charset-normalizer
1 Occurrence3.4.2
MIT
pypicoloramapypi:colorama
1 Occurrence0.4.6
non-standard
pypicompress-jsonpypi:compress-json
1 Occurrence1.1.1
MIT
pypicontourpypypi:contourpy
1 Occurrence1.3.2
non-standard
pypicyclerpypi:cycler
1 Occurrence0.12.1
non-standard
pypiflatbufferspypi:flatbuffers
1 Occurrence25.2.10
Apache-2.0
pypigastpypi:gast
1 Occurrence0.6.0
BSD-3-Clause
pypigoogle-pastapypi:google-pasta
1 Occurrence0.2.0
Apache-2.0
pypigrpciopypi:grpcio
1 Occurrence1.71.0
Apache-2.0
pypigunicornpypi:gunicorn
1 Occurrence23.0.0
MIT
pypih5pypypi:h5py
1 Occurrence3.13.0
BSD-3-Clause
pypiitsdangerouspypi:itsdangerous
1 Occurrence2.2.0
BSD-3-Clause · non-standard
pypijoblibpypi:joblib
1 Occurrence1.5.0
BSD-3-Clause
pypikiwisolverpypi:kiwisolver
1 Occurrence1.4.8
non-standard
pypilibclangpypi:libclang
1 Occurrence18.1.1
Apache-2.0
pypimarkdown-it-pypypi:markdown-it-py
1 Occurrence3.0.0
MIT
pypimarkupsafepypi:markupsafe
1 Occurrence3.0.2
BSD-3-Clause · non-standard
pypimatplotlibpypi:matplotlib
1 Occurrence3.10.3
non-standard
pypimdurlpypi:mdurl
1 Occurrence0.1.2
MIT
pypiml-dtypespypi:ml-dtypes
1 Occurrence0.5.1
non-standard
pypinamexpypi:namex
1 Occurrence0.0.9
Not reported
pypinumpypypi:numpy
1 Occurrence2.1.3
0BSD AND BSD-3-Clause AND CC0-1.0 AND MIT AND Zlib · non-standard
pypinvidia-cublas-cu12pypi:nvidia-cublas-cu12
1 Occurrence12.5.3.2
non-standard
pypinvidia-cuda-cupti-cu12pypi:nvidia-cuda-cupti-cu12
1 Occurrence12.5.82
non-standard
pypinvidia-cuda-nvcc-cu12pypi:nvidia-cuda-nvcc-cu12
1 Occurrence12.5.82
non-standard
pypinvidia-cuda-nvrtc-cu12pypi:nvidia-cuda-nvrtc-cu12
1 Occurrence12.5.82
non-standard
pypinvidia-cuda-runtime-cu12pypi:nvidia-cuda-runtime-cu12
1 Occurrence12.5.82
non-standard
pypinvidia-cudnn-cu12pypi:nvidia-cudnn-cu12
1 Occurrence9.3.0.75
non-standard
pypinvidia-cufft-cu12pypi:nvidia-cufft-cu12
1 Occurrence11.2.3.61
non-standard
pypinvidia-curand-cu12pypi:nvidia-curand-cu12
1 Occurrence10.3.6.82
non-standard
pypinvidia-cusolver-cu12pypi:nvidia-cusolver-cu12
1 Occurrence11.6.3.83
non-standard
pypinvidia-cusparse-cu12pypi:nvidia-cusparse-cu12
1 Occurrence12.5.1.3
non-standard
pypinvidia-nccl-cu12pypi:nvidia-nccl-cu12
1 Occurrence2.23.4
BSD-3-Clause · non-standard
pypinvidia-nvjitlink-cu12pypi:nvidia-nvjitlink-cu12
1 Occurrence12.5.82
non-standard
pypiopt-einsumpypi:opt-einsum
1 Occurrence3.4.0
MIT
pypioptreepypi:optree
1 Occurrence0.15.0
Apache-2.0
pypipackagingpypi:packaging
1 Occurrence25.0
Apache-2.0 OR BSD-2-Clause · non-standard
pypipandaspypi:pandas
1 Occurrence2.2.3
non-standard
pypiplot-keras-historypypi:plot-keras-history
1 Occurrence1.1.39
MIT
pypipsutilpypi:psutil
1 Occurrence7.0.0
BSD-3-Clause
pypipyparsingpypi:pyparsing
1 Occurrence3.2.3
MIT
pypipython-dateutilpypi:python-dateutil
1 Occurrence2.9.0.post0
non-standard
pypipython-magicpypi:python-magic
1 Occurrence0.4.27
MIT
pypipytzpypi:pytz
1 Occurrence2025.2
MIT
pypirichpypi:rich
1 Occurrence14.0.0
MIT
pypiruffpypi:ruff
1 Occurrence0.11.10
MIT
pypisanitize-ml-labelspypi:sanitize-ml-labels
1 Occurrence1.1.4
MIT
pypiscipypypi:scipy
1 Occurrence1.15.3
non-standard
pypisixpypi:six
1 Occurrence1.17.0
MIT
pypitabulatepypi:tabulate
1 Occurrence0.9.0
MIT
pypitensorboardpypi:tensorboard
1 Occurrence2.19.0
Apache-2.0
pypitensorboard-data-serverpypi:tensorboard-data-server
1 Occurrence0.7.2
Apache-2.0
pypitensorflow-io-gcs-filesystempypi:tensorflow-io-gcs-filesystem
1 Occurrence0.37.1
Apache-2.0
pypitermcolorpypi:termcolor
1 Occurrence3.1.0
MIT
pypithreadpoolctlpypi:threadpoolctl
1 Occurrence3.6.0
BSD-3-Clause
pypityping-extensionspypi:typing-extensions
1 Occurrence4.13.2
PSF-2.0 · non-standard
pypitzdatapypi:tzdata
1 Occurrence2025.2
Apache-2.0
pypiwraptpypi:wrapt
1 Occurrence1.17.2
non-standard
OSV

Related OSV records

GHSA-248v-346w-9cwc

Certifi removes GLOBALTRUST root certificate

1 repository10 Jun 2026
GHSA-29vq-49wr-vm6x

Werkzeug safe_join() allows Windows special device names

6 repositories13 Jul 2026
GHSA-2g68-c3qc-8985

Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain

1 repository07 Jul 2026
GHSA-2xpw-w6gg-jr37

urllib3 streaming API improperly handles highly compressed data

13 repositories07 Jul 2026
GHSA-36fq-jgmw-4r9c

Keras is vulnerable to Deserialization of Untrusted Data

1 repository16 Jul 2026
GHSA-36rr-ww3j-vrjv

The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded.

1 repository06 Jun 2026
GHSA-38jv-5279-wg99

Decompression-bomb safeguards bypassed when following HTTP redirects (streaming API)

13 repositories07 Jul 2026
GHSA-3m4q-jmj6-r34q

Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading

1 repository13 Jul 2026
GHSA-43qf-4rqw-9q2g

Flask-CORS vulnerable to Improper Handling of Case Sensitivity

2 repositories07 Jul 2026
GHSA-48p4-8xcf-vxj5

urllib3 does not control redirects in browsers and Node.js

7 repositories07 Jul 2026
GHSA-4f3f-g24h-fr8m

Keras has an untrusted deserialization vulnerability

1 repository13 Jul 2026
GHSA-5239-wwwm-4pmq

Pygments has Regular Expression Denial of Service (ReDoS) due to Inefficient Regex for GUID Matching

13 repositories13 Jul 2026
GHSA-5rjg-fvgr-3xxf

setuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File Write

2 repositories11 May 2026
GHSA-5wmx-573v-2qwq

Python-Markdown has an Uncaught Exception

2 repositories10 Jun 2026
GHSA-5xmw-vc9v-4wf2

Pillow has a heap buffer overflow with nested list coordinates

10 repositories13 Jul 2026
GHSA-65pc-fj4g-8rjx

Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

17 repositories08 Jul 2026
GHSA-68rp-wp8r-4726

Flask session does not add `Vary: Cookie` header when accessed in some ways

6 repositories13 Jul 2026
GHSA-768j-98cg-p3fv

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

6 repositories07 Jul 2026
GHSA-7gcm-g887-7qv7

protobuf affected by a JSON recursion depth bypass

10 repositories07 Jul 2026
GHSA-7rxf-gvfg-47g4

Flask-CORS improper regex path matching vulnerability

2 repositories07 Jul 2026
GHSA-84pr-m4jr-85g5

flask-cors vulnerable to log injection when the log level is set to debug

1 repository10 Jun 2026
GHSA-87hc-h4r5-73f7

Werkzeug safe_join() allows Windows special device names with compound extensions

5 repositories07 Jul 2026
GHSA-8qvm-5x2c-j2w7

protobuf-python has a potential Denial of Service issue

3 repositories07 Jul 2026
GHSA-8rrh-rw8j-w5fx

Wheel Affected by Arbitrary File Permission Modification via Path Traversal in wheel unpack

2 repositories07 Jul 2026
GHSA-8vgw-p6qm-5gr7

Flask-CORS allows for inconsistent CORS matching

2 repositories07 Jul 2026
GHSA-9hjg-9r4m-mvj7

Requests vulnerable to .netrc credentials leak via malicious URLs

7 repositories07 Jul 2026
GHSA-9wx4-h78v-vm56

Requests `Session` object does not verify requests after making first request with verify=False

1 repository07 Jul 2026
GHSA-c9rc-mg46-23w3

Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality

1 repository29 May 2026
GHSA-cfh3-3jmp-rvhc

Pillow affected by out-of-bounds write when loading PSD images

12 repositories13 Jul 2026
GHSA-cpwx-vrp4-4pq7

Jinja2 vulnerable to sandbox breakout through attr filter selecting format method

2 repositories07 Jul 2026
GHSA-cx63-2mw6-8hw5

setuptools vulnerable to Command Injection via package URL

1 repository07 Jul 2026
GHSA-f9vj-2wh5-fj8j

Werkzeug safe_join not safe on Windows

1 repository07 Jul 2026
GHSA-gc5v-m9x4-r6x2

Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function

15 repositories13 Jul 2026
GHSA-gm62-xv2j-4w53

urllib3 allows an unbounded number of links in the decompression chain

13 repositories07 Jul 2026
GHSA-gmj6-6f8f-6699

Jinja has a sandbox breakout through malicious filenames

1 repository07 Jul 2026
GHSA-h75v-3vvj-5mfj

Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter

1 repository07 Jul 2026
GHSA-hgf8-39gv-g3f2

Werkzeug safe_join() allows Windows special device names

5 repositories07 Jul 2026
GHSA-hjqc-jx6g-rwp9

Keras Directory Traversal Vulnerability

1 repository07 Jul 2026
GHSA-hxwh-jpp2-84pm

Flask-CORS allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default

1 repository09 Jul 2026
GHSA-mf9v-mfxr-j63j

urllib3: Decompression-bomb safeguards bypassed in parts of the streaming API

3 repositories08 Jun 2026
GHSA-mf9w-mj56-hr94

python-dotenv: Symlink following in set_key allows arbitrary file overwrite via cross-device rename fallback

11 repositories13 Jul 2026
GHSA-mgx6-5cf9-rr43

Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor)

1 repository26 Jun 2026
GHSA-mq84-hjqx-cwf2

Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery

1 repository07 Jul 2026
GHSA-pq67-6m6q-mj2v

urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation

7 repositories07 Jul 2026
GHSA-pwv6-vv43-88gr

Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)

13 repositories13 Jul 2026
GHSA-q2x7-8rv6-6q7h

Jinja has a sandbox breakout through indirect reference to format method

1 repository07 Jul 2026
GHSA-q34m-jh98-gwm2

Werkzeug possible resource exhaustion when parsing file data in forms

1 repository13 Jul 2026
GHSA-qccp-gfcp-xxvc

urllib3: Sensitive headers forwarded across origins in proxied low-level redirects

15 repositories20 May 2026
Interpretation boundary

Exact identities in, explicit limits out

The collector reads bounded lockfiles, SBOMs and exact double-equals pins at one immutable commit. Version ranges are never resolved by assumption.

Retrieval, parsing, matching and publishing use no generative AI model.

i6eal (2026): Energieautarkes Wohnquartier - Backend — exact AI dependency evidence dossier, data state 19 Jul 2026. https://i6eal.de/en/tools/ki-abhaengigkeitsatlas/repository/opencode-6174/

Reading this dossier

Does this repository dossier prove deployment?
No. It documents dependencies published at one observed commit, not a deployed environment.
Why are exact versions required?
OSV and registry metadata can be linked reproducibly only to an observed package@version tuple. The collector never substitutes a newest release for a range.
Does a missing row mean the dependency is absent?
No. It means not observed within the bounded files and repository checkpoint. Incomplete trees and parser failures remain explicit.

Need a permanent dependency evidence trail for another public code cohort?

We build source-backed data products with stable identities, reproducible joins and boundaries that remain visible.

Discuss a data projectExplore all tools