passEverything is awesome!

Scanned:

pycomposefile

Artifact:

latest

Top 10k

Structured deserialization of Docker Compose files.

License: Permissive (MIT)

Published:

Visit GitHub

See on PyPI

SAFE Assessment

Compliance

Licenses

No license compliance issues

Secrets

No sensitive information found

Security

Vulnerabilities

No known vulnerabilities detected

Hardening

No application hardening issues

Threats

Tampering

No evidence of software tampering

Malware

No evidence of malware inclusion

Popularity

75.1M

Total Downloads

Contributor

Declared Dependencies

Dependents

Top issues

No issues found.

Top behaviors

See all behaviors

Contains unusually long strings.

anomaly

Prevalence in PyPI community

Behavior often found in this community (Common)

51 packages

found in

Top 100

408 packages

found in

Top 1k

2829 packages

found in

Top 10k

106.17k packages

in community

Queries the value of an environment variable.

Prevalence in PyPI community

Behavior often found in this community (Common)

73 packages

found in

Top 100

614 packages

found in

Top 1k

4460 packages

found in

Top 10k

173.79k packages

in community

Reads from files.

file

Prevalence in PyPI community

Behavior often found in this community (Common)

84 packages

found in

Top 100

750 packages

found in

Top 1k

6302 packages

found in

Top 10k

361.29k packages

in community

Imports the "re" module, which provides regular expression matching operations.

execution

Prevalence in PyPI community

Behavior often found in this community (Common)

86 packages

found in

Top 100

713 packages

found in

Top 1k

5448 packages

found in

Top 10k

222.97k packages

in community

Imports the "os" module, which contains miscellaneous operating system interfaces.

execution

Prevalence in PyPI community

Behavior often found in this community (Common)

96 packages

found in

Top 100

821 packages

found in

Top 1k

6994 packages

found in

Top 10k

450.45k packages

in community

Top vulnerabilities

No vulnerabilities found.

FAQ for pycomposefile

What is pycomposefile?

Structured deserialization of Docker Compose files.

Is pycomposefile malicious or is it safe to use?

The Python package pycomposefile was scanned for malware, software tampering, risky behaviors, exposed secrets and known vulnerabilities. No risks were detected, therefore, this version of the package is currently considered as safe to use.

Is pycomposefile popular?

The Python package pycomposefile ranks among the top 10000 projects in this community. It has 75M recorded downloads. A package's popularity is not a good indicator of its safety, visit the SAFE Assessment section to see the full analysis of package deployment risk categories.

How do I secure pycomposefile once it is in my app?

Since we can't know when or where malicious attacks will happen, we recommend tracking how pycomposefile behaviors change over multiple software releases. By adopting differential analysis in your release process, you can detect unexpected changes to a pycomposefile version, which can prevent advanced software supply chain attacks. Read how our technology can help prevent future attacks similar to SolarWinds and 3CX.

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.